Wpscan V3.4.5 - Dark Box Wordpress Vulnerability Scanner


WPScan is a free, for non-commercial use, dark box WordPress vulnerability scanner written for safety professionals together with weblog maintainers to seek out the safety of their sites.

INSTALL

Prerequisites
  • (Optional but highly recommended: RVM)
  • Ruby >= 2.3 - Recommended: latest
    • Ruby 2.5.0 to 2.5.3 tin drive an 'undefined symbol: rmpd_util_str_to_d' fault inwards to a greater extent than or less systems, meet #1283
  • Curl >= 7.21 - Recommended: latest
    • The 7.29 has a segfault
  • RubyGems - Recommended: latest

From RubyGems (Recommended)
gem install wpscan
On MacOSX, if a Gem::FilePermissionError is raised due to the Apple's System Integrity Protection (SIP), either install RVM together with install wpscan again, or run sudo jewel install -n /usr/local/bin wpscan (see #1286)

From sources (NOT Recommended)
Prerequisites: Git
git clone https://github.com/wpscanteam/wpscan cd wpscan/ bundle install && rake install

Updating
You tin update the local database yesteryear using wpscan --update
Updating WPScan itself is either done via gem update wpscan or the packages manager (this is quite of import for distributions such equally inwards Kali Linux: apt-get update && apt-get upgrade) depending how WPScan was (pre)installed

Docker
Pull the repo amongst docker push clit wpscanteam/wpscan
Enumerating usernames
docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u
Enumerating a make of usernames
docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u1-100
** supplant u1-100 amongst a make of your choice.

Usage
wpscan --url blog.tld This volition scan the weblog using default options amongst a adept compromise betwixt speed together with accuracy. For example, the plugins volition live checked passively but their version amongst a mixed detection fashion (passively + aggressively). Potential config backup files volition also live checked, along amongst other interesting findings. If a to a greater extent than stealthy approach is required, together with then wpscan --stealthy --url blog.tld tin live used. As a result, when using the --enumerate option, don't forget to laid upwards the --plugins-detection accordingly, equally its default is 'passive'.
For to a greater extent than options, opened upwards a terminal together with type wpscan --help (if you lot built wpscan from the source, you lot should type the ascendance exterior of the git repo)
The DB is located at /.wpscan/db
WPScan tin charge all options (including the --url) from configuration files, the next locations are checked (order: outset to last):
  • /.wpscan/cli_options.json
  • /.wpscan/cli_options.yml
  • pwd/.wpscan/cli_options.json
  • pwd/.wpscan/cli_options.yml
If those files exist, options from them volition live loaded together with overridden if establish twice.
e.g:
/.wpscan/cli_options.yml:
proxy: 'http://127.0.0.1:8080' verbose: true
pwd/.wpscan/cli_options.yml:
proxy: 'socks5://127.0.0.1:9090' url: 'http://target.tld'
Running wpscan inwards the electrical flow directory (pwd), is the same equally wpscan -v --proxy socks5://127.0.0.1:9090 --url http://target.tld
Enumerating usernames
wpscan --url https://target.tld/ --enumerate u
Enumerating a make of usernames
wpscan --url https://target.tld/ --enumerate u1-100
** supplant u1-100 amongst a make of your choice.

LICENSE

WPScan Public Source License
The WPScan software (henceforth referred to merely equally "WPScan") is dual-licensed - Copyright 2011-2019 WPScan Team.
Cases that include commercialization of WPScan require a commercial, non-free license. Otherwise, WPScan tin live used without accuse nether the damage laid upwards out below.

1. Definitions
1.1 "License" agency this document.
1.2 "Contributor" agency each private or legal entity that creates, contributes to the creation of, or owns WPScan.
1.3 "WPScan Team" agency WPScan’s gist developers.

2. Commercialization
Influenza A virus subtype H5N1 commercial work is i intended for commercial payoff or monetary compensation.
Example cases of commercialization are:
  • Using WPScan to supply commercial managed/Software-as-a-Service services.
  • Distributing WPScan equally a commercial production or equally business office of one.
  • Using WPScan equally a value added service/product.
Example cases which create non require a commercial license, together with thus autumn nether the damage laid upwards out below, include (but are non limited to):
  • Penetration testers (or penetration testing organizations) using WPScan equally business office of their assessment toolkit.
  • Penetration Testing Linux Distributions including but non limited to Kali Linux, SamuraiWTF, BackBox Linux.
  • Using WPScan to seek out your ain systems.
  • Any non-commercial work of WPScan.
If you lot ask to buy a commercial license or are unsure whether you lot ask to buy a commercial license contact us - team@wpscan.org.
Free-use Terms together with Conditions;

3. Redistribution
Redistribution is permitted nether the next conditions:
  • Unmodified License is provided amongst WPScan.
  • Unmodified Copyright notices are provided amongst WPScan.
  • Does non conflict amongst the commercialization clause.

4. Copying
Copying is permitted so long equally it does non conflict amongst the Redistribution clause.

5. Modification
Modification is permitted so long equally it does non conflict amongst the Redistribution clause.

6. Contributions
Any Contributions assume the Contributor grants the WPScan Team the unlimited, non-exclusive correct to reuse, alter together with relicense the Contributor's content.

7. Support
WPScan is provided nether an AS-IS footing together with without whatsoever support, updates or maintenance. Support, updates together with maintenance may live given according to the sole discretion of the WPScan Team.

8. Disclaimer of Warranty
WPScan is provided nether this License on an “as is” basis, without warranty of whatsoever kind, either expressed, implied, or statutory, including, without limitation, warranties that the WPScan is gratis of defects, merchantable, lucifer for a item role or non-infringing.

9. Limitation of Liability
To the extent permitted nether Law, WPScan is provided nether an AS-IS basis. The WPScan Team shall never, together with without whatsoever limit, live liable for whatsoever damage, cost, expense or whatsoever other payment incurred equally a outcome of WPScan's actions, failure, bugs and/or whatsoever other interaction betwixt WPScan together with end-equipment, computers, other software or whatsoever tertiary party, end-equipment, reckoner or services.

10. Disclaimer
Running WPScan against websites without prior usual consent may live illegal inwards your country. The WPScan Team bring no liability together with are non responsible for whatsoever misuse or impairment caused yesteryear WPScan.

11. Trademark
The "wpscan" term is a registered trademark. This License does non grant the work of the "wpscan" trademark or the work of the WPScan logo.