Using Free Wordpress Security Scanner - WPSeku | ComputingForGeeks
source link: https://computingforgeeks.com/using-free-wordpress-security-scanner-wpseku/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
It is not easy to get an easy to use and working free Wordpress Security Scanner. In this guide, I’ll introduce a free tool called WPSeku which is written in Python. This makes it portable to any system.
From Wikipedia, A vulnerability scanner is defined as a computer program that’s designed to assess computers, computer systems, networks or applications for known weaknesses.
A vulnerability scanner is used to discover the weak points or poorly constructed parts in a system e.g vulnerabilities relating to mis-configured assets or flawed software that resides on a network-based asset such as a firewall, router, web server, application server, etc.
WPSeku is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues.
Install WordPress Vulnerability Scanner – WPSeku
The WPSeku Wordpress Security Scanner tool requires python 3. If you don’t have it make sure to get it installed first before you continue.
# which python3 /usr/bin/python3
Once you confirm python3 is installed, install WPSeku Wordpress Security Scanner from Github.
Clone repository:
$ git clone https://github.com/m4ll0k/WPSeku.git wpseku
Cloning into 'wpseku'...
remote: Counting objects: 310, done.
remote: Compressing objects: 100% (80/80), done.
remote: Total 310 (delta 34), reused 54 (delta 12), pack-reused 216
Receiving objects: 100% (310/310), 880.00 KiB | 528.00 KiB/s, done.
Resolving deltas: 100% (163/163), done.
Change to the wpseku directory.
$ cd wpseku
Install python dependencies using pip3.
Ensure you have pip3 installed. For Ubuntu and Debian, you can install it using:
$ sudo apt-get install python3-pip
Then:
sudo pip3 install -r requirements.txt
Run wpseku.py script.
$ python3 wpseku.py
WordPress Security Scanner – WPSeku usage
Some options which can be passed to the wpseku.py script is:
-u –url Target URL (e.g: http://site.com)
-b –brute Bruteforce login via xmlrpc
-U –user Set username for bruteforce, default “admin”
-s –scan Checking WordPress plugin code
-p –proxy Use a proxy, (host:port)
-c –cookie Set HTTP Cookie header value
-a –agent Set HTTP User-agent header value
-r –ragent Use random User-agent header value
-R –redirect Set redirect target URL False
-t –timeout Seconds to wait before timeout connection
-w –wordlist Set wordlist, default “db/wordlist.txt”
-v –verbose Print more information
-h –help Show this help and exit
Let’s look at some examples.
Generic WPSeku Scan
$ python3 wpseku.py --url https://www.xxxxxxx.com --verbose
Sample output.
----------------------------------------
_ _ _ ___ ___ ___| |_ _ _
| | | | . |_ -| -_| '_| | |
|_____| _|___|___|_,_|___|
|_| v0.4.0
WPSeku - Wordpress Security Scanner
by Momo Outaadi (m4ll0k)
----------------------------------------
[ + ] Target: https://www.xxxxxxx.com
[ + ] Starting: 02:38:51
[ + ] Server: Apache
[ + ] Uncommon header "X-Pingback" found, with contents: https://www.xxxxxxx.com/xmlrpc.php
[ i ] Checking Full Path Disclosure...
[ + ] Full Path Disclosure: /home/ehc/public_html/wp-includes/rss-functions.php
[ i ] Checking wp-config backup file...
[ + ] wp-config.php available at: https://www.xxxxxxx.com/wp-config.php
[ i ] Checking common files...
[ + ] robots.txt file was found at: https://www.xxxxxxx.com/robots.txt
[ + ] xmlrpc.php file was found at: https://www.xxxxxxx.com/xmlrpc.php
[ + ] readme.html file was found at: https://www.xxxxxxx.com/readme.html
[ i ] Checking directory listing...
[ + ] Dir "/wp-admin/css" listing enable at: https://www.xxxxxxx.com/wp-admin/css/
[ + ] Dir "/wp-admin/images" listing enable at: https://www.xxxxxxx.com/wp-admin/images/
[ + ] Dir "/wp-admin/includes" listing enable at: https://www.xxxxxxx.com/wp-admin/includes/
[ + ] Dir "/wp-admin/js" listing enable at: https://www.xxxxxxx.com/wp-admin/js/
[ + ] WordPress login is protected by WAF
[ i ] Checking robots paths...
[ i ] Checking WordPress version...
[ i ] Passive enumeration themes...
[ + ] Not found themes with passive enumeration
[ i ] Passive enumeration plugins...
[ + ] Not found plugins with passive enumeration
[ i ] Enumerating users...
[ + ] Not found usernames...
-------------------------
| ID | Username | Login |
-------------------------
-------------------------
Scan plugin, theme and WordPress code
You can as well do a scanning for plugins, themes and WordPress code. Type:
$ python3 wpseku.py --scan <dir/file> --verbose
Where /dir is the absolute path to your WordPress installation directory. Can be the parent, plugins or themes directory.
WPSeku Bruteforce Login
To perform brute-force login attempt, first, you need a dictionary list with passwords to try against. A sample file is available on db/wordlist.txt.
$ python3 wpseku.py --url https://www.xxxxxxx.com --brute --user test --wordlist wl.txt --verbose
Replace user with WordPress username to try against and wl.txt with your passwords wordlist.
Tags:
- Free Wordpress Security Scanner
WordPress Vulnerability scanner
Check for Vulnerabilities on WordPress
Vulnerability checks on WordPress
Wordpress Plugins and Themes vulnerability scanner | scanning
Recommend
-
88
README.md WPSeku - Wordpress Security Scanner WPSeku is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues.
-
10
WPScan – A Black Box WordPress Vulnerability Scanner WordPress is all over the web; it’s the most popular and most used content management system (CMS) out there. Is your website...
-
8
How to reset forgotten Wordpress admin passwordSearch ComputingForGeeksDid you forget your WordPress admin p...
-
9
How to protect your computerSurfing the Internet allows for the ultimate user to be informed, educated, entertained, yes communicates, and performs electronic transactions. All in all, the use of the Internet is cons...
-
2
WordPress security scannerWPScan, an acronym of WordPress security scanner is a free non-commercial, command-line tool and black box vulnerability scanner written in Ruby programming...
-
8
smarter cd command for Linux/macOSOne of the major operations on the terminal is navigating into various directories on your system. There are several directories with different naming on Linux/macOS. Working with these directories at times c...
-
11
Run Wazuh Server in Docker Containers using Docker ComposeToday, with the increase in sophisticated cyber threats, there is a high need for real-time monitoring and analysis on systems to detect threats on time and act accordingly.
-
7
Secure Plex and Kodi Media Server using Let's Encrypt SSLMedia servers play an important role in the entertainment sector, they are used to store and access/stream digital content such as videos, LiveTV, photos, podcasts, and music over the i...
-
13
cPanel Wordpress version/vulnerability scannerSeptember 23, 2013Introduction I’ve found myself in front of a number of cPanel servers lately. The first thing I became aware of it that cPanel has a series of security chec...
-
3
Free & open source security scanner for developers
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK