Tutorial Penetration Tools #2 || How To Find Security Slot in Wordpress using WPScan on Kali Linux 2 || Bagaimana mencari celah keamanan pada Wordpress menggunakan WPScan di Kali Linux 2

in #utopian-io7 years ago (edited)

110.jpg

What is a WPScan...?

WPScan is a vulnerability scanner tool for WordPress CMS written in the ruby programming language, WPScan is able to detect common vulnerabilities and list all the plugins and themes used by a website that uses WordPress CMS.

Wpscan tool developed by WPScan Team to find the weaknesses that exist on wordpress site. in this tool we can find the theme, plugin until the user registered on the site using wordpress.

1.png

WpScan Features :

  • Enumerator username
  • Multithreaded password bruteforcing
  • WordPress plugin and version search
  • Search vulnerability of wordpress web system

How to use WPScan in Kali Linux 2

Open your linux terminal and configure our computer to connect to the internet in order to update the database for the package

Then open wpscan app in Kali Linux then follow the following command :

Applications ->> Web Application Analysis ->> wpscan

Screenshot from 2018-01-31 22-57-59.png

This is the view of WPScan :
root@kali_ ~_002.png

Then to see all the options that can be used on WPScan, we can use the command:

wpscan -h

1.PNG

Note :
Previously I apologize for "codex.wordpress.org" being targeted and not my intention to open privacy or drop but I just take an example just for knowledge of WordPress Security hole.

Then to find information from target wordpress we can use syntax :

wpscan -u http:// codex.wordpress.org

2.PNG
root@kali_ ~_009.png

Next, to see the plugin that has been installed as well as see the plugin contained target wordpress vulnerability we can use the command :

wpscan -u http:// codex.wordpress.org --enumerate p

3.PNG

Then press "Y" to update the database then Enter and the scanning results we can see all the plugins used on the target WordPress (codex.wordpress.org).

4.PNG

Then from the scanning results we can see the memory used as a plugin on the target wordpress is for 115.109 MB.

Memory used : 115.109 MB

5.PNG

Next to see the information used themes along with its vulnerability we can use the command :

wpscan -u http:// codex.wordpress.org --enumerate t

6.PNG

Then press "Y" to update the database then Enter and the scanning results we can see all the Themes used on the target WordPress (codex.wordpress.org).

Memory used : 45.047 MB

7.PNG

Then to see "Timthumbs Plugin" information that is installed on the target wordpress we can use the command :

wpscan -u http:// codex.wordpress.org --enumerate tt

8.PNG

Then press "Y" to update the database then Enter and the scanning results we can see the memory used as a timthumb on the target wordpress is for 34.105 MB.

Memory used : 34.105 MB

9.PNG

Finally, to scan username on target wordpress we can use command :

wpscan -u http:// codex.wordpress.org --enumerate u

10.PNG

Here we can see on this wordpress target we do not find the username because it has good security and only wordpress with poor security is successfully done.

Enumerating usernames
We did not enumerating any usernames
11.PNG

Note :
-u : Syntax to address Wordpress url
--enumerate : Syntax used for Enumeration
u : Search username information on target wordpress
p : View plugins on target wordpress
tt : find timthumbs on target wordpress
t : themes on the target worpress


Posted on Utopian.io - Rewarding Open Source Contributors

#tutorial #wpscan #linux
7 years ago in #utopian-io by
$0.18
6 votes
Reply 2
Sort:  
  • Trending
    • [-]
     7 years ago  

    Your contribution cannot be approved because it does not follow the Utopian Rules.

    • All the structures you mention are confronted with examples when you type the command "wpscan" on the linux terminal.

    You can contact us on Discord.
    [utopian-moderator]

    $0.00
      Reply