WPScan is a black box WordPress Security Scanner written in Ruby which attempts to find known security weaknesses within WordPress installations. Its intended use it to be for security professionals or WordPress administrators to asses the security posture of their WordPress installations. The code base is Open Source and licensed under the GPLv3. It has been brought to us by Ryan Dewhurst AKA ethicalhack3r.
Features of wpscan:
Username enumeration (from author)
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag)
Vulnerability enumeration (based on version)
Plugin enumeration (todo)
Plugin vulnerability enumeration (based on version) (todo)
Other miscellaneous checks
Most of the blogging sites run on WordPress which often gets hack for simple lamp post errors. WPScan can simply help to find those known errors which can be avoided.
Basic requirements:
WPScan requires two non-native Ruby gems, typhoeus and xml-simple. It should work on both Ruby 1.8.x and 1.9.x.
How to run wpscan?
1. ruby wpscan.rb –url www.example.com
2. ruby wpscan.rb –url www.example.com –wordlist darkc0de.lst –threads 50
3. ruby wpscan.rb –url www.example.com –wordlist darkc0de.lst –username admin
It uses two files – wp_vulns.xml and plugin_vulns.xml, that simply contain vulnerabilities associated with WordPress plugins and affected versions. This has been compiled from many public sources. If you happen to know of a few exploits that are not public, you could even add them to these files and extend the use of WPScan! It also includes a WordPress bruteforcer – bruter.rb
Download WPScan (wpscan.rb) here - SVN checkout.
sharing from www.pentestit.com
No comments:
Post a Comment