Performs multiple brute force and username enumerations tasks in same time. This is a continuation of the WPCracker project.
With the Brute Force tool, you can control how aggressive an attack you want to perform, and this affects the attack time required. The tool makes it possible to adjust the number of threads as well as how large password batches each thread is tested at a time. However, too much attack power can cause the victim's server to slow down.
| OS info | Win32 | Win64 | macOS | Linux |
|---|---|---|---|---|
| Backend | X | X | X | X |
| FrontEnd | X | X | X | X |
| Tested | 0 | X | X | deb11 |
.NET Core 3.1
- Download repository:
git clone https://github.com/JoniRinta-Kahila/wpcrackergui.git
- Open project:
cd wpcrackergui
- Install with package manager:
npm i
- Build dev version:
npm run dev
- build produciton version:
npm run prod
- Run current version:
npm run start
- If the backend is not builded or has changed:
npm run winCoreBuildnpm run macCoreBuildnpm run linuxCoreBuild
npm run prodnpm run build:win
npm run prodnpm run build:mac
- tested in Debian 11
electron-userland/electron-build-service#9 (comment)
https://docs.microsoft.com/en-us/dotnet/core/install/linux-debian
- Open terminal at root of project
- run command
npm run prod - run command
npm run cleanCore && npm run linuxCoreBuild
- run command
- Start docker
- run command
docker pull electronuserland/builder(do this only the first time) - run command
docker run --rm -ti -v C:\Work\wpcrackergui\:/project -w /project electronuserland/builder(correct the project path if needed) - run command
npm i -g electron-builder - run command
cd /project - run command
electron-builder build --linux deb tar.xz
- run command
- After build is ready, you can locate the build files in the wpcrackergui/out directory
In this article, "victim" refers to the attacked WordPress site in pentest lab. Attacking a WordPress site for which you do not have permission may be illegal.