burp_wp: WPScan like plugin for Burp Suite




Burp WP
Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy.
Usage
Install extension. Browse WordPress sites through Burp proxy. Vulnerable plugins and themes will appear in the issue list.
Usage

If you have Burp Pro, issues will also appear inside Scanner tab. Interesting things will be highlighted.
Usage pro
Installation
  1. Download Jython standalone JAR, for example, version 2.7
  2. Go to Extender->Options. Set path inside Location of Jython standalone JAR file
Install Jython
  1. Download newest Burp WP
  2. Go to Extender->Extensions. Click Add. Set Extension type to Python. Set path inside Extension file.
Install Burp WP
  1. Burp WP should appear inside Burp Extensions list. Also you will see new tab.
Installed extension

Intruder payload generator

Because proxy requests and responses are used it’s not possible to discover all plugins and themes installed on a specific website.
You can try to get more information manually using intruder payload generator.
Right click on URL inside Proxy->HTTP history and choose Send to Burp WP IntruderSend to intruder
This will replace request method to GET, remove all parameters and set payload position marker.
Now go to Intruder->Tab X->Positions. Correct URL so it points to WordPress homepage.
Intruder positions
Inside Payloads tab uncheck Payload encoding so / won’t be converted to %2f.
Then set Payload type to Extension generated. Now click Select generator:
Intruder choose payload
There are 3 generators:
  1. WordPress Plugins
  2. WordPress Themes
  3. WordPress Plugins and themes
Intruder attack
Copyright (c) 2018 Kacper Szurek