However, if the password hash is not crackable. We should be able to extract the wordpress users and their password hashes.
Additionally Infrastructure PenTest Series : Part 2 - Vulnerability Analysis could be referred for exploitation of any particular services (i.e. Furthermore, we have also provided Tips and Tricks for solving vulnerable VMs. In this blog post, we have mentioned, what can be done in each separate stage.
Generally, we go through the following stages when solving a vulnerable machine: Thank you for providing these awesome challenges to learn from and sharing your knowledge with the IT security community! Thank You!! Also, shout-outs are in order for each and every author of Vulnerable Machines and/ or write-ups. We would like to thank g0tm1lk for maintaining Vulnhub and the moderators of HackTheBox.
Once you download a virtual machines from VulnHub you can run it by using virtualisation software such as VMware or Virtual Box. The steps below could be followed to find vulnerabilities, exploit these vulnerabilities and finally achieve system/ root. This post (Work in Progress) records what we learned by doing vulnerable machines provided by VulnHub, Hack the Box and others.
SecLists.Org Security Mailing List Archive.