Description

WPScan is a free tool developed by Sucuri.net to help WordPress site developers, owners and maintainers point out and identify problems so they can be quickly resolved.

1. Install system-wide dependencies.

]$ sudo yum install gcc ruby-devel libxml2 libxml2-devel libxslt libxslt-devel libcurl-devel patch

2. Clone the WPScan Git repository locally.

]$ git clone https://github.com/wpscanteam/wpscan.git

Cloning into 'wpscan'... remote: Counting objects: 15184, done. remote: Compressing objects: 100% (7/7), done. remote: Total 15184 (delta 0), reused 0 (delta 0), pack-reused 15177 Receiving objects: 100% (15184/15184), 12.98 MiB | 1.90 MiB/s, done. Resolving deltas: 100% (8974/8974), done. Checking connectivity... done.

1 2 3 4 5 6 7

Cloning into 'wpscan'... remote: Counting objects: 15184, done. remote: Compressing objects: 100% (7/7), done. remote: Total 15184 (delta 0), reused 0 (delta 0), pack-reused 15177 Receiving objects: 100% (15184/15184), 12.98 MiB | 1.90 MiB/s, done. Resolving deltas: 100% (8974/8974), done. Checking connectivity... done.

3. Move into the newly cloned local WPScan repository.

]$ cd wpscan/

4. Install WPScan-specific dependencies, round 1.

]$ bundle install --without test --path vendor/bundle
If you get a timeout error like this, re-run the command

Fetching gem metadata from https://rubygems.org/............ Resolving dependencies... Installing addressable 2.4.0 Installing ffi 1.9.10 Installing ethon 0.8.1 Gem::RemoteFetcher::UnknownHostError: no such name (https://rubygems.org/gems/mini_portile2-2.0.0.gem) An error occurred while installing mini_portile2 (2.0.0), and Bundler cannot continue. Make sure that `gem install mini_portile2 -v '2.0.0'` succeeds before bundling.

1 2 3 4 5 6 7 8 9

Fetching gem metadata from https://rubygems.org/............ Resolving dependencies... Installing addressable 2.4.0 Installing ffi 1.9.10 Installing ethon 0.8.1   Gem::RemoteFetcher::UnknownHostError: no such name (https://rubygems.org/gems/mini_portile2-2.0.0.gem) An error occurred while installing mini_portile2 (2.0.0), and Bundler cannot continue. Make sure that `gem install mini_portile2 -v '2.0.0'` succeeds before bundling.

5. Install WPScan-specific dependencies, round 2.

]$ bundle install --without test --path vendor/bundle

Fetching gem metadata from https://rubygems.org/............ Resolving dependencies... Using addressable 2.4.0 Using ffi 1.9.10 Using ethon 0.8.1 Installing mini_portile2 2.0.0 Installing nokogiri 1.6.7.2 Installing ruby-progressbar 1.7.5 Installing terminal-table 1.4.5 Installing typhoeus 0.8.0 Installing yajl-ruby 1.2.1 Using bundler 1.7.6 Your bundle is complete! Gems in the group test were not installed. It was installed into ./vendor/bundle

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

Fetching gem metadata from https://rubygems.org/............ Resolving dependencies... Using addressable 2.4.0 Using ffi 1.9.10 Using ethon 0.8.1 Installing mini_portile2 2.0.0 Installing nokogiri 1.6.7.2 Installing ruby-progressbar 1.7.5 Installing terminal-table 1.4.5 Installing typhoeus 0.8.0 Installing yajl-ruby 1.2.1 Using bundler 1.7.6 Your bundle is complete! Gems in the group test were not installed. It was installed into ./vendor/bundle

6. Scan any WordPress website for potential vulnerabilities.

]$ ./wpscan.rb --url wp-root.org


__________________________________________________________ __ _______ _____ \ \ / / __ \ / ____| \ \ /\ / /| |__) | (___ ___ __ _ _ __ \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \ \ /\ / | | ____) | (__| (_| | | | | \/ \/ |_| |_____/ \___|\__,_|_| |_| WordPress Security Scanner by the WPScan Team Version 2.9 Sponsored by Sucuri - https://sucuri.net @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_ _______________________________________________________________ [i] It seems like you have not updated the database for some time. [?] Do you want to update now? [Y]es [N]o [A]bort, default: [N]Y [i] Updating the Database ... [i] Update completed. [i] The remote host tried to redirect to: https://wp-root.org/ [?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N]Y [+] URL: https://wp-root.org/ [+] Started: Sun Feb 14 14:29:04 2016 [+] robots.txt available under: 'https://wp-root.org/robots.txt' [+] Interesting entry from robots.txt: https://wp-root.org/go/ [+] Interesting entry from robots.txt: https://wp-root.org/wp-admin/admin-ajax.php [!] The WordPress 'https://wp-root.org/readme.html' file exists exposing a version number [+] Interesting header: LINK: <https://wp-root.org/wp-json/>; rel="https://api.w.org/", <https://wp-root.org/>; rel=shortlink [+] Interesting header: SET-COOKIE: slimstat_tracking_code=24726.3e7f4db27ad1dc1703e7d1fc47cd46df; expires=Sun, 14-Feb-2016 22:57:19 GMT; Max-Age=1800; path=/ [+] Interesting header: STRICT-TRANSPORT-SECURITY: max-age=63072000; preload [+] Interesting header: X-POWERED-BY: PHP/5.6.16 [+] XML-RPC Interface available under: https://wp-root.org/xmlrpc.php [+] WordPress version 4.4.2 identified from meta generator [+] WordPress theme in use: lightning - v0.2.3 [+] Name: lightning - v0.2.3 | Latest version: 0.2.3 (up to date) | Location: https://wp-root.org/wp-content/themes/lightning/ | Readme: https://wp-root.org/wp-content/themes/lightning/readme.txt | Style URL: https://wp-root.org/wp-content/themes/lightning/style.css | Referenced style.css: https://wp-root.org/wp-content/themes/lightning/style.css | Theme Name: Lightning | Theme URI: http://lightning.bizvektor.com | Description: Lightning is a very simple & easy to customize theme which is based on the Bootstrap. It is also ... | Author: Vektor,Inc. | Author URI: http://www.vektor-inc.co.jp [+] Enumerating plugins from passive detection ... | 4 plugins found: [+] Name: crayon-syntax-highlighter - v2.8.0 | Latest version: 2.8.0 (up to date) | Location: https://wp-root.org/wp-content/plugins/crayon-syntax-highlighter/ | Readme: https://wp-root.org/wp-content/plugins/crayon-syntax-highlighter/readme.txt [+] Name: gallery-factory | Location: https://wp-root.org/wp-content/plugins/gallery-factory/ [+] Name: widgetize-navigation-menu - v1.03 | Latest version: 1.03 (up to date) | Location: https://wp-root.org/wp-content/plugins/widgetize-navigation-menu/ | Readme: https://wp-root.org/wp-content/plugins/widgetize-navigation-menu/readme.txt [+] Name: wp-list-plugins - v2.2 | Latest version: 2.2 (up to date) | Location: https://wp-root.org/wp-content/plugins/wp-list-plugins/ | Readme: https://wp-root.org/wp-content/plugins/wp-list-plugins/readme.txt [+] Finished: Sun Feb 14 14:29:58 2016 [+] Requests Done: 79 [+] Memory used: 97.246 MB [+] Elapsed time: 00:00:53

