首页 > 其他分享 >wpscan 工具使用笔记

wpscan 工具使用笔记

时间:2024-06-17 11:23:43浏览次数:22  
标签:00 -- xxx 笔记 Passive wpscan https 工具

安装

参考:https://wpscan.com/how-to-install-wpscan/

Docker
We also support Docker. Pull the repo with:

docker pull wpscanteam/wpscan

Example Docker command to enumerate usernames:

docker run -it --rm wpscanteam/wpscan --url https://example.com/ --enumerate u

我们选择直接使用 Docker 进行扫描。

获取 API Token

需要注册后获取,https://wpscan.com/register/

测试

枚举插件 wpscan --url target --plugins-detection passive --api-token your_api_token
枚举易受攻击的插件 wpscan --url target  -evp  --api-token your_api_token
快速扫描指定站点 wpscan --url target  -e  --api-token your_api_token
枚举用户名 wpscan --url target  --enumerate u  --api-token your_api_token
扫描所有主题和漏洞 wpscan --url target  --enumerate vt  --api-token your_api_token

# docker run -it --rm wpscanteam/wpscan --url https://www.xxx.io/ --api-token your_api_token -e _______________________________________________________________ __ _______ _____ \ \ / / __ \ / ____| \ \ /\ / /| |__) | (___ ___ __ _ _ __ ® \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \ \ /\ / | | ____) | (__| (_| | | | | \/ \/ |_| |_____/ \___|\__,_|_| |_| WordPress Security Scanner by the WPScan Team Version 3.8.25 Sponsored by Automattic - https://automattic.com/ @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart _______________________________________________________________ [+] URL: https://www.xxx.io/ [13.33.30.112] [+] Effective URL: https://www.xxx.io/en/ [+] Started: Fri Jun 14 10:52:45 2024 Interesting Finding(s): [+] Headers | Interesting Entries: | - server: nginx | - content-security-policy: upgrade-insecure-requests | - permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self 'https://player.vimeo.com'), payment=() | - referrer-policy: strict-origin-when-cross-origin | - x-cache-group: normal | - x-cacheable: SHORT | - x-powered-by: WP Engine | - x-request-id: afb098119134d62c5252c58194270305 | - via: 1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront) | - x-amz-cf-pop: SIN2-P1 | - x-amz-cf-id: Hldx1XwISW_D4eLeArk8B0kIMdbeUFRrYQ6kf4TFW01eu3Kz0UiW4Q== | Found By: Headers (Passive Detection) | Confidence: 100% [+] robots.txt found: https://www.xxx.io/en/robots.txt | Found By: Robots Txt (Aggressive Detection) | Confidence: 100% [+] This site has 'Must Use Plugins': https://www.xxx.io/en/wp-content/mu-plugins/ | Found By: Direct Access (Aggressive Detection) | Confidence: 80% | Reference: http://codex.wordpress.org/Must_Use_Plugins [+] The external WP-Cron seems to be enabled: https://www.xxx.io/en/wp-cron.php | Found By: Direct Access (Aggressive Detection) | Confidence: 60% | References: | - https://www.iplocation.net/defend-wordpress-from-ddos | - https://github.com/wpscanteam/wpscan/issues/1299 [+] WordPress version 6.5.4 identified (Latest, released on 2024-06-05). | Found By: Most Common Wp Includes Query Parameter In Homepage (Passive Detection) | - https://www.xxx.io/en/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4 | Confirmed By: Style Etag (Aggressive Detection) | - https://www.xxx.io/en/wp-admin/load-styles.php, Match: '6.5.4' [+] WordPress theme in use: xxx-main | Location: https://www.xxx.io/en/wp-content/themes/xxx-main/ | Style URL: https://www.xxx.io/en/wp-content/themes/xxx-main/style.css?ver=1.5.1 | Style Name: xxx (Main) | Style URI: https://www.xxx.io/ | Description: A responsive, accessible WordPress theme for xxx. Developed to support WordPress version 5.5 and G... | Author: Aubs & Mugg | Author URI: https://aubsandmugg.com/ | | Found By: Css Style In Homepage (Passive Detection) | Confirmed By: Css Style In 404 Page (Passive Detection) | | Version: 1.5.1 (80% confidence) | Found By: Style (Passive Detection) | - https://www.xxx.io/en/wp-content/themes/xxx-main/style.css?ver=1.5.1, Match: 'Version: 1.5.1' [+] Enumerating Vulnerable Plugins (via Passive Methods) [+] Checking Plugin Versions (via Passive and Aggressive Methods) [i] No plugins Found. [+] Enumerating Vulnerable Themes (via Passive and Aggressive Methods) Checking Known Locations - Time: 00:00:00 <===============================================================> (652 / 652) 100.00% Time: 00:00:00 [+] Checking Theme Versions (via Passive and Aggressive Methods) [i] No themes Found. [+] Enumerating Timthumbs (via Passive and Aggressive Methods) Checking Known Locations - Time: 00:07:27 <=============================================================> (2575 / 2575) 100.00% Time: 00:07:27 [i] No Timthumbs Found. [+] Enumerating Config Backups (via Passive and Aggressive Methods) Checking Config Backups - Time: 00:00:09 <================================================================> (137 / 137) 100.00% Time: 00:00:09 [i] No Config Backups Found. [+] Enumerating DB Exports (via Passive and Aggressive Methods) Checking DB Exports - Time: 00:00:13 <======================================================================> (84 / 84) 100.00% Time: 00:00:13 [i] No DB Exports Found. [+] Enumerating Medias (via Passive and Aggressive Methods) (Permalink setting must be set to "Plain" for those to be detected) Brute Forcing Attachment IDs - Time: 00:00:01 <===========================================================> (100 / 100) 100.00% Time: 00:00:01 [i] No Medias Found. [+] Enumerating Users (via Passive and Aggressive Methods) Brute Forcing Author IDs - Time: 00:00:00 <=================================================================> (10 / 10) 100.00% Time: 00:00:00 [i] No Users Found. [+] WPScan DB API OK | Plan: free | Requests Done (during the scan): 7 | Requests Remaining: 9 [+] Finished: Fri Jun 14 11:01:14 2024 [+] Requests Done: 3642 [+] Cached Requests: 12 [+] Data Sent: 840.425 KB [+] Data Received: 5.446 MB [+] Memory used: 462.02 MB [+] Elapsed time: 00:08:29

