How to Use wpscan in Kali Linux?
Last Updated :
08 Sep, 2022
Wpscan is a vulnerability scanning tool, which comes pre-installed in Kali Linux. This scanner tool scans for vulnerabilities in websites that run WordPress web engines. The wpscan tool itself isn’t a malicious tool, as it is only for reconnaissance against a particular site. However, a skilled hacker could use the information obtained from this tool to exploit your websites. Another feature of this tool is that it can, for instance, perform brute force attacks on the supplied URL thus, it is highly recommended to not use the tool (if you are trying to exploit a WordPress running website) on a site, you do not own or have authorization to pentesting.
Usage of Tool:
Firstly, check whether wpscan is installed on your Kali Linux or not. If not, then refer to this article on how to install wpscan on Kali. Then open a terminal by pressing CTRL+ALT+T. The basic syntax of the wpscan command is given below:
wpscan --url <https://recon_site.com>
The wpscan works for both HTTP and HTTPS sites. If not provided, it takes HTTP by default.
Features and Utilities:
- Checking the version of WordPress used and associated vulnerabilities for that version.
- Checks for database dumps that may be openly accessible.
- Checks for the WordPress README file.
- Brute force usernames and passwords if possible.
- Checks for publicly available or backed up wp-config.php files
- Checks for themes and plugins used on the site and possible vulnerabilities for them.
- Performs media file enumeration as well.
- Checks for exposed error log files, if available.
- Also, enumerates possible directory lists.
Options of wpscan:
| Options | Description |
|---|
| --url URL | It is a mandatory argument that supplies the URL of the blog to be enumerated. |
| -o FILE | saves the output to a given file. |
| -hh | displays the full help |
| -detection-mode MODE |
sets the mode of enumeration. Available modes are:
- mixed: performs a medium level of enumeration.
- passive: scans only a few vulnerabilities
- aggressive: performs deep rigorous scan of the website.
|
| --force | does not check if the URL supplied uses WordPress or not. |
| --api-token API | without this option, wpscan does not display enumerated vulnerabilities. |
API Token:
The --api-token option takes an API token which tells the wpscan tool to display the found vulnerabilities. Without this, wpscan will not show vulnerabilities but, only the versions and other info about the URL supplied.
wpscan --url https://abc.com --api-token API
The output should be like
This option also tells you the number of API tokens consumed and the remaining.
Examples:
wpscan --url https://abc.com -o ./Desktop/wordpress.txt
wpscan --hh
Without the --force option, wpscan can sometimes give a message that the remote site is not up or does not use WordPress.
However, if you happen to know for a fact that the site does use WordPress then, you can use the --force option, as shown below, to avoid the check for WordPress and scan it anyway.
wpscan --url https://abc.com/ --force
In some cases, it is possible that the site owner has prevented the site from being enumerated,a and even with the --force option, you cannot enumerate it and will get an error like the following. So, either try some other tools or let it be.
Similar Reads
How to Use wpscan tool in Kali Linux
Wpscan is a WordPress security scanner used to test WordPress installations and WordPress-powered websites. This is a command line tool used in Kali Linux. This tool can be used to find any vulnerable plugins, themes, or backups running on the site. It is usually used by individual WordPress site ow
3 min read
wpscan Tool in Kali Linux
wpscan is a tool that finds the vulnerability in WordPress websites. It's a great tool for gathering general passive reconnaissance about a website that's running on WordPress. In Kali Linux, you don't need to install wpscan. Wpscan Image How to Use wpscan We know, WPscan should be already installed
2 min read
How to use Kali Linux in Windows with WSL 2?
The Windows Subsystem for Linux lets developers run a GNU/Linux environment including most command-line tools, etc. direct on Windows, unmodified, without the overhead of an ordinary virtual machine or dual-boot system. Uses of WSL: Pick your preferred GNU/Linux distributions from the Microsoft Stor
5 min read
How to Root in Kali Linux?
Every Linux Distribution comes up with a dedicated account service where all the Administrative Privileges of Linux are kept. And the Debian Linux Distribution, Kali Linux is not also different from that. If you want to get all the Administrative Abilities in Kali Linux, you have to perform Root in
4 min read
How to Install sqlsus on Kali Linux?
Sqlsus tool is an automated cyber security tool developed in the Perl Language which has the capability of detecting SQL Injection and Takeover the access of the database if the web application is vulnerable. Sqlsus tool is a command-line-based tool so you can pass the flags or tags in the command i
2 min read
How to Install WordPress on Kali Linux
Installing WordPress on Kali Linux can be a useful endeavor, whether for development, testing, or learning purposes. WordPress is a popular content management system (CMS) that allows you to create and manage websites easily. In this article, we will guide you through the process of installing WordP
4 min read
How to install Kali Linux in VMware?
Kali Linux is a popular distribution used for penetration testing, ethical hacking, and cybersecurity. Installing Kali Linux in VMware allows you to run it as a virtual machine, providing an isolated environment to practice hacking techniques and test security tools. VMware’s virtualization capabili
4 min read
How to Install Kali Linux on Windows?
Kali Linux is an open-source Linux distribution based on Debian, designed for sophisticated penetration testing and security auditing. Kali Linux includes hundreds of tools for diverse information security activities such as penetration testing, security research, computer forensics, and reverse eng
2 min read
WPS Office for Kali Linux
Kali Linux is one of the most favorable Operating Systems for Penetration Testing and Ethical Hacking. Several tools are offered by Kali Linux to test the Target application in terms of security perspective. Although Kali Linux has various tools for Testing purposes, there are no office productive a
5 min read
Installation of Wpscan Tool in Kali Linux
Wpscan (WordPress vulnerability Scanner) is a black box WordPress vulnerability scanner. Wpscan is used to scan remote WordPress installations or websites to find security issues. WordPress can also be used to enumerate WordPress plugins and themes and brute-force logins. Approximately 35% of the in
2 min read