Showing posts with label wordpress. Show all posts
Showing posts with label wordpress. Show all posts

Tuesday, 25 February 2014

WPScan Tutorial (Debian, Ubuntu etc..)



WPScan is a tool to automatically scan Wordpress-Blogs for vulnerabilities. Furthermore it can enumerate user names and carry out bruteforce attacks on accounts associated with the blog.

Link: http://wpscan.org/

Install

sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev git
git clone https://github.com/wpscanteam/wpscan.git 
cd wpscan 
sudo gem install bundler && bundle install --without test development

Enumerate vulnerable plugins and themes

  • Plugins  
ruby wpscan.rb --url http://www.wpblog.com --enumerate vp
  • Themes
ruby wpscan.rb --url http://www.wpblog.com --enumerate vt

Get usernames

ruby wpscan.rb --url http://www.wpblog.com --enumerate u

Brute-forcing accounts

Most of the time, user don't chance the default 'admin' username, so you should start here.

ruby wpscan.rb --url www.wpblog.com --wordlist YOURWORDLIST --username admin

You can get an extremely good wordlist here: https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm

If you have any questions, drop me a line.