photo lineviral_1.png
» » » » Wpscan Too Quick Wordpress Security
, ,

Wpscan Too Quick Wordpress Security

This is a quick together with elementary conduct utilizing wpscan to scan wordpress together with create unopen to safety issues. Very elementary together with slow to follow.


Readers: Please read WPSCAN together with quick wordpress safety – Fixing Direcroty Listing – Part 2 of this serial that outlines on how to create Directory Listing.


This is a quick together with elementary conduct utilizing wpscan to scan wordpress together with create unopen to safety WPSCAN together with quick wordpress securityA elementary WPSCAN done on my site:


# wpscan --url technoused.blogspot.com

Output:


____________________________________________________
__          _______   _____
\ \        / /  __ \ / ____|
\ \  /\  / /| |__) | (___   ___  __ _ _ __
\ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
\  /\  /  | |     ____) | (__| (_| | | | |
\/  \/   |_|    |_____/ \___|\__,_|_| |_| v2.1rNA
WordPress Security Scanner past times the WPScan Team
Sponsored past times the RandomStorm Open Source Initiative
_____________________________________________________
| URL: http://technoused.blogspot.com/
| Started on Dominicus October xiii 13:39:25 2013
[31m[!][0m The WordPress 'http://technoused.blogspot.com/readme.html' file exists
[31m[!][0m Full Path Disclosure (FPD) inwards 'http://technoused.blogspot.com/wp-includes/rss-functions.php'
[32m[+][0m XML-RPC Interface available nether http://technoused.blogspot.com/xmlrpc.php
[32m[+][0m WordPress version 3.6.1 identified from meta generator
[32m[+][0m The WordPress subject inwards job is twentyten v1.6
| Name: twentyten v1.6
| Location: http://technoused.blogspot.com/wp-content/themes/twentyten/
[32m[+][0m Enumerating plugins from passive detection ...
3 plugins constitute :
| Name: add-to-any v1.2.5
| Location: http://technoused.blogspot.com/wp-content/plugins/add-to-any/
| Directory listing enabled: Yes
| Readme: http://technoused.blogspot.com/wp-content/plugins/add-to-any/README.txt
| Name: captcha v3.8.4
| Location: http://technoused.blogspot.com/wp-content/plugins/captcha/
| Directory listing enabled: Yes
| Readme: http://technoused.blogspot.com/wp-content/plugins/captcha/readme.txt
| Name: google-analyticator v6.4.5
| Location: http://technoused.blogspot.com/wp-content/plugins/google-analyticator/
| Directory listing enabled: Yes
| Readme: http://technoused.blogspot.com/wp-content/plugins/google-analyticator/readme.txt
[32m[+] Finished at Dominicus October xiii 13:39:51 2013[0m
[32m[+] Elapsed time: 00:00:26[0m

Two things that were marked equally possible vulnerabilities:


[31m[!] The WordPress 'http://technoused.blogspot.com/readme.html' file exists
[31m[!] Full Path Disclosure (FPD) inwards 'http://technoused.blogspot.com/wp-includes/rss-functions.php'

readme.html file should hold upward deleted equally it gives away version info. Now in that place are to a greater extent than ways to disclose WP version, exactly green scans volition depend on it to create upward one's heed version info. Not that it makes much of a difference, why continue something y'all don’t need?


Full Path Disclosure (FPD) volition give away your folder construction together with username. We would similar to create that.


readme.html file tin hold upward deleted safely. So that fixes that problem.


For FPD, add together the next job to your .htaccess file inwards rootage folder.


php_flag display_errors off

This would create the problem.


Now lets meet how WPSCAN behaves when nosotros exercise unopen to other scan:


____________________________________________________
__          _______   _____
\ \        / /  __ \ / ____|
\ \  /\  / /| |__) | (___   ___  __ _ _ __
\ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
\  /\  /  | |     ____) | (__| (_| | | | |
\/  \/   |_|    |_____/ \___|\__,_|_| |_| v2.1rNA
WordPress Security Scanner past times the WPScan Team
Sponsored past times the RandomStorm Open Source Initiative
_____________________________________________________
| URL: http://technoused.blogspot.com/
| Started on Dominicus October xiii 13:56:46 2013
[32m[+][0m XML-RPC Interface available nether http://technoused.blogspot.com/xmlrpc.php
[32m[+][0m WordPress version 3.6.1 identified from meta generator
[32m[+][0m The WordPress subject inwards job is twentyten v1.6
| Name: twentyten v1.6
| Location: http://technoused.blogspot.com/wp-content/themes/twentyten/
[32m[+][0m Enumerating plugins from passive detection ...
3 plugins constitute :
| Name: add-to-any v1.2.5
| Location: http://technoused.blogspot.com/wp-content/plugins/add-to-any/
| Directory listing enabled: Yes
| Readme: http://technoused.blogspot.com/wp-content/plugins/add-to-any/README.txt
| Name: captcha v3.8.4
| Location: http://technoused.blogspot.com/wp-content/plugins/captcha/
| Directory listing enabled: Yes
| Readme: http://technoused.blogspot.com/wp-content/plugins/captcha/readme.txt
| Name: google-analyticator v6.4.5
| Location: http://technoused.blogspot.com/wp-content/plugins/google-analyticator/
| Directory listing enabled: Yes
| Readme: http://technoused.blogspot.com/wp-content/plugins/google-analyticator/readme.txt
[32m[+] Finished at Dominicus October xiii 13:57:46 2013[0m
[32m[+] Elapsed time: 00:00:59[0m

There y'all go, both alert fixed.


Saying all that essay to follow these three steps to brand your site to a greater extent than secured:



  1. Update WordPress, Themes & Plugins – One of the nearly of import things y'all tin exercise is continue your software upward to date. Whenever in that place is a novel version of WordPress, or a novel version of 1 of your themes or plugins, update them equally shortly equally possible. This goes for your inactive themes together with plugins too. Keep them updated, or if y'all don’t conception on using them whatsoever fourth dimension soon, delete them thence y'all don’t forget to update them.

  2. Limit Login Attempts – If y'all convey a secure password together with admin username, thence y'all should hold upward fairly rubber against animate beingness forcefulness login attacks. Just inwards case, however, y'all tin also restrain login attempts.

  3. Disable Administrative File Editing – In the unfortunate lawsuit that individual gains access to your WordPress Dashboard, y'all should essay together with restrain the resources they convey to exercise damage. Using the WordPress Editor to alter your theme’s PHP files is an slow mode to execute malicious code on your site together with effectively allow the pentester exercise whatever they desire amongst your website. These editing capabilities tin hold upward disable inwards your wp-config file using define( ‘DISALLOW_FILE_EDIT’, truthful );


Readers: Please read WPSCAN together with quick wordpress safety – Fixing Direcroty Listing – Part 2 of this serial that outlines on how to create Directory Listing.


Buat lebih berguna, kongsi:
close