WordPress is the most use CMS for website, because there is a lot of features and easy to use. As a pentester you have to upgrade your ability to exploit WordPress CMS, but with WPrecon you can automatically perform vulnerabilities scanning on a wordpress site. As we know WordPress is still have some bugs that can be exploited.
WPrecon (WordPress Recon)
Hello! Welcome. Wprecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, 100% developed in Go.
Notice: Why is the project out of updates these days ?! What happens is that I am doing the vulnerability scanner.
Features
| Status | Features |
|---|---|
| ✅ | Random Agent |
| ✅ | Detection WAF |
| ✅ | User Enumerator |
| ✅ | Plugin Scanner |
| ✅ | Theme Scanner |
| ✅ | Tor Proxy’s |
| ✅ | Detection Honeypot |
| ✅ | Fuzzing Backup Files |
| ❌ | Fuzzing Passwords |
| ❌ | Vulnerability Scanner |
Install and Compile
For you to compile wprecon you will need to have the golang compiler installed. And for that you will access the official website of golang and will download and install it. Here!
Once downloaded and installed you will download wprecon directly from github with the command:
Primary way:
Second way:
mkdir ~/Go/src/github.com/blackcrw/wprecon; cd ~/Go/src/github.com/blackcrw; git clone https://github.com/blackcrw/wprecon; go get wprecon.
After downloading wprecon you will compile with the command:
Usage
| Flag(s) | Description |
|---|---|
| -u, –url string | Target URL (Ex: http(s)://example.com/). (Required) |
| –users-enumerate | Use the supplied mode to enumerate Users. |
| –themes-enumerate | Use the supplied mode to enumerate Themes. |
| –plugins-enumerate | Use the supplied mode to enumerate Plugins. |
| –detection-waf | I will try to detect if the target is using any WAF. |
| –detection-honeypot | I will try to detect if the target is a honeypot, based on the shodan. |
| –no-check-wp | Will skip wordpress check on target. |
| –random-agent | Use randomly selected HTTP(S) User-Agent header value. |
| –tor | Use Tor anonymity network. |
| –disable-tls-checks | Disables SSL/TLS certificate verification. |
| -h, –help | help for wprecon. |
| -v, –verbose | Verbosity mode. |
WPrecon running
Command: wprecon --url "https://www.xxxxxxx.com/" --detection-waf
Output:
————————————————————————————————————————————————————————————————————— ___ ______________________________________________ __ __ | / /__ __ \__ __ \__ ____/_ ____/_ __ \__ | / / __ | /| / /__ /_/ /_ /_/ /_ __/ _ / _ / / /_ |/ / __ |/ |/ / _ ____/_ _, _/_ /___ / /___ / /_/ /_ /| / ____/|__/ /_/ /_/ |_| /_____/ \____/ \____/ /_/ |_/ Github: https://github.com/blackcrw/wprecon Version: 0.0.1a ————————————————————————————————————————————————————————————————————— [•] Target: https://www.xxxxxxx.com/ [•] Starting: 09/jan/2020 12:11:17 [•] Listing enable: https://www.xxxxxxx.com/wp-content/plugins/ [•] Listing enable: https://www.xxxxxxx.com/wp-content/themes/ [•••] Status Code: 200 — URL: https://www.xxxxxxx.com/wp-admin/ [•••] I'm not absolutely sure that this target is using wordpress! 37.50% chance. do you wish to continue ? [Y/n]: Y [•••] Status Code: 200 — WAF: Wordfence Security Detected [•••] Do you wish to continue ?! [Y/n] : Y
