WAF>> Wordpress-scanner>> 返回
项目作者: RamadhanAmizudin

项目描述 :
Wordpress Vulnerability Scanner
高级语言: PHP
项目地址: git://github.com/RamadhanAmizudin/Wordpress-scanner.git
创建时间: 2013-02-16T00:16:08Z
项目社区:https://github.com/RamadhanAmizudin/Wordpress-scanner
开源协议:MIT License
下载


Introduction

A Wordpress Scanner written in PHP, focus on vulnerability assessment and security audit of misconfiguration in the Wordpress installation.
Wordpress Scanner is capable of finding the flaws in the Wordpress installation and will provide all the information regarding the vulnerability.
Wordpress Scanner is not a tool for code auditing, it performs “black box” scanning for the Wordpress powered web application.

The basic security check will review a WordPress installation for common security related mis-configurations. Testing with the basic check option uses regular web requests.
The system downloads a handful of pages from the target site, then performs analysis on the resulting html source.

Usage

  1. Usage: php app.php [options]
  3. Options:
  4.         -h,   --help                    Show this help message.
  5.         -u,   --url                     Target URL (e.g. "http://mywp.com/")
  6.         -f,   --force                   Ignore if target is not wordpress.
  7.         -v,   --version                 Check for available version
  8.         --upgrade                       Upgrade to newer version
  9.         --wpvulndb                      Use WPVulnDB API Instead of local database. (Powered by wpvulndb.com API)
  10.         --no-log                        Disable Logging
  12. Request:
  13.         --ua, --user-agent              Set user-agent, default: random user agent
  14.         -t,   --thread                  numbers of threads, default: 10
  15.         --proxy                         Set proxy. eg: protocol://[username:password@]host:port
  17. Scanning:
  18.         -d,   --default                 Default scanning mode
  19.                                         Equivalent to --dp,--dt,--b option
  20.         -b,   --basic                   Show basic information about target
  21.                                         Eg: robots.txt path, check multisite, registration enable, readme file
  22.         --dp, --discover-plugin         Discover plugin(s) via html source
  23.         --dt, --discover-theme          Discover theme(s) via html source
  25. Plugin/Theme Enumeration:
  26.         --ep, --enumerate-plugin        Enumerate plugins
  27.         --et, --enumerate-theme         Enumerate themes
  28.         --vp, --vuln-plugin             Enumerate vulnerable plugins only
  29.         --vt, --vuln-theme              Enumerate vulnerable themes only
  31. User Enumeration:
  32.         --eu, --enumerate-user          Enumerate users
  33.         -i,   --iterate                 numbers of iteration, default: 10
  34.         -f,   --feed                    Enumerate through rss feeds, default: author pages
  35.         -B,   --ubrute                  Set wordlist file(full path) to bruteforce username, default will use built-in wordlist
  36.         -p,   --protect                 Check if the site is protected before bruteforcing, use with -B or --ubrute
  38. Bruteforce:
  39.         --bf, --bruteforce              Bruteforce Mode
  40.         -x, --xmlrpc                    Bruteforce through XMLRPC interface.
  41.         -p, --protect                   Check if the site is protected before bruteforcing.
  42.         -F, --ufound                    Set username to enumerated users.
  43.         -U, --user                      Set username or file containing user lists.
  44.         -w, --wordlist                  Set wordlist file(full path), default will use built-in wordlist.

Requirements

  • At least PHP 5.4
  • PHP cURL Extension
  • PHP JSON Extension

Installation

Windows

Download http://windows.php.net/downloads/releases/php-5.4.41-Win32-VC9-x86.zip

Tick cURL Extension on installation step

Ubuntu/Debian-based

sudo apt-get install php5 php5-curl php5-json

Mac OSX

curl -s http://php-osx.liip.ch/install.sh | bash -s 5.4

To Do List

  • Rewrite code to be more modular
  • Unit Tests
  • Add Web UI
  • Add custom wordpress directory(wp-content and wp-plugin)
  • Vulnerability Database (currently using https://wpvulndb.com)

Contribution

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Make your changes
  4. Commit your changes (git commit -am 'Added some feature')
  5. Push to the branch (git push origin my-new-feature)
  6. Create new Pull Request
  7. Pat yourself on the back for being so awesome

License

MIT License. Copyright (c) 2015 Ahmad Ramadhan Amizudin. See License.

Contacts

ramadhan.amizudin at gmail dot com