wordpress插件漏洞扫描
2015-03-18 09:16
120 查看
WPscan http://code.google.com/p/wpscan/ root@bt5:/tmp# svn checkout http://wpscan.googlecode.com/svn/trunk/ ./wpscan
root@bt5:/tmp# apt-get install libcurl4-gnutls-dev
root@bt5:/tmp# gem install --user-install mime-types typhoeus nokogiri json
root@bt5:/tmp/wpscan# ruby wpscan.rb --url www.target.com --enumerate p
Plecost
root@bt5:/pentest/web/scanners/plecost# ./plecost-0.2.2-9-beta.py -i wp_plugin_list.txt -c http://www.target.com/ CMS-Explorer
root@bt5:/pentest/enumeration/web/cms-explorer# ./cms-explorer.pl -url http://www.target.com/ -explore -type wordpress
root@bt5:/pentest/enumeration/web/cms-explorer# ./cms-explorer.pl -url http://www.target.com/ -explore -type wordpress -osvdb
PluginsScan
root@bt5:/tmp# ./PluginsScan.py
root@bt5:/tmp# apt-get install libcurl4-gnutls-dev
root@bt5:/tmp# gem install --user-install mime-types typhoeus nokogiri json
root@bt5:/tmp/wpscan# ruby wpscan.rb --url www.target.com --enumerate p
Plecost
root@bt5:/pentest/web/scanners/plecost# ./plecost-0.2.2-9-beta.py -i wp_plugin_list.txt -c http://www.target.com/ CMS-Explorer
root@bt5:/pentest/enumeration/web/cms-explorer# ./cms-explorer.pl -url http://www.target.com/ -explore -type wordpress
root@bt5:/pentest/enumeration/web/cms-explorer# ./cms-explorer.pl -url http://www.target.com/ -explore -type wordpress -osvdb
PluginsScan
root@bt5:/tmp# ./PluginsScan.py
相关文章推荐
- WordPress FuneralPress插件多个HTML注入漏洞
- WordPress Quick Paypal Payments插件HTML注入漏洞
- WP e-Commerce WordPress Payment Gateways Caller插件本地文件包含漏洞
- WordPress WP Super Cache插件远程PHP代码执行漏洞
- WordPress Citizen Space插件跨站请求伪造漏洞
- WordPress WP Photo Album Plus插件“commentid”参数跨站脚本漏洞
- WordPress Related Posts by Zemanta插件跨站请求伪造漏洞
- wordpress漏洞扫描工具使用(wpscan实战)
- WordPress Store Locator Plus 插件'query'参数SQL注入漏洞
- WordPress Exploit Scanner插件安全绕过漏洞
- WordPress Events Manager插件多个跨站脚本漏洞
- WordPress 后台插件更新模块任意目录遍历导致DOS漏洞和IP验证不当漏洞
- WordPress Simple Paypal Shopping Cart插件跨站请求伪造漏洞
- WordPress NextGEN Gallery插件‘swfupload.swf’多个跨站脚本漏洞
- WordPress WP-Print插件跨站请求伪造漏洞
- WordPress Traffic Analyzer插件‘aoid’参数跨站脚本漏洞
- WordPress Tweet Blender插件跨站脚本漏洞
- WordPress All in One Webmaster插件跨站请求伪造漏洞
- WordPress漏洞扫描工具WPScan
- WordPress Securimage-WP插件‘siwp_test.php’跨站脚本漏洞