Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: finding wordpress instances

From: James Rogers <jamesmrogers () gmail com>
Date: Fri, 27 Apr 2012 12:49:54 -0400
I'd check for wordpress/wp-login.php  as well.  I know that is where I
installed wordpress several times before.

On Fri, Apr 27, 2012 at 12:30 PM, Hani Benhabiles <kroosec () gmail com> wrote:

On 04/27/2012 05:12 PM, Sina Bahram wrote:


Quick question guys. Is there an NSE script in the latest batch that can
scan for wordpress instances on a given subnet, or would it
be that hard to make?

Wanting to help someone scan a rather large network for at risk wordpress
instances.

Am I completely imagining that something like this existed?

Found one script online that claims to do so via NSE, but it's broken.

Thanks much

Take care,
Sina

Website: www.SinaBahram.com
Twitter: @SinaBahram



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



Hey Sina,

Without being very knowledgeable about Wordpress, an easy target would be a
small script to check the response from an http request to /wp-login.php.

Cheers,
Hani.

--
Hani Benhabiles
OWASP Algeria Student Chapter: Founder/President.
http://www.owaspalgeriasc.org
https://www.owasp.org/index.php/Algeria_Student_Chapter
Email: hani.benhabiles () owasp org

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: