What is WPScan?
WPScan is wonderful and super fast wordpress vulnerability scanner written in ruby language, sponsored byRandomStorm and hosted by Googlecode. It provides you an easy way to penetrate wordpress blogs using blackbox techniques.
You can find the following stuff about any wordpress blog using this ruby application:
- List of plugins
- Name of theme
- Bruce forcing Weak Password for specific user
- Brute force username
- Directory listings
- Version details
- Possible vulnerabilities.
How to Install WPScan?
Before you install WPScan, you have to install number of dependencies essential by this tiny ruby application. BTW i am using BackTrack5 Linux.
Dependencies :
apt-get install libcurl4-gnutls-dev
gem install --user-install mime-types
gem install --user-install xml-simple
gem install --user-install typhoeusWPScan Installation :
cd /pentest/web/
wget http://wpscan.googlecode.com/files/wpscan-1.0.zip
unzip wpscan-1.0.zip
cd wpscanHow to use WPScan?
It is almost cooked. One more thing we need here; is to download keywords database which will be used for brute forcing.
wget http://static.hackersgarage.com/darkc0de.lst.gz
gunzip darkc0de.lst.gzExample usage of this ant application :
Do ‘non-intrusive’ checks…
ruby ./wpscan.rb --url www.hackersgarage.comDo wordlist password brute force on enumerated users using 50 threads…
ruby ./wpscan.rb --url www.hackersgarage.com --wordlist darkc0de.lst --threads 50Do wordlist password brute force on the ‘admin’ username only…
ruby ./wpscan.rb --url www.hackersgarage.com --wordlist darkc0de.lst --username adminGenerate a new ‘most popular’ plugin list, up to 150 pages…
ruby ./wpscan.rb --generate_plugin_list 150Enumerate instaled plugins…
ruby ./wpscan.rb --enumerate p
No comments:
Post a Comment