WPScan is a tool to automatically scan Wordpress-Blogs for vulnerabilities. Furthermore it can enumerate user names and carry out bruteforce attacks on accounts associated with the blog.
Link: http://wpscan.org/
Install
sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev git
git clone https://github.com/wpscanteam/wpscan.git
cd wpscan
sudo gem install bundler && bundle install --without test development
Enumerate vulnerable plugins and themes
- Plugins
ruby wpscan.rb --url http://www.wpblog.com --enumerate vp
- Themes
ruby wpscan.rb --url http://www.wpblog.com --enumerate vt
Get usernames
ruby wpscan.rb --url http://www.wpblog.com --enumerate u
Brute-forcing accounts
Most of the time, user don't chance the default 'admin' username, so you should start here.ruby wpscan.rb --url www.wpblog.com --wordlist YOURWORDLIST --username admin
You can get an extremely good wordlist here: https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm
If you have any questions, drop me a line.
sudo gem install bundler && bundle install --without test development ------- An error occurred while installing addressable (2.4.0), and Bundler cannot
ReplyDeletecontinue.
What's wrong?
Make sure that `gem install addressable -v '2.4.0'` succeeds before bundling.