NO1
root@bt:/pentest/web/wpscanteam# sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev
root@bt:/pentest/web/wpscanteam# sudo gem install –user-install typhoeus -v ’0.4.2′
搞定之
root@bt:/pentest/web/wpscanteam# ruby wpscan.rb
____________________________________________________
__ _______ _____
\ \ / / __ \ / ____|
\ \ /\ / /| |__) | (___ ___ __ _ _ __
\ \/ \/ / | ___/ \___ \ / __|/ _` | ‘_ \
\ /\ / | | ____) | (__| (_| | | | |
\/ \/ |_| |_____/ \___|\__,_|_| |_| v2.0rNA
WordPress Security Scanner by the WP Scan Team
Sponsored by the RandomStorm Open Source Initiative
_____________________________________________________
Examples :
-Further help …
ruby wpscan.rb –help
-Do ‘non-intrusive’ checks …
ruby wpscan.rb –url HdhCmsTestexample测试数据
-Do wordlist password brute force on enumerated users using 50 threads …
-Do wordlist password brute force on the ‘admin’ username only …
ruby wpscan.rb –url HdhCmsTestexample测试数据 –wordlist darkc0de.lst –username admin
-Enumerate installed plugins …
ruby wpscan.rb –url HdhCmsTestexample测试数据 –enumerate p
-Enumerate installed themes …
ruby wpscan.rb –url HdhCmsTestexample测试数据 –enumerate t
-Enumerate users …
ruby wpscan.rb –url HdhCmsTestexample测试数据 –enumerate u
-Enumerate installed timthumbs …
ruby wpscan.rb –url HdhCmsTestexample测试数据 –enumerate tt
-Use a HTTP proxy …
-Use a SOCKS5 proxy … (cURL >= v7.21.7 needed)
-Use custom content directory …
ruby wpscan.rb -u HdhCmsTestexample测试数据 –wp-content-dir custom-content
-Use custom plugins directory …
ruby wpscan.rb -u HdhCmsTestexample测试数据 –wp-plugins-dir wp-content/custom-plugins
-Update …
ruby wpscan.rb –update
查看更多关于wpscan使用方法 - 网站安全 - 自学php的详细内容...