WebApp Sec mailing list archives
Re: Introducing WPScan – WordPress Security Scanner
From: Ryan Dewhurst <ryandewhurst () gmail com>
Date: Sun, 19 Jun 2011 21:24:52 +0100
Hi Seth, The readme file has the version within it, however form my experience it is not always the correct version. I probably should show it to the user and state something like "not always reliable". The client side file hashing is a good idea, probably something I will implement in future. Maybe only run the file hashing if the version was not found in the generator tag. Thanks for your feedback! Ryan Dewhurst blog www.ethicalhack3r.co.uk projects www.dvwa.co.uk | www.webwordcount.com twitter www.twitter.com/ethicalhack3r On Sun, Jun 19, 2011 at 8:27 AM, seth <xd.seth () gmail com> wrote:
I have started a wp scanner but lost the files before finishing and never started again. It had three ways of identifying the version: Generator meta tag Readme file (you already download it, and the only valuable information i see is the version number. Why not showing it?) Downloading some javascript, css, images, etc. Then comparing the hashes of these files against an array that was like [file][hash]=>version Hope it's usefull On 16/06/11 12:13, Ryan Dewhurst wrote:After creating the WordPress Brute Force Tool last weekend, I decided to create a bigger project out of it, called WPScan. WPScan is a black box WordPress Security Scanner written in Ruby which attempts to find known security weaknesses within WordPress installations. Its intended use it to be for security professionals or WordPress administrators to asses the security posture of their WordPress installations. The code base is Open Source and licensed under the GPLv3. Features include: Username enumeration (from ?author) Weak password cracking (multithreaded) Version enumeration (from generator meta tag) Vulnerability enumeration (based on version) Plugin enumeration (todo) Plugin vulnerability enumeration (based on version) (todo) Other miscellaneous checks Installation: WPScan requires two non native Ruby gems, typhoeus and xml-simple. It should work on both Ruby 1.8.x and 1.9.x. sudo apt-get install libcurl4-gnutls-dev sudo gem install –user-install typhoeus sudo gem install –user-install xml-simple (I developed WPScan on Backtrack5 Gnome 32bit, if installing on another OS, you may not need the –user-install option when installing the non native gems) Download: WPScan will be hosted on Google Code at http://code.google.com/p/wpscan/. You can download and start running WPScan ALPHA by checking out theSVN trunk.“svn checkout http://wpscan.googlecode.com/svn/trunk/ wpscan-read-only” Example usage: Examples: ruby wpscan.rb –url www.example.com ruby wpscan.rb –url www.example.com –wordlist darkc0de.lst –threads 50 ruby wpscan.rb –url www.example.com –wordlist darkc0de.lst –username admin Contributions, feedback, comments are welcome. Happy Hacking! Ryan Dewhurst blog www.ethicalhack3r.co.uk projects www.dvwa.co.uk | www.webwordcount.com twitter www.twitter.com/ethicalhack3r This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- Introducing WPScan – WordPress Security Scanner Ryan Dewhurst (Jun 18)
- Re: Introducing WPScan – WordPress Security Scanner seth (Jun 19)
- Re: Introducing WPScan – WordPress Security Scanner Ryan Dewhurst (Jun 19)
- Re: Introducing WPScan – WordPress Security Scanner Veronica (Jun 19)
- Re: Introducing WPScan – WordPress Security Scanner Ryan Dewhurst (Jun 19)
- Message not available
- RE: [WEB SECURITY] Introducing WPScan - WordPress Security Scanner Chris Weber (Jun 20)
- Message not available
- RE: [WEB SECURITY] Introducing WPScan - WordPress Security Scanner Chris Weber (Jun 20)
- Re: [WEB SECURITY] Introducing WPScan - WordPress Security Scanner Ryan Dewhurst (Jun 20)
- RE: [WEB SECURITY] Introducing WPScan - WordPress Security Scanner Chris Weber (Jun 20)
- Re: Introducing WPScan – WordPress Security Scanner seth (Jun 19)