Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: finding wordpress instances
From: James Rogers <jamesmrogers () gmail com>
Date: Fri, 27 Apr 2012 12:49:54 -0400

I'd check for wordpress/wp-login.php  as well.  I know that is where I
installed wordpress several times before.

On Fri, Apr 27, 2012 at 12:30 PM, Hani Benhabiles <kroosec () gmail com> wrote:
On 04/27/2012 05:12 PM, Sina Bahram wrote:

Quick question guys. Is there an NSE script in the latest batch that can
scan for wordpress instances on a given subnet, or would it
be that hard to make?

Wanting to help someone scan a rather large network for at risk wordpress
instances.

Am I completely imagining that something like this existed?

Found one script online that claims to do so via NSE, but it's broken.

Thanks much

Take care,
Sina

Website: www.SinaBahram.com
Twitter: @SinaBahram



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


Hey Sina,

Without being very knowledgeable about Wordpress, an easy target would be a
small script to check the response from an http request to /wp-login.php.

Cheers,
Hani.

--
Hani Benhabiles
OWASP Algeria Student Chapter: Founder/President.
http://www.owaspalgeriasc.org
https://www.owasp.org/index.php/Algeria_Student_Chapter
Email: hani.benhabiles () owasp org

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]