Nmap Development mailing list archives



[NSE] http-wp-plugins, retrieve installed Wordpress plugins

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, With 2.4M downloads and counting (http://wordpress.org/download/counter/), Wordpress definitively deserves its script. When it comes to security, a CMS is less vulnerable itself than its (numerous) third-party plugins and Wordpress has more than 13.000. This script tries to list those probably installed on a given blog by brute forcing the wp-content directory. The dictionnary it uses has the 13.405 existing plugins to date, sorted by popularity. Despite Nmap does its best to parallelize the queries, it could take an hour to test them all so by default the script will just test the 100 most popular ones. Of course, an option is provided so that the user can tweak this from any number to all. Another option allows to manualy specify a path to the blog from the website root. Because it's quite common that the blog service of a website would not be at its root, the script also tries itself to find its path through wordpress, even if not user-specified. Sample output : - - -- Interesting ports on my.woot.blog (123.123.123.123): - - -- PORT STATE SERVICE REASON - - -- 80/tcp open http syn-ack - - -- | http-wp-plugins: (search amongst the 500 most popular plugins, use --script-arg http-wp-plugins.search=<number|all> for deeper analysis) - - -- |_akismet, wp-db-backup, all-in-one-seo-pack, stats, wp-to-twitter With the hope someone considers it usefull, A.G. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAk181dcACgkQ3aDTTO0ha7gQQACdH3XPu63zQ5AH3jJpXfhCzRfT VT4AnjRfDwjF1odSQVswFx+Eu1NkMQNR =WmOK -----END PGP SIGNATURE-----

Attachment: wp-plugins.lst.tar.gz

Description:

Attachment: http-wp-plugins.nse

Description:

_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/

By Date By Thread

Current thread: