Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File http-wordpress-plugins

Script types: portrule
Categories: discovery, intrusive
Download: http://nmap.org/svn/scripts/http-wordpress-plugins.nse

User Summary

Tries to obtain a list of installed WordPress plugins by brute force testing for known plugins.

The script will brute force the /wp-content/plugins/ folder with a dictionary of 14K (and counting) known WP plugins. Anything but a 404 means that a given plugin directory probably exists, so the plugin probably also does.

The available plugins for Wordpress is huge and despite the efforts of Nmap to parallelize the queries, a whole search could take an hour or so. That's why the plugin list is sorted by popularity and by default the script will only check the first 100 ones. Users can tweak this with an option (see below).

Script Arguments

http-wordpress-plugins.root

If set, points to the blog root directory on the website. If not, the script will try to find a WP directory installation or fall back to root.

http-wordpress-plugins.search

As the plugins list contains tens of thousand of plugins, this script will only search the 100 most popular ones by default. Use this option with a number or "all" as an argument for a more comprehensive brute force.

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap --script=http-wordpress-plugins --script-args http-wordpress-plugins.root="/blog/",http-wordpress-plugins.search=500 <targets>

Script Output

Interesting ports on my.woot.blog (123.123.123.123):
PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-wordpress-plugins:
| search amongst the 500 most popular plugins
|   akismet
|   wp-db-backup
|   all-in-one-seo-pack
|   stats
|_  wp-to-twitter

Requires


Author: Ange Gutek

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault