Previously we have discussed how to enumerate valid usernames and create a dictionary of common passwords. Using WPScan, we are able to perform a brute force attack to find a password that matches the username.

In the command line, type:

wpscan –url <targeturl> -P <path to password list> -U <username>.

You are able to brute force multiple usernames at once by separating them with a comma:

wpscan –url <targeturl> -P <path to password list> -U <username,username,username>.

WPScan will then try all the possible passwords in the .txt file. It will take some time depending on how many passwords are in the list and where in that list the correct password is.