 

标签:00,--,xxx,笔记,Passive,wpscan,https,工具
From: https://www.cnblogs.com/Hi-blog/p/18252003/wpscan

相关文章

  • 探索高效自动化测试新工具:FlaUI
    探索高效自动化测试新工具:FlaUI项目地址:https://gitcode.com/Roemer/FlaUIFlaUI是一个开源的.NET库,专为Windows桌面应用程序提供自动化测试支持。它允许开发者以编程方式控制和测试任何基于UI的应用程序,无论它们是WPF、WinForms还是UWP应用。本文将深入探讨FlaUI的技术原理、......
  • Microsoft PPP CHAP Extensions, Version 2 rfc笔记
    之前在网上阅读过mschapv2的协议流程,并记录到博客随便中peap-mschapv2认证流程chap mschappap协议简介,mschapv1mschapv2区别8021x认证客户端都是依赖于操作系统,但是不可控,目前准备自己编写8021x客户端,所以来看看itefrfc文档了主要文档有:rfc2759 ......
  • DropDMG 命令行工具使用文档
    dropdmg(1)DropDMGdropdmg(1)NAMEdropdmg-Command-lineInterfaceforDropDMGSYNOPSISdropdmg[options]file...dropdmg(1)DropDMGdropdmg(1)NAMEdro......
  • 《梦断代码》读书笔记
    《梦断代码》书中讨论了“软件时间”这一概念,布鲁克斯在书中提出了一个十分著名的观点,“往以延误的项目中补充人力,只会使其继续厌恶”,经过了无数年间的实践,这一观点都成了程序猿和开发经理的梦魇。布鲁克斯指出了其中要害,”只有在任务能分派给许多相互之间无须沟通的工作者时,人和......
  • 报表开发工具DevExpress Reporting v23.2 - 增强PDF导出、多平台打印等
    DevExpressReporting是.NETFramework下功能完善的报表平台,它附带了易于使用的VisualStudio报表设计器和丰富的报表控件集,包括数据透视表、图表,因此您可以构建无与伦比、信息清晰的报表。DevExpressReporting控件日前正式发布了v23.2,新版本增强了PDF导出、macOS、Linux平台打......
  • 6、docker-docker的图形化web界面管理工具-portainer--docker镜像原理
    图形化界面管理工具-portainer-可以提供后台面板供我们操作1、下载启动portainer·#-v挂载-v/var/run/docker.sock:/var/run/docker.sock 表示将主机上的Docker守护进程的Unix套接字文件映射到容器内部,这样Portainer就可以通过DockerAPI与Docker守护进程交互了。......
  • 基本技巧——哈夫曼树 学习笔记
    基本技巧——哈夫曼树学习笔记概念一棵包含有\(n\)个叶子节点的\(k\)叉树,其中第\(i\)个叶子节点带有权值\(W_i\)。树的带权路径长度,定义为从根结点到各叶结点的路径长度与相应叶节点权值的乘积之和。树的带权路径长度,记为WPL(WeightedPathLengthofTree),公式表示:\[......
  • 开源复刻apple 数学笔记;纯C++实现了ChatGLM系列模型;腾讯混元文生图模型发布新版本并开
    ✨1:AIMathNotesAIMathNotes是一个交互式绘图应用,可绘制并计算数学方程。AIMathNotes受到Apple在WWDC2024上的“MathNotes”演启发,开发的一个互动式绘图应用程序,用户可以在画布上绘制数学方程。一旦方程被绘制完成,应用程序将使用多模态LLM(LargeLanguageM......
  • 04-jQuery工具函数及 jQuery 插件
    1.jQuery工具函数在jQuery中,工具函数是指直接依附于jQuery对象,针对jQuery对象本身定义的方法,即全局性的,我们统称为工具函数,或Utilites函数。主要作用于:字符串、数组、对象。调用格式:$.函数名()或jQuery.函数名()1.1$.get()通过远程HTTPGET请求载入信息。jQue......
  • 普通人的致富秘籍-AI绘画最全学习手册 -AI绘画工具Midjourney保姆级攻略
    都2024年了,我发现身边还有很多人不知道怎么用AI搞钱真的要有一技之长‼️这样到哪里都能找到工作......