WordPress is the leading CMS (Content Management System) in today's world. Tons of people making their website using WordPress, for an idea WordPress powers over 75 million sites on the web. This is huge. Almost 37.8% of the internet captured by WordPress.
But in news we can see that many WordPress vulnerabilities are discovered. WPScan is a tool where we can test vulnerability of WordPress websites. In today's tutorial we learn how we can find bugs on WordPress websites using WPScan on our Kali Linux system.
WPScan comes pre-installed with Kali Linux 2020 versions. We can access it directly from our terminal. On our Kali Linux terminal we need to type following command to see the help of WPScan.
The following screenshot shows us the help section of WPScan.
Now we can scan our WordPress website with WPScan tool using --url flag. But we need to make sure that the website belongs to us or we have legal permission to test that website. Because harming others property (read website) is a serious crime.We have a locally hosted WordPress site, which is running on our own computer in this tutorial we use it.
Now to scan this website or any other website we need the URL or IP address, here in our case the IP address is http://172.17.0.2. We run the following command to start the scan:The screenshot of the command is following:
WPScan is asking for updates |
Here i the above screenshot we can see that WPScan is asking for updates, we press Y for 'Yes' and if the update available it will update itself and start scanning our given target. After the scan complete we got a result like following screenshot:
In the above screenshot we can see that we got some vulnerability
We did not used WPVulnDB API token. However we recommended to use API token from WPScan official website. To create a API token we need to register to WPScan's website.
Then we need to crate a free profile and we got a API token for free. Free version is limited to 50 daily requests.
For security reason we hide API token partially |
Now we again scan the target but this time we scan with the API key. To do this we apply following command in our terminal window:
Now this scan will be performed with API token.
Using WPScan we can get information of vulnerabilities with some details.
In the above screenshot we can clearly see the vulnerabilities and some links. If we navigate to the given link we can know more about the vulnerability.
Not only this there are lots of more options. WPScan is a very big tool. To check all it's options and details we can use following command:
Here we see all the options available in WPScan. We can read this all and use these functions easily.
WPScan is very helpful to find security loopholes on WordPress websites. Specially when the WordPress site's admins didn't update the themes and plugins. Sometimes in some WordPress site we can see admin still using a vulnerable item.
In this way a WordPress website can be compromised, as a cybersecurity expert we should not use old plugins or themes on WordPress site. We also should not use third party themes and plugins on Content Management System or CMS (like WordPress, Drupal etc). To test other CMS we should use CMSeeK.
Comments