[HELP] Find Owner of a Website / Hack WordPress Website

General technological topics without their own forum go here

[HELP] Find Owner of a Website / Hack WordPress Website

Post by smokenn on Thu Sep 20, 2018 6:28 am
([msg=96293]see [HELP] Find Owner of a Website / Hack WordPress Website[/msg])

Hello,

I need a help and a guidance on finding out the true owner of a website.

Website is using Wordpress 4.9.8 (latest version)
Whois doesn't give any interesting information: registrar is namescheap.com, it is protected by cloudflare, hosting provider is: NFORCE, NL.
There aren't any sub-domains (except: www).

I have tried tools such as:
Whois domain analyzer, Nslookup, Nmap, TheHarvester, Metagoofil, DNSRecon, Sublist3r, Wafw00f, WAFNinja, XSS Scanner, WhatWeb, Spaghetti, WPscan, WPscanner, WPSeku, Droopescan, SSLScan, SSLyze, A2SV, Dirsearch
...however I either don't know what to look for, or the information is protected behind namescheap and cloudflare.

None of the wordpress plugins have any known vulnerabilities, he's having all his plugins updated to the latest versions.
Plugins used: contact-form-7, woocomerce, really-simple-ssl, sucuri-scanner, yith-woocomerce-compare, cmb2, wp-slimstat.
Theme used: greenmart by Thembay, v1.6.0.
It does have xmlrpc.php, not renamed, and he does have: wp-config-sample.php not renamed.

he does have these folders exposed to the public:
../wp-includes/
../wp-content/uploads/
../wp-content/plugins/
but I can't find anything useful in there (of course I can't access PHP files to get their content).


My option #1 would be to find who this guy is, because taking down his website may just result in him finding another hosting company and host his website on another place.
Option #2 would be to take down his website (however, ddos-ing on a cloudflare protected website doesn't seem to work for very long). So I guess option #3 would be to find out real IP behind the cloudflare.

Any advice, guidance is more than welcome. I'm not asking you guys to do stuff for me, but to give me directions, I want to learn this stuff on my own.
smokenn
New User
New User
 
Posts: 1
Joined: Thu Sep 20, 2018 6:27 am
Blog: View Blog (0)


Re: [HELP] Find Owner of a Website / Hack WordPress Website

Post by oasis on Fri Sep 21, 2018 2:17 pm
([msg=96295]see Re: [HELP] Find Owner of a Website / Hack WordPress Website[/msg])

smokenn wrote:Hello,

I need a help and a guidance on finding out the true owner of a website.

Website is using Wordpress 4.9.8 (latest version)
Whois doesn't give any interesting information: registrar is namescheap.com, it is protected by cloudflare, hosting provider is: NFORCE, NL.
There aren't any sub-domains (except: www).

I have tried tools such as:
Whois domain analyzer, Nslookup, Nmap, TheHarvester, Metagoofil, DNSRecon, Sublist3r, Wafw00f, WAFNinja, XSS Scanner, WhatWeb, Spaghetti, WPscan, WPscanner, WPSeku, Droopescan, SSLScan, SSLyze, A2SV, Dirsearch
...however I either don't know what to look for, or the information is protected behind namescheap and cloudflare.

None of the wordpress plugins have any known vulnerabilities, he's having all his plugins updated to the latest versions.
Plugins used: contact-form-7, woocomerce, really-simple-ssl, sucuri-scanner, yith-woocomerce-compare, cmb2, wp-slimstat.
Theme used: greenmart by Thembay, v1.6.0.
It does have xmlrpc.php, not renamed, and he does have: wp-config-sample.php not renamed.

he does have these folders exposed to the public:
../wp-includes/
../wp-content/uploads/
../wp-content/plugins/
but I can't find anything useful in there (of course I can't access PHP files to get their content).


My option #1 would be to find who this guy is, because taking down his website may just result in him finding another hosting company and host his website on another place.
Option #2 would be to take down his website (however, ddos-ing on a cloudflare protected website doesn't seem to work for very long). So I guess option #3 would be to find out real IP behind the cloudflare.

Any advice, guidance is more than welcome. I'm not asking you guys to do stuff for me, but to give me directions, I want to learn this stuff on my own.


Sounds fun. But it also sounds like you're out of your depth. A lot of the things you have tried are already illegal and can get you into trouble. My only input would be going to wp-login.php ad guessing the password ;)

Good luck anyway.
oasis
New User
New User
 
Posts: 26
Joined: Thu Apr 24, 2008 12:57 pm
Blog: View Blog (0)



Return to General

Who is online

Users browsing this forum: No registered users and 0 guests

cron