How to install WPScan on Debian

Published on Author YaniLeave a comment

This tutorial explains how to install WPScan on Debian based systems. This is being done on a Debian 8 machine, although you should be able to tweak it to your needs.

First we’ll need an up to date Ruby installation. This is something where I had quite some trouble with in the beginning and I didn’t want to go with RVM.

 

So let’s get started.

 

Let’s first add a repository that has Ruby 2.3 available, as the normal Stable release for Debian is only 1.9.x.

apt-get install software-properties-common
add-apt-repository 'deb http://ppa.launchpad.net/brightbox/ruby-ng/ubuntu trusty main'
apt-get update

 

Let’s install the packages we’ll need for WPScan

apt-get install ruby2.3 ruby2.3-dev git make gcc libcurl4-openssl-dev zlib1g-dev

 

Now download (clone) WPScan using git:

git clone https://github.com/wpscanteam/wpscan.git

 

Enter the wpscan directory:

cd wpscan

 

Now we have to install the bundler which updates the Ruby gems.

gem install bundler && bundle install --without test

 

Now you can start WPScan by running it using ruby:

ruby wpscan.rb

 

And we’re done!

        __          _______   _____
        \ \        / /  __ \ / ____|
         \ \  /\  / /| |__) | (___   ___  __ _ _ __
          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
           \  /\  /  | |     ____) | (__| (_| | | | |
            \/  \/   |_|    |_____/ \___|\__,_|_| |_|

        WordPress Security Scanner by the WPScan Team
                       Version 2.9.1
          Sponsored by Sucuri - https://sucuri.net
   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
_______________________________________________________________


Examples :

-Further help ...
ruby wpscan.rb --help

-Do 'non-intrusive' checks ...
ruby wpscan.rb --url www.example.com

-Do wordlist password brute force on enumerated users using 50 threads ...
ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50

-Do wordlist password brute force on the 'admin' username only ...
ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --username admin

-Enumerate installed plugins ...
ruby wpscan.rb --url www.example.com --enumerate p

-Enumerate installed themes ...
ruby wpscan.rb --url www.example.com --enumerate t

-Enumerate users ...
ruby wpscan.rb --url www.example.com --enumerate u

-Enumerate installed timthumbs ...
ruby wpscan.rb --url www.example.com --enumerate tt

-Use a HTTP proxy ...
ruby wpscan.rb --url www.example.com --proxy 127.0.0.1:8118

-Use a SOCKS5 proxy ... (cURL >= v7.21.7 needed)
ruby wpscan.rb --url www.example.com --proxy socks5://127.0.0.1:9000

-Use custom content directory ...
ruby wpscan.rb -u www.example.com --wp-content-dir custom-content

-Use custom plugins directory ...
ruby wpscan.rb -u www.example.com --wp-plugins-dir wp-content/custom-plugins

-Update the DB ...
ruby wpscan.rb --update

-Debug output ...
ruby wpscan.rb --url www.example.com --debug-output 2>debug.log

See README for further information.

 

Enjoy!

Leave a Reply

Your email address will not be published. Required fields are marked *