Install and Use WPScan on Linux – A WordPress Vulnerability Scanner

WPScan is a command line WordPress vulnerability scanner that can be used to scan WordPress vulnerabilities. It comes pre-installed on the following penetration testing Linux distributions.

  • BackBox Linux
  • Kali Linux
  • Pentoo
  • SamuraiWTF
  • BlackArch

WPScan is available from Github. Now let’s see how to install WPScan on Ubuntu 16.04/16.10, Debian 8, Fedora 24, Arch Linux and explain how to use this wp exploit scanner.

How to Install WPScan on Ubuntu 16.04, 16.10

First, install dependencies.

sudo apt install libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential libgmp-dev zlib1g-dev

Then install Git version control tool.

sudo apt install git

Clone the Github repository.

git clone https://github.com/wpscanteam/wpscan.git

Install it.

cd wpscan

sudo gem install bundler

bundle install --without test development

Install WPScan on Debian 8

First, install dependencies

sudo apt install git ruby ruby-dev libcurl4-openssl-dev make zlib1g-dev

Then clone repository and install it

git clone https://github.com/wpscanteam/wpscan.git

cd wpscan

sudo gem install bundler

bundle install --without test development

Install WPScan on Fedora 24

First, install dependencies.

sudo dnf install git gcc ruby-devel libxml2 libxml2-devel libxslt libxslt-devel libcurl-devel patch rpm-build

Then clone repository and install it

git clone https://github.com/wpscanteam/wpscan.git

cd wpscan

sudo gem install bundler

bundle install --without test development

Install WPScan on Arch Linux

WPScan is in Arch Linux repository, simply run the following command to install it.

sudo pacman -S wpscan

How to Use WPScan

Make sure you are in wpscan folder.

cd wpscan

To update database to the lastest version, run

ruby wpscan.rb --update

Scan installed plugins

ruby wpscan.rb --url http(s)://your-domain.com --enumerate p

Scan vulnerable plugins

ruby wpscan.rb --url http(s)://your-domain.com --enumerate vp

Scan installed themes

ruby wpscan.rb --url http(s)://your-domain.com --enumerate t

Scan vulnerable themes

ruby wpscan.rb --url http(s)://your-domain.com --enumerate vt

Scan user accounts:

ruby wpscan.rb --url http(s)://your-domain.com --enumerate u

Scan vulnerable timthumb files:

ruby wpscan.rb --url http(s)://your-domain.com --enumerate tt

Please note that scanning other’s websites is illegal. Do it only on your own website.

Enjoy this wp vulnerability scanner. And as always, if you found this post useful, then subscribe to our free newsletter or follow us on Google+, Twitter or like our Facebook page. Thanks for visiting!

Rate this tutorial
[Total: 2 Average: 5]

One Response to “Install and Use WPScan on Linux – A WordPress Vulnerability Scanner

  • Hi,

    I ran the above on Ubuntu 18 and got the following:

    [email protected]:~/wpscan# sudo gem install bundler
    Fetching: bundler-2.0.2.gem (100%)
    Successfully installed bundler-2.0.2
    Parsing documentation for bundler-2.0.2
    Installing ri documentation for bundler-2.0.2
    Done installing documentation for bundler after 4 seconds
    1 gem installed
    [email protected]:~/wpscan# bundle install --without test development
    Don't run Bundler as root. Bundler can ask for sudo if it is needed, and installing your bundle as
    root will break this application for all non-root users on this machine.
    Fetching gem metadata from https://rubygems.org/.........
    Fetching gem metadata from https://rubygems.org/.
    Resolving dependencies...
    Fetching concurrent-ruby 1.1.5
    Installing concurrent-ruby 1.1.5
    Fetching i18n 1.7.0
    Installing i18n 1.7.0
    Fetching minitest 5.12.2
    Installing minitest 5.12.2
    Fetching thread_safe 0.3.6
    Installing thread_safe 0.3.6
    Fetching tzinfo 1.2.5
    Installing tzinfo 1.2.5
    Fetching zeitwerk 2.1.10
    Installing zeitwerk 2.1.10
    Fetching activesupport 6.0.0
    Installing activesupport 6.0.0
    Fetching public_suffix 4.0.1
    Installing public_suffix 4.0.1
    Fetching addressable 2.7.0
    Installing addressable 2.7.0
    Using bundler 2.0.2
    Fetching mini_portile2 2.4.0
    Installing mini_portile2 2.4.0
    Fetching nokogiri 1.10.4
    Installing nokogiri 1.10.4 with native extensions
    Fetching opt_parse_validator 1.8.0
    Installing opt_parse_validator 1.8.0
    Fetching ruby-progressbar 1.10.1
    Installing ruby-progressbar 1.10.1
    Fetching ffi 1.11.1
    Installing ffi 1.11.1 with native extensions
    Fetching ethon 0.12.0
    Installing ethon 0.12.0
    Fetching typhoeus 1.3.1
    Installing typhoeus 1.3.1
    Fetching xmlrpc 0.3.0
    Installing xmlrpc 0.3.0
    Fetching yajl-ruby 1.4.1
    Installing yajl-ruby 1.4.1 with native extensions
    Fetching cms_scanner 0.6.0
    Installing cms_scanner 0.6.0
    Using wpscan 3.7.2 from source at `.`
    Bundle complete! 12 Gemfile dependencies, 21 gems now installed.
    Gems in the groups test and development were not installed.
    Use `bundle info [gemname]` to see where a bundled gem is installed.
    Post-install message from i18n:
    
    HEADS UP! i18n 1.1 changed fallbacks to exclude default locale.
    But that may break your application.
    
    Please check your Rails app for 'config.i18n.fallbacks = true'.
    If you're using I18n (>= 1.1.0) and Rails (< 5.2.2), this should be
    'config.i18n.fallbacks = [I18n.default_locale]'.
    If not, fallbacks will be broken in your app by I18n 1.1.x.
    
    For more info see:
    https://github.com/svenfuchs/i18n/releases/tag/v1.1.0

    and

    [email protected]:~/wpscan# ruby wpscan.rb --update
    Traceback (most recent call last):
    ruby: No such file or directory -- wpscan.rb (LoadError)

    Any pointers, I am linux newbie?

    Thanks.

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • Please use the community (https://community.linuxbabe.com) for questions unrelated to this article.
  • If you ask me more than 5 questions, I expect you to make a donation, or I would stop answering your questions.