WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach (scanning without any prior knowledge of what has been installed etc).
Features
Username enumeration (from author querystring and location header)
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag)
Vulnerability enumeration (based on version)
Plugin enumeration (2220 most popular by default)
Plugin vulnerability enumeration (based on version) (todo)
Plugin enumeration list generation
Other misc WordPress checks (theme name, dir listing, …)
Requirements
WPScan requires two non native Ruby gems, typhoeus and xml-simple. It should work on both Ruby 1.8.x and 1.9.x.
INSTALL
Installing on Backtrack5 Gnome/KDE 32bit:
sudo apt-get install libcurl4-gnutls-dev
sudo gem install --user-install mime-types
sudo gem install --user-install typhoeus
sudo gem install --user-install xml-simple
Installing on Debian/Ubuntu:
sudo apt-get install libcurl4-gnutls-dev
sudo apt-get install libopenssl-ruby
sudo gem install typhoeus
sudo gem install xml-simple
Installing on other nix: (not tested)
sudo gem install typhoeus
sudo gem install xml-simple
Installing on Windows: (not tested)
gem install typhoeus
gem install xml-simple
Installing on Mac OSX: (not tested)
sudo gem install typhoeus
sudo gem install xml-simple
COMMANDS
--url (The WordPress URL/domain to scan.)
--version (Only do version enumeration.)
--wordlist (Supply a wordlist for the password bruter and do the brute.)
--threads (The number of threads to use when multi-threading requests.)
--username (Only brute force the supplied username.)
--generate_plugin_list (Generate a new data/plugins.txt file.)
-v (Verbose output.)
EXAMPLES
Do 'non-intrusive' checks...
ruby wpscan.rb --url www.example.com
Only do version enumeration...
ruby wpscan.rb --url www.example.com --version
Do wordlist password brute force on enumerated users using 50 threads...
ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50
Do wordlist password brute force on the 'admin' username only...
ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --username admin
Generate a new 'most popular' plugin list... ruby ./wpscan.rb --generate_plugin_list 150
PROJECT HOME
http://code.google.com/p/wpscan/
SUBVERSION REPOSITORY
svn checkout http://wpscan.googlecode.com/svn/trunk/ wpscan-read-only
ISSUES
http://code.google.com/p/wpscan/issues/list
You can download WPScan by checking it out from the SVN repository on Google Code:
svn checkout http://wpscan.googlecode.com/svn/trunk/ wpscan-read-only
Or you can read more here
====================================================================
NB : darknet & ethicalhack3r
-=WELCOME IN MY BLOG=-
All About : Hacking, Cracking, Phreaking, Carding, Virus, Social Engineering, IRC, Windows, Linux, Hardware, Software, Networking, Programming, Web/ Graphic Design, Batch, Shell, DOS, Command Line Interpreters, Info, Phone
13/07/11
WPScan - WordPress Security/Vulnerability Scanner
Langganan:
Posting Komentar (Atom)
om...
BalasHapusane udah ikutin cara diatas....
tapi pas mau ruby wpscan.rb gak bisa om...
bilangnya no directory...
Itu installnya di dir mana ya om?