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74

__________________________________________________________         __          _______   _____                           \ \        / /  __ \ / ____|                          \ \  /\  / /| |__) | (___   ___  __ _ _ __             \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \            \  /\  /  | |     ____) | (__| (_| | | | |             \/  \/   |_|    |_____/ \___|\__,_|_| |_|           WordPress Security Scanner by the WPScan Team                        Version 2.9           Sponsored by Sucuri - https://sucuri.net    @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_ _______________________________________________________________   [i] It seems like you have not updated the database for some time. [?] Do you want to update now? [Y]es [N]o [A]bort, default: [N]Y [i] Updating the Database ... [i] Update completed. [i] The remote host tried to redirect to: https://wp-root.org/ [?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N]Y [+] URL: https://wp-root.org/ [+] Started: Sun Feb 14 14:29:04 2016   [+] robots.txt available under: 'https://wp-root.org/robots.txt' [+] Interesting entry from robots.txt: https://wp-root.org/go/ [+] Interesting entry from robots.txt: https://wp-root.org/wp-admin/admin-ajax.php [!] The WordPress 'https://wp-root.org/readme.html' file exists exposing a version number [+] Interesting header: LINK: <https://wp-root.org/wp-json/>; rel="https://api.w.org/", <https://wp-root.org/>; rel=shortlink [+] Interesting header: SET-COOKIE: slimstat_tracking_code=24726.3e7f4db27ad1dc1703e7d1fc47cd46df; expires=Sun, 14-Feb-2016 22:57:19 GMT; Max-Age=1800; path=/ [+] Interesting header: STRICT-TRANSPORT-SECURITY: max-age=63072000; preload [+] Interesting header: X-POWERED-BY: PHP/5.6.16 [+] XML-RPC Interface available under: https://wp-root.org/xmlrpc.php   [+] WordPress version 4.4.2 identified from meta generator   [+] WordPress theme in use: lightning - v0.2.3   [+] Name: lightning - v0.2.3 |  Latest version: 0.2.3 (up to date) |  Location: https://wp-root.org/wp-content/themes/lightning/ |  Readme: https://wp-root.org/wp-content/themes/lightning/readme.txt |  Style URL: https://wp-root.org/wp-content/themes/lightning/style.css |  Referenced style.css: https://wp-root.org/wp-content/themes/lightning/style.css |  Theme Name: Lightning |  Theme URI: http://lightning.bizvektor.com |  Description: Lightning is a very simple & easy to customize theme which is based on the Bootstrap. It is also ... |  Author: Vektor,Inc. |  Author URI: http://www.vektor-inc.co.jp   [+] Enumerating plugins from passive detection ... | 4 plugins found:   [+] Name: crayon-syntax-highlighter - v2.8.0 |  Latest version: 2.8.0 (up to date) |  Location: https://wp-root.org/wp-content/plugins/crayon-syntax-highlighter/ |  Readme: https://wp-root.org/wp-content/plugins/crayon-syntax-highlighter/readme.txt   [+] Name: gallery-factory |  Location: https://wp-root.org/wp-content/plugins/gallery-factory/   [+] Name: widgetize-navigation-menu - v1.03 |  Latest version: 1.03 (up to date) |  Location: https://wp-root.org/wp-content/plugins/widgetize-navigation-menu/ |  Readme: https://wp-root.org/wp-content/plugins/widgetize-navigation-menu/readme.txt   [+] Name: wp-list-plugins - v2.2 |  Latest version: 2.2 (up to date) |  Location: https://wp-root.org/wp-content/plugins/wp-list-plugins/ |  Readme: https://wp-root.org/wp-content/plugins/wp-list-plugins/readme.txt   [+] Finished: Sun Feb 14 14:29:58 2016 [+] Requests Done: 79 [+] Memory used: 97.246 MB [+] Elapsed time: 00:00:53