# 在Debian8上安装WPScan
sudo apt-get update
sudo apt-get install curl git libcurl4-openssl-dev make zlib1g-dev gawk g++ gcc libreadline6-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 autoconf libgdbm-dev libncurses5-dev automake libtool bison pkg-config -y
echo "deb https://ppa.launchpad.net/brightbox/ruby-ng/ubuntu trusty main" | sudo tee -a /etc/apt/sources.list.d/ruby.list
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys C3173AA6
sudo apt-get update
sudo apt-get install ruby2.3 ruby2.3-dev bundler -y
cd ~
git clone https://github.com/wpscanteam/wpscan.git
cd wpscan
sudo bundle install --without test
1
2
3
4
5
6
7
8
9
10
11
12
2
3
4
5
6
7
8
9
10
11
12
执行命令后会输出如下信息。
Fetching source index from https://rubygems.org/
Resolving dependencies..............................
Installing addressable 2.4.0
Installing ffi 1.9.10 with native extensions
Installing mini_portile2 2.0.0
Installing ruby-progressbar 1.8.0
Installing terminal-table 1.4.5
Installing yajl-ruby 1.2.1 with native extensions
Using bundler 1.12.3
Installing ethon 0.9.0
Installing nokogiri 1.6.7.2 with native extensions
Installing typhoeus 1.0.2
Bundle complete! 10 Gemfile dependencies, 10 gems now installed.
Gems in the group test were not installed.
Use `bundle show [gemname]` to see where a bundled gem is installed.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
2
3
4
5
6
7
8
9
10
11
12
13
14
15
更新WPScan数据库
ruby wpscan.rb --update
1
会输出如下信息。
_______________________________________________________________
__ _______ _____
\ \ / / __ \ / ____|
\ \ /\ / /| |__) | (___ ___ __ _ _ __
\ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
\ /\ / | | ____) | (__| (_| | | | |
\/ \/ |_| |_____/ \___|\__,_|_| |_|
WordPress Security Scanner by the WPScan Team
Version 2.9.1
Sponsored by Sucuri - https://sucuri.net
@_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
_______________________________________________________________
[i] Updating the Database ...
[i] Update completed.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
更新完就可以使用WPScan扫描网站了。
ruby wpscan.rb --url https://www.binghe.com
1
# 写在最后
如果你觉得冰河写的还不错,请微信搜索并关注「 冰河技术 」微信公众号,跟冰河学习高并发、分布式、微服务、大数据、互联网和云原生技术,「 冰河技术 」微信公众号更新了大量技术专题,每一篇技术文章干货满满!不少读者已经通过阅读「 冰河技术 」微信公众号文章,吊打面试官,成功跳槽到大厂;也有不少读者实现了技术上的飞跃,成为公司的技术骨干!如果你也想像他们一样提升自己的能力,实现技术能力的飞跃,进大厂,升职加薪,那就关注「 冰河技术 」微信公众号吧,每天更新超硬核技术干货,让你对如何提升技术能力不再迷茫!