WebApp Sec mailing list archives
Re: [WEB SECURITY] Introducing WPScan - WordPress Security Scanner
From: Ryan Dewhurst <ryandewhurst () gmail com>
Date: Mon, 20 Jun 2011 19:39:32 +0100
The client side file hashing is something I became aware of after writing the w3af wordpress version discovery plugin a few years back. The w3af plugin just does string matching though, if string in file, version is x. But the idea was put forward then by someone or multiple people (can't remember) after completing it. It is definitely something I will implement into WPScan in the future. I find the readme file version isn't always reliable and the generator tag is sometimes removed. I also plan to implement plugin and plugin version detection along with vulnerability matching (by version And some further username enumeration techniques. If any one would like to contribute and make a start on any of these, it would be awesome! The project is still in ALPHA and needs a fair bit of work, but I believe it has the grounding to become a great tool! Ryan Ryan Dewhurst blog www.ethicalhack3r.co.uk projects www.dvwa.co.uk | www.webwordcount.com twitter www.twitter.com/ethicalhack3r On Mon, Jun 20, 2011 at 6:04 PM, Chris Weber <chris () casabasecurity com> wrote:
dd, have you open sourced any parts of your production code, such as the fingerprinting data? Or do we each need to do that work independently? And have you detected any edge cases - for example a Web server that includes an extra newline character in the body? -Chris -----Original Message----- From: sucurisec () gmail com [mailto:sucurisec () gmail com] On Behalf Of dd () sucuri net Sent: Monday, June 20, 2011 9:58 AM To: Chris Weber Cc: seth; ryandewhurst () gmail com; webappsec () securityfocus com; websecurity () webappsec org Subject: Re: [WEB SECURITY] Introducing WPScan - WordPress Security Scanner Comparing the hashes of some js/css file is probably the most reliable method, since lots of sites hide their version from the generator and remove the readme file. We wrote an article about it a while ago: http://tools.sucuri.net/?page=docs&title=fingerprinting-web-apps And we still use that on our scanner ( http://sitecheck.sucuri.net ) :) Thanks,
This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- Introducing WPScan – WordPress Security Scanner Ryan Dewhurst (Jun 18)
- Re: Introducing WPScan – WordPress Security Scanner seth (Jun 19)
- Re: Introducing WPScan – WordPress Security Scanner Ryan Dewhurst (Jun 19)
- Re: Introducing WPScan – WordPress Security Scanner Veronica (Jun 19)
- Re: Introducing WPScan – WordPress Security Scanner Ryan Dewhurst (Jun 19)
- Message not available
- RE: [WEB SECURITY] Introducing WPScan - WordPress Security Scanner Chris Weber (Jun 20)
- Message not available
- RE: [WEB SECURITY] Introducing WPScan - WordPress Security Scanner Chris Weber (Jun 20)
- Re: [WEB SECURITY] Introducing WPScan - WordPress Security Scanner Ryan Dewhurst (Jun 20)
- RE: [WEB SECURITY] Introducing WPScan - WordPress Security Scanner Chris Weber (Jun 20)
- Re: Introducing WPScan – WordPress Security Scanner seth (Jun 19)