garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
28c59d2ba39481a5e5a9e730b67da2c53043390c
wpscan/index.html
ethicalhack3r 28c59d2ba3 Update index.html
2012-11-28 00:40:24 +01:00

230 lines
8.2 KiB
HTML
Raw Blame History

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="chrome=1">
<title>Wpscan by wpscanteam</title>
<link rel="stylesheet" href="stylesheets/styles.css">
<link rel="stylesheet" href="stylesheets/pygment_trac.css">
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<!-- Google Analytics -->
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-35753425-1']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>
<!-- END Google Analytics -->
</head>
<body>
<div class="wrapper">
<header>
<h1>Wpscan</h1>
<p>WPScan is a black box WordPress vulnerability scanner.</p>
<p class="view"><a href="https://github.com/wpscanteam/wpscan">View the Project on GitHub</a></p>
<ul>
<li><a href="https://github.com/wpscanteam/wpscan/zipball/master">Download <strong>ZIP File</strong></a></li>
<li><a href="https://github.com/wpscanteam/wpscan/tarball/master">Download <strong>TAR Ball</strong></a></li>
<li><a href="https://github.com/wpscanteam/wpscan">View On <strong>GitHub</strong></a></li>
</ul>
<p></p><a href="http://www.twitter.com/@_WPScan_">Follow us on Twitter</a></p>
<p>Have you found WPScan useful? Buy the developers a beer!</p>
<!-- PayPal donation button -->
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="SRGCMGLYYKC56">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
<!-- END PayPal donation button -->
</header>
<section>
<p><img src="http://dvwa.co.uk/images/wpscan_logo_407x80.png" alt="alt text" title="WPScan - WordPress Security Scanner"></p>
<h4>INSTALL</h4>
<p>WPScan comes pre-installed on the following Linux distributions:</p>
<ul>
<li><a href="http://www.backbox.org/">BackBox Linux</a></li>
<li><a href="http://www.backtrack-linux.org/">BackTrack Linux</a> (outdated WPScan installed, update needed)</li>
<li><a href="http://www.pentoo.ch/">Pentoo</a></li>
<li><a href="http://samurai.inguardians.com/">SamuraiWTF</a></li>
</ul>
<p>Prerequisites:</p>
<ul>
<li>Windows not supported</li>
<li>Ruby => 1.9</li>
<li>RubyGems</li>
<li>Git</li>
</ul>
<p><em>Installing on Debian/Ubuntu:</em></p>
<p><code>sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev</code></p>
<p><code>git clone https://github.com/wpscanteam/wpscan.git</code></p>
<p><code>cd wpscan</code></p>
<p><code>sudo gem install bundler &amp;&amp; bundle install</code></p>
<p><em>Installing on Fedora:</em></p>
<p><code>sudo yum install libcurl-devel</code></p>
<p><code>git clone https://github.com/wpscanteam/wpscan.git</code></p>
<p><code>cd wpscan</code></p>
<p><code>sudo gem install bundler &amp;&amp; bundle install</code></p>
<p><em>Installing on Mac OSX:</em></p>
<p><code>git clone https://github.com/wpscanteam/wpscan.git</code></p>
<p><code>cd wpscan</code></p>
<p><code>sudo gem install bundler &amp;&amp; bundle install</code></p>
<h4>KNOWN ISSUES</h4>
<ul>
<li><p>
Typhoeus segmentation fault
Update curl to at least v7.21 (may have to install from source)
See <a href="http://code.google.com/p/wpscan/issues/detail?id=81">http://code.google.com/p/wpscan/issues/detail?id=81</a>
</p></li>
<li><p>
If you have one the following errors : "-bash: !t: event not found", "-bash: !u: event not found"
It happens whith enumeration : just put the 't' or 'u' before the 'p!' : '-e tp!' instead of '-e p!t'
</p></li>
<li><p>
Proxy not working
Update cURL to version =&gt; 7.21.7 (may have to install from source). See <a href="https://github.com/wpscanteam/wpscan/issues/7">https://github.com/wpscanteam/wpscan/issues/7</a>
</p></li>
</ul>
<h4>WPSCAN ARGUMENTS</h4>
<pre><code>--url | -u &lt;target url&gt; The WordPress URL/domain to scan.
--force | -f Forces WPScan to not check if the remote site is running WordPress.
--enumerate | -e [option(s)] Enumeration.
option :
u usernames from id 1 to 10
u[10-20] usernames from id 10 to 20 (you must write [] chars)
p plugins
vp only vulnerable plugins
ap all plugins (can take a long time)
tt timthumbs
t themes
vp only vulnerable themes
at all themes (can take a long time)
Multiple values are allowed : '-e tt,p' will enumerate timthumbs and plugins
If no option is supplied, the default is 'vt,tt,u,vp'
--config-file | -c &lt;config file&gt; Use the specified config file
--follow-redirection If the target url has a redirection, it will be followed without asking if you wanted to do so or not
--proxy Supply a proxy in the format host:port or protocol://host:port (will override the one from conf/browser.conf.json). HTTP, SOCKS4 SOCKS4A and SOCKS5 are supported. If no protocol is given (format host:port), HTTP will be used
--wordlist | -w &lt;wordlist&gt; Supply a wordlist for the password bruter and do the brute.
--threads | -t &lt;number of threads&gt; The number of threads to use when multi-threading requests. (will override the value from conf/browser.conf.json)
--username | -U &lt;username&gt; Only brute force the supplied username.
--help | -h This help screen.
--verbose | -v Verbose output.
</code></pre>
<h4>WPSCAN EXAMPLES</h4>
<p>Do 'non-intrusive' checks...</p>
<p><code>ruby wpscan.rb --url www.example.com</code></p>
<p>Do wordlist password brute force on enumerated users using 50 threads...</p>
<p><code>ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50</code></p>
<p>Do wordlist password brute force on the 'admin' username only...</p>
<p><code>ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --username admin</code></p>
<p>Enumerate installed plugins...</p>
<p><code>ruby wpscan.rb --url www.example.com --enumerate p</code></p>
<p>Run all enumeration tools...</p>
<p><code>ruby wpscan.rb --url www.example.com --enumerate</code></p>
<p>Update WPScan...</p>
<p><code>ruby wpscan.rb --update</code></p>
<h4>WPSTOOLS ARGUMENTS</h4>
<pre><code>--help | -h This help screen.
--Verbose | -v Verbose output.
--update | -u Update to the latest revision.
--generate_plugin_list [number of pages] Generate a new data/plugins.txt file. (supply number of *pages* to parse, default : 150)
--gpl Alias for --generate_plugin_list
</code></pre>
<h4>WPSTOOLS EXAMPLES</h4>
<p>Generate a new 'most popular' plugin list, up to 150 pages...</p>
<p><code>ruby wpstools.rb --generate_plugin_list 150</code></p>
<h4>PROJECT HOME</h4>
<p><a href="http://www.wpscan.org">www.wpscan.org</a></p>
<h4>GIT REPOSITORY</h4>
<p><a href="https://github.com/wpscanteam/wpscan">https://github.com/wpscanteam/wpscan</a></p>
<h4>ISSUES</h4>
<p><a href="https://github.com/wpscanteam/wpscan/issues">https://github.com/wpscanteam/wpscan/issues</a></p>
<h4>SPONSOR</h4>
<p>WPScan is sponsored by the <a href="http://www.randomstorm.com">RandomStorm</a> Open Source Initiative.</p>
</section>
<footer>
<p>This project is maintained by the <a href="https://github.com/wpscanteam">WPScan Team</a> which comprises of <a href="http://www.twitter.com/@erwan_lr">@erwan_lr</a>, <a href="http://www.twitter.com/@gbrindisi">@gbrindisi</a> & <a href="http://www.twitter.com/@ethicalhack3r">@ethicalhack3r</a>.</p>
</footer>
</div>
<script src="javascripts/scale.fix.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink