Getting into an abandoned WordPress site

wordpress-logo-hoz-rgb

If you ever find an abandoned Linux server running WordPress on your network that was left for dead but still running somehow, here are some tips on what to do. I just went through this and was amazed when I discovered the WordPress install wasn’t compromised.

1. Get root. Kind of goes without saying. Get console and if you don’t have the root password to the box, you’re not going anywhere.

2. Get mysql root. WordPress is probably running mysql as a the backend db. If you don’t have that, reset it.

3. Get into mysql at the command-line and find the wordpress db to get to the wp-users table.

4. Your db is probably titled “wordpress” but it could be a variant of that.

2015-07-16_8-35-25

5. Select the wp-users table in your WordPress db and reset the password for the ID =1 user.

2015-07-16_8-51-00

6. Reset that password in the table for the ID 1 entry

7. That should give you login to the old WordPress site (http://www.site.com/wp-admin/)  via the browser.

After you are able to login, I wish you the best. Unpatched WordPress sites are a constant target for bots in need of sites to host malware, so you are very lucky if you find the site has not been compromised. When I logged-in, I found a WordPress 3.2 site which puts it at about 4 years old against the release history.

https://codex.wordpress.org/WordPress_Versions

 

 

 

Leave a comment or reply