The rebirth of 5.FreshMinutes.IT or how to perform a security audit on a WordPress blog with WPScan

I haven’t been really active those last 7 years on that blog. Why? I worked for a company that asked me to sign a specific NDA concerning my work about innovation and technological watch. I left the company, and the NDA isn’t active anymore! Now, I have more time and envy, so for this rebirth, here are the specific evolutions:

  • Now, I write in English. In some cases, the article will be translated in French
  • The blog isn’t Java focused, because the IT galaxy has evolved since 2008
  • The blog has been hacked, due to a lack of patches and security audit. In consequence, the blog has been upgraded and the theme refreshed! And I will show explain how to perform a security audit that would list the main vulnerabilities of your WordPress blog with WPScan.

Performing a security audit on a wordpress blog

I’m working on Windows 10, and develop on it (thanks to the good support of Docker and Powershell). In that paper, I will explain how to setup a Kali Linux Distribution and perform a scan vulnerabilities with WPScan.

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security LtdMati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers.

Setting up Kali on Hyper-V

Create a VM and install the OS by downloading the ISO image instead of the pre-built Hyper-V image. It takes more time, but the settings (especially for non american) will be better and easier with this strategy.

It’s also possible to run a Kali with Virtual Box. Working with Virtual Box will give you issues, if you use Docker on Windows (because Docker uses Hyper-V and Virtual Box and Hyper-V can’t work together at the same time).

The setup of Kali with the ISO is very easy, when it’s launched, just follow the wizard. But be sure that the network is setup before launching the VM for the first time.

Setting up the network

In the Hyper-V Manager, be sure that you have already created an internal virtual commuter.

Creation of an internal Virtual Commuter in Hyper-V Manager

Then share your virtual commuter, in your Network Sharing Center in Windows.

  1. Select your Internet connexion (in my case Ethernet)
  2. Modify Properties
  3. Select Share and authorize the network having the name of the internal virtual commuter that you have created.

After that the OS hosted by your VM will be able to connect to Internet.

Update your Kali

Be sure, to have the last versions/patch by typing this in your Kali Linux terminal

apt-get update && apt-get -y dist-upgrade

Using WPScan to scan wordpress vunerabilities

Once your Kali is setup, many tools will be available for you.

In a terminal, you can launch your audit easily:

wpscan --url http://the_url_of_your_blog.com --update

If no vulnerabilities have been found, you should have an output close to this:

If vulnerabtlities have been found, your output should be closed to that:

 

WPScan has found vulnerabilities

If vulnerabilities are found, usually the best solution is to update/upgrade your WordPress and/or disable the plugins having vulnerabilities. References for your vulnerabilities will be provided too. Sometimes the vulnerabilities could appear to non critical for your setup/use.

Going further

This audit is quick and simple and analyse only your wordpress setup: it will help you to avoid attacks of script kiddies. It doesn’t replace a full penetration test made by a specialist: especially if you have made your own plugins/modules. Your server isn’t audited with WPScan: you could have a look to Metasploit Framework and Armitage.

Sources: