> > > >


scan vuln di CMS WORDPRESS
koecroet Offline
<<-- yang punya naga
44 - 808
#1
01-15-2012, 06:45 PM
lagi galau, makanya ngrokok ama ngopi mulu di markas.
ayolah cari vulner, tp w bukan hacker jadi cuma bisa ngasih tau beginian.

1.
cari CMS target,
example:www.xxxxxx.com
2.
buka wp-scan,
#cd /pentest/web/wpscan
3.
liat help utk petunjuknya
#./wpscan -h
4.
langsung w ketik perintah
#./wpscan.rb -u www.xxxxxx.com --enumerate p
-u= untuk url victim apaan.
--enumerate p
untuk scan plugin yg vuln di cms nya.
Spoiler! :
[Image: ztw65i.png]
5.
trus nanti keluar deh,
kalo tulisannya yes berarti vulner
dan akan di beri link untuk cara inject nya
Spoiler! :
[Image: r7k7f7.png]

oke thanks
gk nolak cendol +1 dr ente
regards
koecroet


Note:
cara download aplikasi wpscan:

Code:
svn checkout http://wpscan.googlecode.com/svn/trunk/ ./wpscan

*hanya perlu koneksi internet dan download ke svn


sumber:
https://code.google.com/p/wpscan/
[shcode=This_site_xss-ed]
(This post was last modified: 01-16-2012, 01:13 AM by iKONspirasi.)  
Website Find
Reply

JendKopral Offline

2 - 12
#2
01-15-2012, 06:52 PM
ilmu bagus nih Smile , musti praktek neh
I'm Just pengguna baru On
<< back | track 5
 
Find
Reply

ekawithoutyou Away
just suramer
25 - 836
#3
01-15-2012, 07:05 PM
(01-15-2012, 06:45 PM)koecroet Wrote: lagi galau, makanya ngrokok ama ngopi mulu di markas.
ayolah cari vulner, tp w bukan hacker jadi cuma bisa ngasih tau beginian.

1.
cari CMS target,
example:www.xxxxx.com
2.
buka wp-scan,
#cd /pentest/web/wpscan
3.
liat help utk petunjuknya
#./wpscan -h
4.
langsung w ketik perintah
#./wpscan.rb -u www.xxxx.com --enumerate p
-u= untuk url victim apaan.
--enumerate p
untuk scan plugin yg vuln di cms nya.
Spoiler! :

5.
trus nanti keluar deh,
kalo tulisannya yes berarti vulner
dan akan di beri link untuk cara inject nya
Spoiler! :


oke thanks
regards
koecroet

ane coba deh Om Tongue

Every Second, Every Minutes, Every Hours, Every Days Its Never End
 
Find
Reply

koecroet Offline
<<-- yang punya naga
44 - 808
#4
01-15-2012, 07:21 PM
ane gk nolak +1 dari ente ente kok
[shcode=This_site_xss-ed]
 
Website Find
Reply

dandut$ Offline
Donatur
2 - 9
#5
01-15-2012, 08:14 PM
wuidih... coba ah... manstab mas.. Big Grin
 
Find
Reply

wahyuardan Offline
Advance
6 - 117
#6
01-15-2012, 08:49 PM
thanks infonya Big Grin langsung mencoba ConfusedConfused
Every one Have Superiority that you don't know..
 
Find
Reply

iKONspirasi Offline
Sysadmin
56 - 2,544
#7
01-15-2012, 09:24 PM
manteb momod satu ini, +1 dari ane Smile
I'm @ikonspirasi - Facebook
Personal blog: http://ikonspirasi.net
 
Website Find
Reply

lau13 Offline
Advance
6 - 104
#8
01-15-2012, 10:10 PM
mantap bro lanjutkan...
 
Find
Reply

xombix$ Offline
Donatur
4 - 109
#9
01-15-2012, 11:09 PM
mantabs dah om.Tongue
 
Find
Reply

nesta Offline
Share
5 - 229
#10
01-15-2012, 11:37 PM
kalo cara installnya bijimana om? ane pake linux soalnya Big Grin
[Image: 33529117274.jpg]
 
Find
Reply






Users browsing this thread: 1 Guest(s)