How To Deface A Wordpress Site ( Very Easy )

How To Deface A Wordpress Site 
I just figured out how to do this, since I can't hack I thought it was pretty cool. 
What you will need.
A deface page or shell.

What we'll be defacing.

http://129.121.48.202/ 
Lets get started.

1.First go HERE


2.Now make an account, and activate it.

3.Next you want to use the search provided.
Search for this.
Code:
«wp-admin/install.php»

4.You will get a list of servers.


5.Search through them until you find a page that looks like this.


6.Install wordpress.
Now login.


7.Go to the theme editor.

8.Find the index.


9.Now replace the code with your deface page.

10.And click update file.

Now you're done, you just defaced a website.
Sorry we Couldnt Upload any Pictures in this tutorial for some problems...

Also Read: How To HACK Wordpress Websites

If any problem with understanding this tutorial please comment below or contact us @

Read More

Scan Email Addresses and Domains in Kali Linux

What is theHarvester?


TheHarvester has been developed in Python by Christian Martorella. It is a tool which provides us information of about e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key server. In short we Can Say it includes in the list of Information Gathering...!!!

This tool is designed to help the penetration tester on an earlier stage; it is an effective, simple and easy to use. The sources supported are:
--Google - emails, subdomains/hostnames
--Google profiles - Employee names
--Bing search - emails, subdomains/hostnames, virtual hosts
--Pgp servers - emails, subdomains/hostnames
--LinkedIn - Employee names
--Exalead - emails, subdomain/hostnames

New features:

-Time delays between requests
-XML results export
-Search a domain in all sources
-Virtual host verifier


Getting Started:

Go to the Arsenal -] scanning -] web scanner -] theharvester.
In case, if it is not available in your distribution, than you can easily download it from http://code.google.com/p/theharvester/downlaod, where latest version 2.2 is available, simply download it and extract it.
Provide execute permission to the theHarvester.py by [chmod 755 theHavester.py]
After getting in to that, simply run. /theharvester, it will display version and other option that can be used with this tool with detailed description.

Example 1:

Command Syntax:

theHarvester -d [url] -l 300 -b [search engine name]

theHarvester -d matriux.com -l 300 -b google
In Above command:-
-d [url] will be the remote site from which you wants to fetch the juicy information.
-l will limit the search for specified number.
-b is used to specify search engine name.

From above information of email address we can identify pattern of the email addresses assigned to the employees of the organization. For example, some companies uses firstname.lastname@domain.com pattern, so that can be useful in order to brute force the account of a specific person.
Host information can be useful in order to scan the specific system.

Example 2:

Search from all search engine.
Command:

theHarvester -d gtu.ac.in -l 300 -b all
This command will grab the information from multiple search engines supported by the specific version of theHarvester.

Example 3:
Save the result in HTML file. 

Command:

theHarvester.py -d gtu.ac.in -l 300 -b all -f hackguru
To save results in html file -f parameter is used as shown in this example.

Conclusion

theHarvester is a handy tool, which would quickly fetch the juicy information from the public resources by active or passive means.


We Hope You Enjoyed This Comeback Tutorial From us CEH :) any problem or question comment below openly :)
Read More