fbpx

WordPress Security – Vulnerability Scanning

WordPress is one of the best and most popular content management system (CMS) among bloggers and there are a lot of bloggers using WordPress as a CMS. WordPress is on the hit list of the hackers and spammers, spammers use their malware to compromise a wordpress website that is why reverse engineering of malware is necessary. 



However there are other CMS available, like Joomla!, but WordPress
has its own importance and market. Since most bloggers are using
WordPress the security is also important and a single dangerous
vulnerability may lead to thousands of compromised WordPress blogs. From
the penetration tester point-of-view an administrator must be aware at
the system level, as well as the application level, of existing
vulnerabilities in order to protect these website(s).

We provide our services to secure a wordpress website / blog more information.

A quick tip
to secure a WordPress (or any other) blog from the system/server
software vulnerability is by auditing. This includes keeping up-to-date
all the server’s software, browsers, anti-virus, using strong passwords
and changing them very often, scanning the server for malware and
backdoors, using firewalls, etc.,. WordPress software itself has
different vulnerabilities; in fact security researchers discover new
vulnerabilities on a daily basis.

So in this article we will cover
some tools and plug-ins to audit WordPress software for security holes
and vulnerabilities. We will also discuss the possible ways and tools
that an attacker might use to hack into WordPress, and some of the best
way(s) to secure a WordPress blog.

WordPress Security Audit & Vulnerability Scanning

A
security audit is one of the most important steps to finding possible
vulnerabilities in WordPress and in this section I will discuss some
tools and plug-ins you can use to find them.

Plecost WordPress Fingerprinting Tool:

Plecost
is a wonderful tool to audit a WordPress blog and it is available by
default on the most famous penetration test tools i.e., Backtrack,
Backbox and Blackbuntu. Plecost contains a database of available
plug-ins and compares them against the common vulnerability and exposure
(CVE) list to verify its vulnerability on WordPress.
Plecost can
work in two modes – either by auditing the security of a single targeted
URL or Google search results. Our goal is to audit a single URL.
Here is the result of a quick and a simple audit on WordPress using Plecost.
[email protected]:/pentest/web/scanners/plecost# ./plecost-0.2.2-9-beta.py -i wp_plugin_list.txt -c http://127.0.0.1/wordpress

————————————————-

[*] Input plugin list set to: wp_plugin_list.txt

[*] Colored output set on.

————————————————-

==> Results for: http://127.0.0.1/wordpress <==

[i] WordPress version found: 3.3

[i] WordPress last public version: 3.3.1

[*] Search for installed plugins

[i] Plugin found: akismet

|_Latest version: 2.4.0

|_ Installed version: 2.3.0

|_CVE list:

|___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)

|___CVE-2007-2714: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2714)

|___CVE-2006-4743: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4743)

|___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)

|___CVE-2007-2714: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2714)

|___CVE-2006-4743: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4743)

[i] Plugin found: wp-security-scan

|_Latest version: 2.7.1.2

|_ Installed version: trunk

|_CVE list:

|___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)

|___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)

You
can see that this WordPress software is outdated. The new version of
WordPress is available and the new version of the plug-ins are also
available, but they have not been updated. This is dangerous.

The next article of this series will be publish soon, do not forget to share this information. 


Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Top Tips To Avoid Getting Scammed In Sports Wagering Sites

If you’re a sports fan, you’ve probably wanted to dabble into the world of sports wagering. Who wouldn’t? Just the idea of being able...

5 Security Apps to Protect your Phone from Hackers

Our phones are much more than just communication devices these days. They save all of our personal, financial, and private information. Losing access to...

Ways to Improve Internet Speed

A slow-speed internet that makes you wait for ages before you can finally access a webpage is surely quite a pain! It tests your...

How to Reduce Risk with Runtime Application Self Protection

Instead of waning, cyber attacks continue to rise as the years pass. Several reasons contribute to this phenomenon, despite developing and deploying more robust...