search

Home >System Tutorial >LINUX >How to Use WPSeku to Find WordPress Security Issues?

How to Use WPSeku to Find WordPress Security Issues?

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB
WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOriginal
2024-07-02 17:24:01802browse

如何使用WPSeku找出 WordPress 安全问题?

However, these security issues can be avoided if we follow usual WordPress best practices. In this article, we’ll show you how to use WPSeku, a WordPress vulnerability scanner in Linux that can be used to find security holes in your WordPress installation and block potential threats.

WPSeku is a simple WordPress vulnerability scanner written in Python. It can be used to scan local and remote WordPress installations to find security issues.

How to Install WPSeku - WordPress Vulnerability Scanner in Linux

To install WPSeku in Linux, you need to clone the latest version of WPSeku from Github as follows. 

$ cd ~
$ git clone https://github.com/m4ll0k/WPSeku

After completion, enter the WPSeku directory and run as follows. 

$ cd WPSeku

Use the -u option to specify the WordPress installation URL and run WPSeku as follows: 

$ ./wpseku.py -u http://yourdomain.com

如何使用WPSeku找出 WordPress 安全问题?

The following command uses the -p option to search for cross-site scripting (x), local folder embedding (l) and SQL injection (s) vulnerabilities in WordPress plugins. You need to specify the location of the plugin in the URL: 

$ ./wpseku.py -u http://yourdomain.com/wp-content/plugins/wp/wp.php?id= -p [x,l,s]

The following command will perform a brute force password login via XML-RPC using the -b option. Alternatively, you can use the --user and --wordlist options to set the username and wordlist respectively, as shown below. 

$ ./wpseku.py -u http://yourdomian.com --user username --wordlist wordlist.txt -b [l,x]

To browse all WPSeku usage options, type: 

$ ./wpseku.py --help

如何使用WPSeku找出 WordPress 安全问题?

That’s it! In this post, we show you how to get and use WPSeku for WordPress vulnerability scanning in Linux. WordPress is secure, but only if we follow WordPress security best practices. Do you have ideas to share? If so, please leave a message in the comment area.

About the author:

Aaron Kili is a Linux and F.O.S.S enthusiast, soon to be Linux system administrator, web developer, and currently a content creator at TecMint. He loves working with computers and believes in sharing knowledge.

The above is the detailed content of How to Use WPSeku to Find WordPress Security Issues?. For more information, please follow other related articles on the PHP Chinese website!

Python sql xml github rpc linux WordPress
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:An in-depth interpretation of the plus sign and dot in the permission column in LinuxNext article:An in-depth interpretation of the plus sign and dot in the permission column in Linux

Related articles

See more