{"id":1541,"date":"2018-11-28T23:21:39","date_gmt":"2018-11-28T20:21:39","guid":{"rendered":"http:\/\/kifarunix.com\/?p=1541"},"modified":"2024-03-11T21:29:08","modified_gmt":"2024-03-11T18:29:08","slug":"install-use-wpscan-wordpress-vulnerability-scanner-ubuntu-18-04","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/install-use-wpscan-wordpress-vulnerability-scanner-ubuntu-18-04\/","title":{"rendered":"How to Install and Use WPScan WordPress Vulnerability Scanner Ubuntu 18.04"},"content":{"rendered":"\n

This guide discusses how to Install and Use WPScan WordPress Vulnerability Scanner Ubuntu 18.04. WPScan<\/a>, which is an acronym for WordPress Security Scanner, is a free black box vulnerability scanner written on Ruby<\/b> programming language<\/span> to help security professionals and blog maintainers to test the vulnerabilities on their WordPress sites. It helps unearth any vulnerability associated with WordPress themes, plugins, or any other security threat harbored on a WordPress site.<\/p>\n\n\n\n

Are you using WordPress and looking for a professional WordPress website builder platform? Look no further since Elementor can help you create beautiful pages<\/a>.<\/p>\n\n\n\n

Installing WPScan Ubuntu 18.04<\/h2>\n\n\n\n

Prerequisites<\/h3>\n\n\n\n

Before you can install WordPress Security Scanner (WPScan), ensure that the following dependencies are installed.Also ensure that your system is up-to-date. This can be done by running the commands below;<\/p>\n\n\n\n

sudo apt update\nsudo apt upgrade<\/pre>\n\n\n\n
sudo apt install curl git libcurl4-openssl-dev make zlib1g-dev gawk g++ gcc libreadline6-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 autoconf libgdbm-dev libncurses5-dev automake libtool bison pkg-config ruby ruby-bundler ruby-dev -y<\/pre>\n\n\n\n
WPScan can either be installed fron RubyGem repositories or from sources. The former is simpler as it involves a one line command.<\/p>\n\n\n\n
Install from RubyGem<\/h3>\n\n\n\n
To install WPScan from RubyGem repositories, run the command below;<\/p>\n\n\n\n
gem install wpscan<\/pre>\n\n\n\n
You can at the same time uninstall WPScan by running the command;<\/p>\n\n\n\n
gem uninstall wpscan<\/pre>\n\n\n\n
Install WPScan Sources<\/h4>\n\n\n\n
To install WPScan from sources, you first need to its Github repository.<\/p>\n\n\n\n
git clone https:\/\/github.com\/wpscanteam\/wpscan<\/pre>\n\n\n\n
Once the cloning is done, navigate to WPScan directory and run the commands below to do the installation.<\/p>\n\n\n\n
cd wpscan\/\nbundle install\nsudo rake install<\/pre>\n\n\n\n
Do you have patience? If you don’t, this is where might have to learn to have a little since it may take some few mins to complete the installation. If the installation is successful, you should see such an output.<\/p>\n\n\n\n
...<\/strong>\n  48) WPScan::Vulnerability behaves like WPScan::References references when references provided as array \n     # Temporarily skipped with xit\n     # .\/spec\/shared_examples\/references.rb:45\n\n\nFinished in 8 minutes 54 seconds (files took 15.12 seconds to load)\n17914 examples, 0 failures, 48 pending\n\nCoverage report generated for RSpec to $HOME\/wpscan\/coverage. 1709 \/ 2006 LOC (85.19%) covered.\nwpscan 3.4.0 built to pkg\/wpscan-3.4.0.gem.\nwpscan (3.4.0) installed<\/strong>.<\/pre>\n\n\n\n
Well, WPScan is successfully installed on Ubuntu 18.04. To obtain a description of various command line options used with WPScan, run wpscan<\/strong><\/code> command with -h\/--help<\/strong><\/code> option;<\/p>\n\n\n\n
wpscan -h<\/strong>\n_______________________________________________________________\n        __          _______   _____\n        \\ \\        \/ \/  __ \\ \/ ____|\n         \\ \\  \/\\  \/ \/| |__) | (___   ___  __ _ _ __ \u00ae\n          \\ \\\/  \\\/ \/ |  ___\/ \\___ \\ \/ __|\/ _` | '_ \\\n           \\  \/\\  \/  | |     ____) | (__| (_| | | | |\n            \\\/  \\\/   |_|    |_____\/ \\___|\\__,_|_| |_|\n\n        WordPress Security Scanner by the WPScan Team\n                       Version 3.4.0<\/strong>\n          Sponsored by Sucuri - https:\/\/sucuri.net\n      @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_\n_______________________________________________________________\n\nUsage: wpscan [options]\n        --url URL                                 The URL of the blog to scan\n                                                  Allowed Protocols: http, https\n                                                  Default Protocol if none provided: http\n                                                  This option is mandatory unless update or help or hh or version is\/are supplied\n    -h, --help                                    Display the simple help and exit\n        --hh                                      Display the full help and exit\n        --version                                 Display the version and exit\n    -v, --verbose                                 Verbose mode\n        --[no-]banner                             Whether or not to display the banner\n                                                  Default: true\n    -o, --output FILE                             Output to FILE\n    -f, --format FORMAT                           Output results in the format supplied\n                                                  Available choices: cli-no-color, json, cli, cli-no-colour\n        --detection-mode MODE                     Default: mixed\n                                                  Available choices: mixed, passive, aggressive\n        --user-agent, --ua VALUE\n        --random-user-agent, --rua                Use a random user-agent for each scan\n        --http-auth login:password\n<output cut><\/strong><\/pre>\n\n\n\n
Go through the whole output to see various options that can be used with wpscan<\/strong> command.<\/p>\n\n\n\n
Scanning for Vulnerabilities<\/h3>\n\n\n\n
In this guide, we are going to show you a few examples on how to perform WordPress blog vulnerability scanning. Ensure that you run the examples below against your OWN<\/strong> blog. It is illegal to scan other people’s sites.<\/p>\n\n\n\n
Scan the whole WordPress blog<\/h4>\n\n\n\n
wpscan --url wordpress.example.com<\/pre>\n\n\n\n
WPScan can scan both http<\/strong> and https<\/strong> protocols. If not specified, it will scan http<\/strong> by default.<\/p>\n\n\n\n
If you want to save the scanner output results in a file, use the -o\/--output<\/strong><\/code> option.<\/p>\n\n\n\n
wpscan --url http:\/\/wordpress.example.com -o scan-test<\/pre>\n\n\n\n
There are three detection modes in which wpscan can run against a WordPress site; passive<\/strong><\/code>, aggressive<\/strong><\/code>, mixed(default)<\/strong><\/code>.<\/p>\n\n\n\n