Skip to main content

WPScan in Kali Linux

By RoCk StAr DeViL
WPScan is a WordPress vulnerability scanner written in ruby, which is capable of detecting common security vulnerabilities as well as listing all plugins used by a website hosting WordPress. WPScan is pre-installed in Kali Linux. 

WPscan is a nice tool if you want to find out how to exploit a WordPress site as it does all of this:
  • Username enumeration (Checks the ‘author’ query-string and the location header).
  • Weak password cracking (This can be multi-threaded and supplied a password list of your choosing).
  • Version enumeration (Finds what version of WordPress they are running by checking meta tags and client side files).
  • Vulneralbility enumeration (Based on what version they are running).
  • Timbthumb file enumeration (Checks for Timthumb exploit).
  • Plugin enumeration (See what plugins they are running).
  • Plugin vulneralbility enumeration (Tells you which, if any, plugins are vulnerable to exploits).
  • Theme enumeration (What theme are they running. Sometimes you can find exploits in the theme).
  • Readme.html enumeration (Sometimes can be useful because you will see what is needed for that theme. Helps you find out what they are running. E.G. “This theme require PHP 5″).
  • Directory listing (Helps footprint the WordPress installation).
To start WPScan, click on Applications--> Kali Linux--> Web Applications--> Web Vulnerability Scanners--> wpscan

Now, to scan for wordpress plugin to exploit, let pickup any wordpress plugin, ex.: http://www.cretan-snails.com. Type
root@kali:~# ruby /usr/bin/wpscan --url http://www.cretan-snails.com in the root terminal window;

(A)


(B)

From the above screenshots, we found that there is 1 vulnerability and 13 plug-ins from passive detection. To find Wordpress usernames, type root@kali:~# wpscan --url http://www.cretan-snails.com --enumerate user

(C)


(D)

The above screenshot reveals that there 10 Wordpress usernames from http://www.cretan-snails.com
Labels:
Location: Kolkata, West Bengal, India

Comments

  1. Sohail Shaikh1 August 2020 at 09:23

    www.allsolves.com

    ReplyDelete
  2. James Zicrov18 April 2022 at 22:32

    I just wanted to say this is an elegantly composed article as we have seen here.

    Wordpress Vulnerability Scanner

    ReplyDelete
  3. Anonymous19 April 2022 at 19:27

    Wpscan In Kali Linux >>>>> Download Now

    >>>>> Download Full

    Wpscan In Kali Linux >>>>> Download LINK

    >>>>> Download Now

    Wpscan In Kali Linux >>>>> Download Full

    >>>>> Download LINK Yx

    ReplyDelete

Post a Comment

plz add ur comment here

Popular posts from this blog

Upcoming Book- Kali Linux Revealed: Mastering the Penetration Testing Distribution

By RoCk StAr DeViL
More exciting news! In the past year, Kali Linux Official Team has been working internally on an Official Kali Linux book – Kali Linux Revealed: Mastering the Penetration Testing Distribution . This is the first official Kali book from Offsec Press , and is scheduled for release on June 5th, 2017 . Kali Linux Revealed will be available in both hard copy and online formats. Keeping the Kali Linux spirit, the online version of the book will be free of charge, allowing anyone who wishes to hone their skills and improve their knowledge of Kali to do so at no cost. This book, together with our official Kali documentation site will encompass the body of knowledge for the Kali Linux Certified Professional   (KLCP) .
1 comment
Read more

Kali Linux: A complete InfoSec Distro

By RoCk StAr DeViL
BackTrack has always been a popular choice when it comes to security and penetration testing. This open source distro has gained a lot of popularity and was rolled till version 5 with frequent changes to the variants. This project from Offensive Security has been moved from Ubuntu to Debian and the operating system is now renamed as Kali Linux. If you have installed a fresh copy of Kali Linux, then you might have noticed some awesome security and penetration tools under Kali Linux drop down menu list. These tools are powerful and yet efficient to use. If you go through the menu list of security tools, you might have noticed that few like Wireless Attacks, Forensics and Reverse Engineering is added, which is quite impressive. One more section has been added in the list, ie Hardware Hacking. One more thing that you would be happy to see is Arduino kit on the list. Arduino is a single-board microcontroller designed to make the process of using electronics in multi-disciplinary projects mo...
Post a Comment
Read more

Wordpress hacking - How to install / run wpscan on windows xp / windows 7 / windows 10

By RoCk StAr DeViL
HOW TO RUN WPSCAN ON WINDOWS Byrockstardevil Requirements: rubyinstaller Development Kit for rubyinstaller curl DLL for windows : libcurl.dll 1 - install rubyinstaller you must have Ruby 2.2.3 version . download links here : http://rubyinstaller.org/downloads/ for more info : https://github.com/oneclick/rubyinstaller/wiki 2 - install Development Kit for rubyinstaller download link : http://rubyinstaller.org/downloads/ how to install : https://github.com/oneclick/rubyinstaller/wiki/Development-Kit if you face that problem  "unknown encoding name -  (ArgumentError)" just type "chcp 1252" in cmd and hit enter 3 - install libcurl.dll A - Download libcurl.dll from : http://www.confusedbycode.com/curl/ B - copy libcurl.dll copy  libcurl.dll into ruby bin folder or wpscan folder and make sure to add it to your PATH. I also added .DLL to PATHEXT ex : C:\Ruby21-x64\bin\ you can visit : http://www.computerhope.com/issues/ch000549.htm to know to set the p...
2 comments
Read more