動かざることバグの如し

3分経てば忘れそうなことをメモします

wpscanでWordPressの脆弱性診断を行う

環境

  • Ruby(2.4指定されたけど2017年3月6日現在

インストール

Githubが最新版 普通にgit clone

github.com

rubyなのでbundle install

コマンド

# 念のためアプデ
bundle exec ruby wpscan.rb --update

# 診断開始
bundle exec ruby wpscan.rb --url www.example.com

# ユーザー名の特定
bundle exec ruby wpscan.rb --url www.example.com --enumerate u

# プロキシを挟む場合
bundle exec ruby wpscan.rb --url www.example.com --proxy http://8.8.8.8:8080 --proxy-auth user:password

実行例

thr3a:wpscan thr3a$ bundle exec wpscan.rb --url http://www.************************.net/
_______________________________________________________________
        __          _______   _____                  
        \ \        / /  __ \ / ____|                 
         \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \ 
           \  /\  /  | |     ____) | (__| (_| | | | |
            \/  \/   |_|    |_____/ \___|\__,_|_| |_|

        WordPress Security Scanner by the WPScan Team 
                       Version 2.9.2
          Sponsored by Sucuri - https://sucuri.net
   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
_______________________________________________________________

[i] It seems like you have not updated the database for some time.
[?] Do you want to update now? [Y]es [N]o [A]bort, default: [N]Y
[i] Updating the Database ...
[i] Update completed.
[+] URL: http://www.************************.net/
[+] Started: Sat Mar 11 09:28:41 2017

[+] robots.txt available under: 'http://www.************************.net/robots.txt'
[!] The WordPress 'http://www.************************.net/readme.html' file exists exposing a version number
[+] Interesting header: SERVER: Apache
[+] XML-RPC Interface available under: http://www.************************.net/xmlrpc.php

[+] WordPress version 4.1.16 (Released on 2017-03-06) identified from meta generator, rss generator, rdf generator, atom generator, readme, links opml

[+] WordPress theme in use: xeory_base_20150528 - v0.1.3

[+] Name: xeory_base_20150528 - v0.1.3
 |  Location: http://www.************************.net/wp-content/themes/xeory_base_20150528/
 |  Style URL: http://www.************************.net/wp-content/themes/xeory_base_20150528/style.css
 |  Theme Name: XeoryBase_TREND
 |  Theme URI: http://xeory.jp/
 |  Description: Xeoryベーステーマ
 |  Author: バズ部
 |  Author URI: http://bazubu.com/

[+] Enumerating plugins from passive detection ...
 | 1 plugin found:

[+] Name: contact-form-7 - v4.1.2
 |  Last updated: 2017-03-03T19:29:00.000Z
 |  Location: http://www.************************.net/wp-content/plugins/contact-form-7/
 |  Readme: http://www.************************.net/wp-content/plugins/contact-form-7/readme.txt
[!] The version is out of date, the latest version is 4.7

[+] Finished: Sat Mar 11 09:28:54 2017
[+] Requests Done: 89
[+] Memory used: 55.051 MB
[+] Elapsed time: 00:00:12