wordpress插件漏洞扫描

WPscan

http://code.google.com/p/wpscan/

root@bt5:/tmp# svn checkout http://wpscan.googlecode.com/svn/trunk/ ./wpscan

root@bt5:/tmp# apt-get install libcurl4-gnutls-dev

root@bt5:/tmp# gem install --user-install mime-types typhoeus nokogiri json

root@bt5:/tmp/wpscan# ruby wpscan.rb --url www.target.com --enumerate p

Plecost

root@bt5:/pentest/web/scanners/plecost# ./plecost-0.2.2-9-beta.py -i wp_plugin_list.txt -c http://www.target.com/

CMS-Explorer

root@bt5:/pentest/enumeration/web/cms-explorer# ./cms-explorer.pl -url http://www.target.com/ -explore -type wordpress

root@bt5:/pentest/enumeration/web/cms-explorer# ./cms-explorer.pl -url http://www.target.com/ -explore -type wordpress -osvdb

PluginsScan

root@bt5:/tmp# ./PluginsScan.py


你可能感兴趣的:(wordpress,checkout,插件扫描)