While playing around with wpscan
I noticed in the output that there was another tool mentioned called WordPressPingbackPortScanner
.
First checkout the source file from github.
1 |
$ git clone https://github.com/FireFart/WordpressPingbackPortScanner.git |
Switch to directory which was created during the checkout.
1 |
$ cd WordpressPingbackPortScanner |
Now run the scannaer against your test instance of WordPress.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
$ ruby wppps.rb -t http://10.0.0.53 http://10.0.0.53/wordpress/xmlrpc.php [Logo removed, sorry] Getting valid blog posts for pingback... Found valid post under http://10.0.0.53/wordpress/?p=1 Starting portscan... Port 25 is closed Port 53 is closed Port 21 is closed Port 22 is closed Port 110 is closed Port 143 is closed Port 106 is closed Port 80 is open Port 3389 is closed Port 8443 is closed Port 3306 is open Port 443 is closed Port 9999 is closed |
nmap
is on the same track.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
$ nmap -v -sT 10.0.0.53 Starting Nmap 6.01 ( http://nmap.org ) at 2013-01-13 10:48 CET [snip] Completed Connect Scan at 10:49, 27.49s elapsed (1000 total ports) Nmap scan report for 10.0.0.53 Host is up (0.59s latency). Not shown: 997 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 3306/tcp open mysql Read data files from: /usr/bin/../share/nmap Nmap done: 1 IP address (1 host up) scanned in 28.62 seconds Raw packets sent: 4 (152B) | Rcvd: 1 (28B) |
Pingback: URL