WordPress Read me
target/readme.html
WordPress License with wordpress version
target/license.txt
WordPress sample config:
target/wp-config-sample.php
WordPress installation:
target/wp-admin/install.php
WordPress upgrade file:
target/wp-admin/upgrade.php
WordPress setup config:
target/wp-admin/setup-config.php
WordPress Api usefull paths:
target/wp-json/wp/v2/users – enumerate users
target/wp-json/wp/v2/posts – enumerate posts
target/wp-json – wordpress api
Script to enumerate users thought authors of blog:
for i in {1..30}; do curl -s -L -i target | grep -E -o “\” title=\”View all posts by [a-z0-9A-Z-.]|Location:.” | sed ‘s/\// /g’ | cut -f 6 -d ‘ ‘ | grep -v “^$”; done
WordPress Plugins readme or license:
target/wp-content/plugins/plugin name/readme.txt or /license.txt
WordPress Theme readme or license:
target/wp-content/theme/nome-do-theme/readme.txt, /changeglog.txt or /license.txt