garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added username enumeration instructions

Browse Source 
Added username enumeration instructions, and username enumeration with range instructions for use with Docker and without.
This commit is contained in:
Taha Abbasi
2018-10-08 13:39:11 -04:00
committed by GitHub
parent 57942e1826
commit 804a8c34c6
1 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@@ -35,6 +35,17 @@ bundle install && rake install
Pull the repo with ```docker pull wpscanteam/wpscan``` Pull the repo with ```docker pull wpscanteam/wpscan```
Enumerating usernames
```
docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u
```
Enumerating a range of usernames
```
docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u1-100
```
** replace u1-100 with a range of your choice.
# Usage # Usage
```wpscan --url blog.tld``` This will scan the blog using default options with a good compromise between speed and accuracy. For example, the plugins will be checked passively but their version with a mixed detection mode (passively + aggressively). Potential config backup files will also be checked, along with other interesting findings. If a more stealthy approach is required, then ```wpscan --stealthy --url blog.tld``` can be used. ```wpscan --url blog.tld``` This will scan the blog using default options with a good compromise between speed and accuracy. For example, the plugins will be checked passively but their version with a mixed detection mode (passively + aggressively). Potential config backup files will also be checked, along with other interesting findings. If a more stealthy approach is required, then ```wpscan --stealthy --url blog.tld``` can be used.
@@ -69,6 +80,19 @@ url: 'http://target.tld'
Running ```wpscan``` in the current directory (pwd), is the same as ```wpscan -v --proxy socks5://127.0.0.1:9090 --url http://target.tld``` Running ```wpscan``` in the current directory (pwd), is the same as ```wpscan -v --proxy socks5://127.0.0.1:9090 --url http://target.tld```
Enumerating usernames
```
wpscan --url https://target.tld/ --enumerate u
```
Enumerating a range of usernames
```
wpscan --url https://target.tld/ --enumerate u1-100
```
** replace u1-100 with a range of your choice.
# PROJECT HOME # PROJECT HOME
[https://wpscan.org](https://wpscan.org) [https://wpscan.org](https://wpscan.org)