[WEB SECURITY] Introducing WPScan – WordPress Security Scanner

seth seth.lalala at gmail.com
Sun Jun 19 03:14:19 EDT 2011

I have started a wp scanner but lost the files before finishing and
never started again. It had three ways of identifying the version:
Generator meta tag
Readme file (you already download it, and the only valuable information
i see is the version number. Why not showing it?)
Downloading some javascript, css, images, etc. Then comparing the hashes
of these files against an array that was like [file][hash]=>version
Hope it's usefull
On 16/06/11 12:13, Ryan Dewhurst wrote:
> After creating the WordPress Brute Force Tool last weekend, I decided
> to create a bigger project out of it, called WPScan.
> WPScan is a black box WordPress Security Scanner written in Ruby which
> attempts to find known security weaknesses within WordPress
> installations. Its intended use it to be for security professionals or
> WordPress administrators to asses the security posture of their
> WordPress installations. The code base is Open Source and licensed
> under the GPLv3.
> Features include:
> Username enumeration (from ?author)
> Weak password cracking (multithreaded)
> Version enumeration (from generator meta tag)
> Vulnerability enumeration (based on version)
> Plugin enumeration (todo)
> Plugin vulnerability enumeration (based on version) (todo)
> Other miscellaneous checks
> Installation:
> WPScan requires two non native Ruby gems, typhoeus and xml-simple. It
> should work on both Ruby 1.8.x and 1.9.x.
> sudo apt-get install libcurl4-gnutls-dev
> sudo gem install –user-install typhoeus
> sudo gem install –user-install xml-simple
> (I developed WPScan on Backtrack5 Gnome 32bit, if installing on
> another OS, you may not need the –user-install option when installing
> the non native gems)
> Download:
> WPScan will be hosted on Google Code at http://code.google.com/p/wpscan/.
> You can download and start running WPScan ALPHA by checking out the SVN trunk.
> “svn checkout http://wpscan.googlecode.com/svn/trunk/ wpscan-read-only”
> Example usage:
> Examples:
> ruby wpscan.rb –url www.example.com
> ruby wpscan.rb –url www.example.com –wordlist darkc0de.lst –threads 50
> ruby wpscan.rb –url www.example.com –wordlist darkc0de.lst –username admin
> Contributions, feedback, comments are welcome.
> Happy Hacking!
> Ryan Dewhurst
> blog www.ethicalhack3r.co.uk
> projects www.dvwa.co.uk | www.webwordcount.com
> twitter www.twitter.com/ethicalhack3r
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now! 
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------

More information about the websecurity mailing list