This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Wordpress Vulnerability Scanner Project"

From OWASP
Jump to: navigation, search
m (Contributors)
(Road Map)
 
(54 intermediate revisions by 3 users not shown)
Line 6: Line 6:
 
| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
 
| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
  
<span style="color:#ff0000">
+
==OWASP Wordpress Vulnerability Scanner Project==
Instructions are in RED text and should be removed from your document by deleting the text with the span tags. This document is intended to serve as an example of what is required of an OWASP project wiki page. The text in red serves as instructions, while the text in black serves as an example. Text in black is expected to be replaced entirely with information specific to your OWASP project.
 
</span>
 
  
==OWASP Wordpress Scanner Project==
+
A Wordpress Scanner written in PHP, focus on vulnerability assessment and security audit of misconfiguration in the Wordpress installation. Wordpress Scanner is capable of finding the flaw in the Wordpress installation and will provide all the information regarding the vulnerability. Wordpress Scanner is not a tool for code auditing, it performs "black box" scanning for the Wordpress powered web application.
  
A Wordpress scanner written in php. main focus of the tools is to analyze a wordpress installation againts a known vulnerability.
+
The basic security check will review a WordPress installation for common security related mis-configurations. Testing with the basic check option uses regular web requests. The system downloads a handful of pages from the target site, then performs analysis on the resulting html source.
  
==Description==
+
The more aggressive enumeration option attempts to find all plugins / themes that are being used on the WordPress installation and can attempt to enumerate users of the site. These tests will generate HTTP 404 errors in the web server logs of the target site. If you test all plugins, be warned that this will generate more than 18000 log entries and potentially triggered intrusion prevention measures.
<span style="color:#ff0000">
 
This is where you need to add your more robust project description. A project description should outline the purpose of the project, how it is used, and the value it provides to application security. Ideally, project descriptions should be written in such a way that there is no question what value the project provides to the software security community. This section will be seen and used in various places within the Projects Portal. Poorly written project descriptions therefore detract from a project’s visibility, so project leaders should ensure that the description is meaningful.
 
</span>
 
  
 +
Aggressively discover the WordPress plugins and themes installed on a site. Utilizes a database of over 18000 plugins and 2600 themes during testing. Fingerprint the version of the discovered plugins and themes. This version can be compared against latest releases and known security vulnerabilities.
  
==Licensing==
+
==Current Features==
 +
The following features are currently available.
 +
* Detect version of wordpress installation
 +
* Detect sensitive file. (eg: readme, database replacing file, etc..)
 +
* Detect enabled feature on installation. (eg: multisite enabled, allow registration, etc..)
 +
* Detect theme name (through passive fingerprinting)
 +
* List of installed plugins (through passive fingerprinting)
 +
* Enumerate Plugins
 +
* Enumerate Themes
 +
* Enumerate Users
 +
* Password auditing
  
 +
| valign="top"  style="padding-left:25px;width:200px;" |
  
This program is free software: you can redistribute it and/or modify it under the terms of the [http://opensource.org/licenses/MIT MIT License].
+
== Quick Download ==
 
+
*Latest Release @ [https://github.com/RamadhanAmizudin/Wordpress-scanner/releases Stable Release]
== Project Resources ==
+
*Source Code @ [https://github.com/RamadhanAmizudin/Wordpress-scanner/ Github]
<span style="color:#ff0000">
 
This is where you can link to the key locations for project files, including setup programs, the source code repository, online documentation, a Wiki Home Page, threaded discussions about the project, and Issue Tracking system, etc.  
 
</span>
 
 
 
  
 
== Project Leader ==
 
== Project Leader ==
[mailto:ramadhan.amizudin@gmail.com Ramadhan Amizudin]
+
* [https://github.com/RamadhanAmizudin Ramadhan Amizudin]
  
== Related Projects ==
+
==Contact Us==
<span style="color:#ff0000">
+
* #owaspmy @ FreeNode
This is where you can link to other OWASP Projects that are similar to yours.  
+
* [https://www.facebook.com/OWASP.Malaysia OWASP Malaysia]
</span>
 
  
 +
==Licensing==
 +
OWASP Wordpress Scanner is free software: you can redistribute it and/or modify it under the terms of the [http://opensource.org/licenses/MIT MIT License].
  
 
==Classifications==
 
==Classifications==
Line 49: Line 53:
 
    
 
    
 
   |}
 
   |}
 
| valign="top"  style="padding-left:25px;width:200px;" |
 
 
== News and Events ==
 
<span style="color:#ff0000">
 
This is where you can provide project updates, links to any events like conference presentations, Project Leader interviews, case studies on successful project implementations, and articles written about your project.
 
</span>
 
 
 
 
|}
 
|}
  
=FAQs=
+
=Requirement / Installation=
  
<!-- Instructions are in RED and should be removed from your document by deleting the text with the span tags.-->
+
'''Requirement'''
<span style="color:#ff0000">
+
* PHP >= 5.3
Many projects have "Frequently Asked Questions" documents or pages. However, the point of such a document is not the questions. ''The point of a document like this are the '''answers'''''. The document contains the answers that people would otherwise find themselves giving over and over again. The idea is that rather than laboriously compose and post the same answers repeatedly, people can refer to this page with pre-prepared answers. Use this space to communicate your projects 'Frequent Answers.'
+
* PHP cURL Extension
</span>
+
* PHP JSON Extension
 +
* PHP OpenSSL Extension (HTTPS Support)
  
 +
'''Installation'''
  
 +
*Download from repo: <tt>git clone https://github.com/RamadhanAmizudin/Wordpress-scanner.git</tt>
 +
*And run <tt>php app.php -h</tt>
  
 
= Acknowledgements =
 
= Acknowledgements =
 
==Contributors==
 
==Contributors==
 
+
*[https://github.com/mokhdzanifaeq/ Mokhdzani Faeq] - Multi-thread support for plugin enumeration.
[mailto:[email protected] Ramadhan Amizudin] - Core Developer
+
*[https://github.com/d0lph1n98 Fakhri Zulkifli]
 
+
*[https://github.com/nawawi Nawawi Jamili] - Code Enhancement.
[https://github.com/mokhdzanifaeq/ Mokhdzani Faeq] - Multi-thread support for plugin enumeration.
+
*Big thanks to WPScan.org team for providing plugin/theme/version vulnerability database - WPScan.org
 
 
Big thanks to WPScan.org team for providing vulnerable plugins list and md5 file hash for version checking. - WPScan.org
 
  
 
= Road Map and Getting Involved =
 
= Road Map and Getting Involved =
 
+
===Road Map===
Add new feature as web ui, proxy support. Rewrite the code to be more modular. Add form or using github issue for community-contributed vulnerability
+
As of now, the priorities are:
 
+
*Rewrite code to be more modular
==Getting Involved==
+
*Unit Tests
 
+
*Add Web UI
=Minimum Viable Product=
+
*Add custom wordpress directory(wp-content and wp-plugin)
<!-- Instructions are in RED and should be removed from your document by deleting the text with the span tags.-->
+
*Add support for static user agent(currently random)
<span style="color:#ff0000">
+
*Vulnerability Database (currently using https://wpvulndb.com)
This page is where you should indicate what is the minimum set of functionality that is required to make this a useful product that addresses your core security concern.
 
Defining this information helps the project leader to think about what is the critical functionality that a user needs for this project to be useful, thereby helping determine what the priorities should be on the roadmap.  And it also helps reviewers who are evaluating the project to determine if the functionality sufficiently provides the critical functionality to determine if the project should be promoted to the next project category. 
 
</span>
 
 
 
The project will be release a zip archive.
 
 
 
 
 
 
 
  
 
__NOTOC__ <headertabs />  
 
__NOTOC__ <headertabs />  
  
 
[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Tool]]
 
[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Tool]]

Latest revision as of 04:02, 9 December 2015

OWASP Project Header.jpg

OWASP Wordpress Vulnerability Scanner Project

A Wordpress Scanner written in PHP, focus on vulnerability assessment and security audit of misconfiguration in the Wordpress installation. Wordpress Scanner is capable of finding the flaw in the Wordpress installation and will provide all the information regarding the vulnerability. Wordpress Scanner is not a tool for code auditing, it performs "black box" scanning for the Wordpress powered web application.

The basic security check will review a WordPress installation for common security related mis-configurations. Testing with the basic check option uses regular web requests. The system downloads a handful of pages from the target site, then performs analysis on the resulting html source.

The more aggressive enumeration option attempts to find all plugins / themes that are being used on the WordPress installation and can attempt to enumerate users of the site. These tests will generate HTTP 404 errors in the web server logs of the target site. If you test all plugins, be warned that this will generate more than 18000 log entries and potentially triggered intrusion prevention measures.

Aggressively discover the WordPress plugins and themes installed on a site. Utilizes a database of over 18000 plugins and 2600 themes during testing. Fingerprint the version of the discovered plugins and themes. This version can be compared against latest releases and known security vulnerabilities.

Current Features

The following features are currently available.

  • Detect version of wordpress installation
  • Detect sensitive file. (eg: readme, database replacing file, etc..)
  • Detect enabled feature on installation. (eg: multisite enabled, allow registration, etc..)
  • Detect theme name (through passive fingerprinting)
  • List of installed plugins (through passive fingerprinting)
  • Enumerate Plugins
  • Enumerate Themes
  • Enumerate Users
  • Password auditing

Quick Download

Project Leader

Contact Us

Licensing

OWASP Wordpress Scanner is free software: you can redistribute it and/or modify it under the terms of the MIT License.

Classifications

Project Type Files TOOL.jpg
Incubator Project

Requirement

  • PHP >= 5.3
  • PHP cURL Extension
  • PHP JSON Extension
  • PHP OpenSSL Extension (HTTPS Support)

Installation

Contributors

  • Mokhdzani Faeq - Multi-thread support for plugin enumeration.
  • Fakhri Zulkifli
  • Nawawi Jamili - Code Enhancement.
  • Big thanks to WPScan.org team for providing plugin/theme/version vulnerability database - WPScan.org

Road Map

As of now, the priorities are:

  • Rewrite code to be more modular
  • Unit Tests
  • Add Web UI
  • Add custom wordpress directory(wp-content and wp-plugin)
  • Add support for static user agent(currently random)
  • Vulnerability Database (currently using https://wpvulndb.com)
Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Wordpress_Vulnerability_Scanner_Project&oldid=204934"