Kali Linux has available to it a Ruby script that may be used to list all users on a WordPress website. Use the command below to scan a website for security vulnerabilties and see if there are any problems with the website.
root@kali:~# wpscan --url mywordpresssite.com --enumerate user |
Use this if you are a website owner and you need to scan your own website to find any problems.
Here is some sample output from a scan of wordpress.org.
root@kali:~# wpscan --url wordpress.org --enumerate user _______________________________________________________________ __ _______ _____ \ \ / / __ \ / ____| \ \ /\ / /| |__) | (___ ___ __ _ _ __ \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \ \ /\ / | | ____) | (__| (_| | | | | \/ \/ |_| |_____/ \___|\__,_|_| |_|</code> WordPress Security Scanner by the WPScan Team Version v2.4.1 Sponsored by the RandomStorm Open Source Initiative @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_ _______________________________________________________________ [+] URL: http://wordpress.org/ [+] Started: Wed Jul 30 01:27:07 2014 [+] robots.txt available under: 'http://wordpress.org/robots.txt' [+] Interesting entry from robots.txt: http://wordpress.org/search [+] Interesting entry from robots.txt: http://wordpress.org/support/search.php [+] Interesting entry from robots.txt: http://wordpress.org/extend/plugins/search.php [+] Interesting entry from robots.txt: http://wordpress.org/plugins/search.php [+] Interesting entry from robots.txt: http://wordpress.org/extend/themes/search.php [+] Interesting entry from robots.txt: http://wordpress.org/themes/search.php [+] Interesting entry from robots.txt: http://wordpress.org/support/rss [+] Interesting entry from robots.txt: http://wordpress.org/archive/ [+] Interesting header: SERVER: nginx [+] Interesting header: X-NC: HIT lax 250 [+] This site seems to be a multisite (http://codex.wordpress.org/Glossary#Multisite) [+] XML-RPC Interface available under: http://wordpress.org/xmlrpc.php [+] WordPress version 4.0-beta2-20140729 identified from rss generator [+] Enumerating plugins from passive detection ... [+] No plugins found [+] Enumerating usernames ... [!] Stop User Enumeration plugin detected, results might be empty. However a bypass exists, see stop_user_enumeration_bypass.rb in /usr/share/wpscan [+] We did not enumerate any usernames [+] Finished: Wed Jul 30 01:27:19 2014 [+] Memory used: 1.113 MB [+] Elapsed time: 00:00:11 |
Here is another example, I installed wpscan from git using this tutorial: http://www.linuxx.eu/2014/02/wpscan-tutorial-debian-ubuntu-etc.html.
homer@deusexmachina ~/wpscan $ ruby wpscan.rb --url https://www.wordpress.com --enumerate users _______________________________________________________________ __ _______ _____ \ \ / / __ \ / ____| \ \ /\ / /| |__) | (___ ___ __ _ _ __ \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \ \ /\ / | | ____) | (__| (_| | | | | \/ \/ |_| |_____/ \___|\__,_|_| |_|</code> WordPress Security Scanner by the WPScan Team Version v2.4.1r9b1312c Sponsored by the RandomStorm Open Source Initiative @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_ _______________________________________________________________ [i] The remote host tried to redirect to: https://wordpress.com/ [?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N]y [+] URL: https://wordpress.com/ [+] Started: Wed Jul 30 17:25:14 2014 [+] robots.txt available under: 'https://wordpress.com/robots.txt' [+] Interesting entry from robots.txt: https://wordpress.com/next/ [+] Interesting entry from robots.txt: https://wordpress.com/mshots/v1/ [+] Interesting entry from robots.txt: https://wordpress.com/activate/ [+] Interesting entry from robots.txt: https://wordpress.com/wp-login.php [+] Interesting entry from robots.txt: https://wordpress.com/signup/ [+] Interesting entry from robots.txt: https://wordpress.com/related-tags.php [+] Interesting entry from robots.txt: https://wordpress.com/public-api/ [+] Interesting entry from robots.txt: https://wordpress.com/cgi-bin/ [+] Interesting header: SERVER: nginx [+] Interesting header: X-AC: 2.lax _dfw [+] Interesting header: X-FRAME-OPTIONS: SAMEORIGIN [+] This site seems to be a multisite (http://codex.wordpress.org/Glossary#Multisite) [+] XML-RPC Interface available under: https://wordpress.com/xmlrpc.php [+] Enumerating plugins from passive detection ... [+] No plugins found [+] Enumerating usernames ... [+] Identified the following 1 user/s: +----+-------+------+ | Id | Login | Name | +----+-------+------+ | 5 | matt | Matt | +----+-------+------+ [+] Finished: Wed Jul 30 17:25:36 2014 [+] Memory used: 67.129 MB [+] Elapsed time: 00:00:22 |
This utility is perfect for examining your website for security vulnerabilities. If you have Kali Linux then this is already installed.