Web Application Security
Introducing WPScan ? WordPress Security Scanner Jun 16 2011 03:13PM
Ryan Dewhurst (ryandewhurst gmail com) (2 replies)
Re: Introducing WPScan â?? WordPress Security Scanner Jun 19 2011 04:59PM
Veronica (vero valeros gmail com) (1 replies)
Re: Introducing WPScan ? WordPress Security Scanner Jun 19 2011 08:26PM
Ryan Dewhurst (ryandewhurst gmail com)
Re: Introducing WPScan ? WordPress Security Scanner Jun 19 2011 07:27AM
seth (xd seth gmail com) (1 replies)
Re: Introducing WPScan ? WordPress Security Scanner Jun 19 2011 08:24PM
Ryan Dewhurst (ryandewhurst gmail com)
Hi Seth,

The readme file has the version within it, however form my experience
it is not always the correct version. I probably should show it to the
user and state something like "not always reliable".

The client side file hashing is a good idea, probably something I will
implement in future. Maybe only run the file hashing if the version
was not found in the generator tag.

Thanks for your feedback!

Ryan Dewhurst

blog www.ethicalhack3r.co.uk
projects www.dvwa.co.uk | www.webwordcount.com
twitter www.twitter.com/ethicalhack3r

On Sun, Jun 19, 2011 at 8:27 AM, seth <xd.seth (at) gmail (dot) com [email concealed]> wrote:
> I have started a wp scanner but lost the files before finishing and
> never started again. It had three ways of identifying the version:
> Generator meta tag
> Readme file (you already download it, and the only valuable information
> i see is the version number. Why not showing it?)
> Downloading some javascript, css, images, etc. Then comparing the hashes
> of these files against an array that was like [file][hash]=>version
> Hope it's usefull
> On 16/06/11 12:13, Ryan Dewhurst wrote:
>> After creating the WordPress Brute Force Tool last weekend, I decided
>> to create a bigger project out of it, called WPScan.
>>
>> WPScan is a black box WordPress Security Scanner written in Ruby which
>> attempts to find known security weaknesses within WordPress
>> installations. Its intended use it to be for security professionals or
>> WordPress administrators to asses the security posture of their
>> WordPress installations. The code base is Open Source and licensed
>> under the GPLv3.
>>
>> Features include:
>>
>> Username enumeration (from ?author)
>> Weak password cracking (multithreaded)
>> Version enumeration (from generator meta tag)
>> Vulnerability enumeration (based on version)
>> Plugin enumeration (todo)
>> Plugin vulnerability enumeration (based on version) (todo)
>> Other miscellaneous checks
>>
>> Installation:
>>
>> WPScan requires two non native Ruby gems, typhoeus and xml-simple. It
>> should work on both Ruby 1.8.x and 1.9.x.
>>
>> sudo apt-get install libcurl4-gnutls-dev
>> sudo gem install ?user-install typhoeus
>> sudo gem install ?user-install xml-simple
>>
>> (I developed WPScan on Backtrack5 Gnome 32bit, if installing on
>> another OS, you may not need the ?user-install option when installing
>> the non native gems)
>>
>> Download:
>>
>> WPScan will be hosted on Google Code at http://code.google.com/p/wpscan/.
>>
>> You can download and start running WPScan ALPHA by checking out the
> SVN trunk.
>> ?svn checkout http://wpscan.googlecode.com/svn/trunk/ wpscan-read-only?
>>
>> Example usage:
>>
>> Examples:
>> ruby wpscan.rb ?url www.example.com
>> ruby wpscan.rb ?url www.example.com ?wordlist darkc0de.lst ?threads 50
>> ruby wpscan.rb ?url www.example.com ?wordlist darkc0de.lst ?username admin
>>
>> Contributions, feedback, comments are welcome.
>>
>> Happy Hacking!
>>
>> Ryan Dewhurst
>>
>> blog www.ethicalhack3r.co.uk
>> projects www.dvwa.co.uk | www.webwordcount.com
>> twitter www.twitter.com/ethicalhack3r
>>
>>
>>
>> This list is sponsored by Cenzic
>> --------------------------------------
>> Let Us Hack You. Before Hackers Do!
>> It's Finally Here - The Cenzic Website HealthCheck. FREE.
>> Request Yours Now!
>> http://www.cenzic.com/2009HClaunch_Securityfocus
>> --------------------------------------
>>
>
>
>
>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>
>

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus