README update output + Screenshots

pull/4/head
Swissky 2017-02-25 23:48:28 +01:00
parent 7b50368282
commit 0c9e70150b
3 changed files with 74 additions and 1 deletions

View File

@ -1,8 +1,8 @@
# Wordpresscan # Wordpresscan
A simple Wordpress scanner written in python
``` ```
WORK IN PROGRESS - DO NOT USE WORK IN PROGRESS - DO NOT USE
``` ```
A simple Wordpress scanner written in python
## Disclaimer ## Disclaimer
``` ```
@ -10,6 +10,79 @@ The author of this github is not responsible for misuse or for any damage that y
You agree that you use this software at your own risk. You agree that you use this software at your own risk.
``` ```
# Output example from a test environment
```bash
_______________________________________________________________
_ _ _
| | | | | |
| | | | ___ _ __ __| |_ __ _ __ ___ ___ ___ ___ __ _ _ __
| |/\| |/ _ \| '__/ _` | '_ \| '__/ _ \/ __/ __|/ __/ _` | '_ \
\ /\ / (_) | | | (_| | |_) | | | __/\__ \__ \ (_| (_| | | | |
\/ \/ \___/|_| \__,_| .__/|_| \___||___/___/\___\__,_|_| |_|
| |
|_|
Wordpress scanner based on wpscan work - @pentest_swissky
_______________________________________________________________
[+] URL: http://localhost/wp_target

[!] The Wordpress 'http://localhost/wp_target/readme.html' file exposing a version number: 3.2.1
[!] Debug log file found: http://localhost/wp_target/debug.log
[!] A wp-config.php backup file has been found in: http://localhost/wp_target/wp-config.php.bak
[i] Uploads directory has directory listing enabled : http://localhost/wp_target/wp-content/uploads/
[i] Includes directory has directory listing enabled : http://localhost/wp_target/wp-includes/
[+] robots.txt available under: http://localhost/wp_target/robots.txt 
[+] Interesting entry from robots.txt: Disallow: /wp-admin/
[+] Interesting entry from robots.txt: Disallow: /wp-includes/
[+] Interesting entry from robots.txt: Disallow: /wordpress/admin/
[+] Interesting entry from robots.txt: Disallow: /wordpress/wp-admin/
[+] Interesting entry from robots.txt: Disallow: /wordpress/secret/
[+] Interesting entry from robots.txt: Disallow: /Wordpress/wp-admin/
[+] Interesting entry from robots.txt: Disallow: /wp-admin/tralling-space/ 
[i] Full Path Disclosure (FPD) in http://localhost/wp_target/wp-includes/rss-functions.php exposing /home/web/www/blog/wordpress/wp-includes/rss-functions.php
[+] WordPress version 3.2.1 identified from advanced fingerprinting
[i] REDIRECT : WordPress 3.0 - 3.6 Crafted String URL Redirect Restriction Bypass - ID:5970
[+] Fixed in 3.6.1
[+] References:
- http://packetstormsecurity.com/files/123589/
- http://core.trac.wordpress.org/changeset/25323
- http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609
- Exploitdb 28958
- Cve 2013-4339
- Secunia 54803
[i] SSRF : WordPress 1.5.1 - 3.5 XMLRPC Pingback API Internal/External Port Scanning - ID:5988
[+] Fixed in 3.5.1
[+] References:
- https://github.com/FireFart/WordpressPingbackPortScanner
- Cve 2013-0235
[...]
[i] UNKNOWN : WordPress <= 4.7 - Post via Email Checks mail.example.com by Default - ID:8719
[+] Fixed in 4.7.1
[+] References:
- https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
- https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
- Cve 2017-5491
[i] CSRF : WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF) - ID:8720
[+] Fixed in 4.7.1
[+] References:
- https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
- https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
- Cve 2017-5492
[i] UNKNOWN : WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG) - ID:8721
[+] Fixed in 4.7.1
[+] References:
- https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
- https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
- Cve 2017-5493
```
## Install & Launch ## Install & Launch
```bash ```bash
git clone https://github.com/swisskyrepo/Wordpresscan.git git clone https://github.com/swisskyrepo/Wordpresscan.git

BIN
screens/Version 3.2.1.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.8 MiB

BIN
screens/Version 4.4.7.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.6 MiB