운영체제 깨알지식 | 웹핵.다이누.넷 |
---|
#우분투 리눅스 #Ubuntu 24.10 #WordPress 취약점 스캐너 #wpscan #취약점점검도구 #WPScan #WordPress Security Scanner [2024년 11월 10일]Ubuntu 24.10 Oracular Oriole에서 WPScan: WordPress Security Scanner 설치하기요약
우분투( jinsuk@ubuntu:~$ sudo gem install wpscan Command 'gem' not found, but can be installed with: sudo apt install ruby-rubygems jinsuk@ubuntu:~$ 우분투 운영체제에 ruby-rubygems가 설치되어 있지않다고 해서 설치. jinsuk@ubuntu:~$ sudo apt install ruby-rubygems The following packages were automatically installed and are no longer required: bogofilter libchamplain-gtk-0.12-0 libcogl-common libgnome-autoar-gtk-0-0 bogofilter-bdb libclutter-1.0-0 libcogl-pango20 libgsl28 bogofilter-common libclutter-1.0-common libcogl-path20 libgslcblas0 evolution-common libclutter-gtk-1.0-0 libcogl20 libpst4t64 libchamplain-0.12-0 libcmark0.30.2 libevolution libytnef0 Use 'sudo apt autoremove' to remove them. Installing: ruby-rubygems Installing dependencies: fonts-lato libruby ruby ruby-webrick rubygems-integration javascript-common libruby3.3 ruby-net-telnet ruby-xmlrpc libjs-jquery rake ruby-sdbm ruby3.3 Suggested packages: ri ruby-dev bundler Summary: Upgrading: 0, Installing: 14, Removing: 0, Not Upgrading: 0 Download size: 9,394 kB Space needed: 48.8 MB / 44.9 GB available Continue? [Y/n] Get:1 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 fonts-lato all 2.015-1 [2,781 kB] Get:2 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 javascript-common all 11+nmu1 [5,936 B] Get:3 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 libjs-jquery all 3.6.1+dfsg+~3.5.14-1 [328 kB] Get:4 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 rubygems-integration all 1.18ubuntu1 [5,528 B] Get:5 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 ruby3.3 arm64 3.3.4-2ubuntu5 [49.0 kB] Get:6 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 ruby-rubygems all 3.4.20-1 [238 kB] Get:7 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 ruby arm64 1:3.3~ubuntu3 [3,618 B] Get:8 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 rake all 13.2.1-1 [45.8 kB] Get:9 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 ruby-net-telnet all 0.2.0-1 [13.3 kB] Get:10 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 ruby-webrick all 1.8.1-1ubuntu1 [52.6 kB] Get:11 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 ruby-xmlrpc all 0.3.3-2 [24.8 kB] Get:12 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 ruby-sdbm arm64 1.0.0-5build5 [15.5 kB] Get:13 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 libruby3.3 arm64 3.3.4-2ubuntu5 [5,826 kB] Get:14 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 libruby arm64 1:3.3~ubuntu3 [5,038 B] Fetched 9,394 kB in 9s (990 kB/s) Selecting previously unselected package fonts-lato. (Reading database ... 267730 files and directories currently installed.) Preparing to unpack .../00-fonts-lato_2.015-1_all.deb ... Unpacking fonts-lato (2.015-1) ... Selecting previously unselected package javascript-common. Preparing to unpack .../01-javascript-common_11+nmu1_all.deb ... Unpacking javascript-common (11+nmu1) ... Selecting previously unselected package libjs-jquery. Preparing to unpack .../02-libjs-jquery_3.6.1+dfsg+~3.5.14-1_all.deb ... Unpacking libjs-jquery (3.6.1+dfsg+~3.5.14-1) ... Selecting previously unselected package rubygems-integration. Preparing to unpack .../03-rubygems-integration_1.18ubuntu1_all.deb ... Unpacking rubygems-integration (1.18ubuntu1) ... Selecting previously unselected package ruby3.3. Preparing to unpack .../04-ruby3.3_3.3.4-2ubuntu5_arm64.deb ... Unpacking ruby3.3 (3.3.4-2ubuntu5) ... Selecting previously unselected package ruby-rubygems. Preparing to unpack .../05-ruby-rubygems_3.4.20-1_all.deb ... Unpacking ruby-rubygems (3.4.20-1) ... Selecting previously unselected package ruby. Preparing to unpack .../06-ruby_1%3a3.3~ubuntu3_arm64.deb ... Unpacking ruby (1:3.3~ubuntu3) ... Selecting previously unselected package rake. Preparing to unpack .../07-rake_13.2.1-1_all.deb ... Unpacking rake (13.2.1-1) ... Selecting previously unselected package ruby-net-telnet. Preparing to unpack .../08-ruby-net-telnet_0.2.0-1_all.deb ... Unpacking ruby-net-telnet (0.2.0-1) ... Selecting previously unselected package ruby-webrick. Preparing to unpack .../09-ruby-webrick_1.8.1-1ubuntu1_all.deb ... Unpacking ruby-webrick (1.8.1-1ubuntu1) ... Selecting previously unselected package ruby-xmlrpc. Preparing to unpack .../10-ruby-xmlrpc_0.3.3-2_all.deb ... Unpacking ruby-xmlrpc (0.3.3-2) ... Selecting previously unselected package ruby-sdbm:arm64. Preparing to unpack .../11-ruby-sdbm_1.0.0-5build5_arm64.deb ... Unpacking ruby-sdbm:arm64 (1.0.0-5build5) ... Selecting previously unselected package libruby3.3:arm64. Preparing to unpack .../12-libruby3.3_3.3.4-2ubuntu5_arm64.deb ... Unpacking libruby3.3:arm64 (3.3.4-2ubuntu5) ... Selecting previously unselected package libruby:arm64. Preparing to unpack .../13-libruby_1%3a3.3~ubuntu3_arm64.deb ... Unpacking libruby:arm64 (1:3.3~ubuntu3) ... Setting up javascript-common (11+nmu1) ... apache2_invoke: Enable configuration javascript-common Warning: The unit file, source configuration file or drop-ins of apache2.service changed on disk. Ru n 'systemctl daemon-reload' to reload units. Setting up fonts-lato (2.015-1) ... Setting up rubygems-integration (1.18ubuntu1) ... Setting up ruby-net-telnet (0.2.0-1) ... Setting up ruby-webrick (1.8.1-1ubuntu1) ... Setting up libjs-jquery (3.6.1+dfsg+~3.5.14-1) ... Setting up ruby-xmlrpc (0.3.3-2) ... Setting up ruby3.3 (3.3.4-2ubuntu5) ... Setting up libruby:arm64 (1:3.3~ubuntu3) ... Setting up ruby (1:3.3~ubuntu3) ... Setting up rake (13.2.1-1) ... Setting up libruby3.3:arm64 (3.3.4-2ubuntu5) ... Setting up ruby-rubygems (3.4.20-1) ... Setting up ruby-sdbm:arm64 (1.0.0-5build5) ... Processing triggers for fontconfig (2.15.0-1.1ubuntu2) ... Processing triggers for libc-bin (2.40-1ubuntu3) ... Processing triggers for man-db (2.12.1-3) ... jinsuk@ubuntu:~$ 드디어 wpscan 설치 시도!!! jinsuk@ubuntu:~$ sudo gem install wpscan Fetching sys-proctable-1.3.0.gem Fetching ethon-0.16.0.gem Fetching yajl-ruby-1.4.3.gem Fetching typhoeus-1.4.1.gem Fetching ffi-1.17.0-aarch64-linux-gnu.gem Fetching ruby-progressbar-1.13.0.gem Fetching public_suffix-6.0.1.gem Fetching addressable-2.8.7.gem Fetching concurrent-ruby-1.3.4.gem Fetching tzinfo-2.0.6.gem Fetching i18n-1.14.6.gem Fetching connection_pool-2.4.1.gem Fetching activesupport-7.2.2.gem Fetching opt_parse_validator-1.10.0.gem Fetching nokogiri-1.16.7-aarch64-linux.gem Fetching get_process_mem-0.2.7.gem Fetching wpscan-3.8.27.gem Fetching cms_scanner-0.14.3.gem Building native extensions. This could take a while... ERROR: Error installing wpscan: ERROR: Failed to build gem native extension. current directory: /var/lib/gems/3.3.0/gems/yajl-ruby-1.4.3/ext/yajl /usr/bin/ruby3.3 -I/usr/lib/ruby/vendor_ruby extconf.rb mkmf.rb can't find header files for ruby at /usr/lib/ruby/include/ruby.h You might have to install separate package for the ruby development environment, ruby-dev or ruby-devel for example. extconf failed, exit code 1 Gem files will remain installed in /var/lib/gems/3.3.0/gems/yajl-ruby-1.4.3 for inspection. Results logged to /var/lib/gems/3.3.0/extensions/aarch64-linux-gnu/3.3.0/yajl-ruby-1.4.3/gem_make.out jinsuk@ubuntu:~$
오류 발생. " jinsuk@ubuntu:~$ sudo apt install ruby-dev The following packages were automatically installed and are no longer required: bogofilter libchamplain-gtk-0.12-0 libcogl-common libgnome-autoar-gtk-0-0 bogofilter-bdb libclutter-1.0-0 libcogl-pango20 libgsl28 bogofilter-common libclutter-1.0-common libcogl-path20 libgslcblas0 evolution-common libclutter-gtk-1.0-0 libcogl20 libpst4t64 libchamplain-0.12-0 libcmark0.30.2 libevolution libytnef0 Use 'sudo apt autoremove' to remove them. Installing: ruby-dev Installing dependencies: libgmp-dev libgmpxx4ldbl ruby3.3-dev ruby3.3-doc Suggested packages: gmp-doc libgmp10-doc libmpfr-dev Summary: Upgrading: 0, Installing: 5, Removing: 0, Not Upgrading: 0 Download size: 2,842 kB Space needed: 26.0 MB / 44.8 GB available Continue? [Y/n] Get:1 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 libgmpxx4ldbl arm64 2:6.3.0+dfsg-2ubuntu7 [10.1 kB] Get:2 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 libgmp-dev arm64 2:6.3.0+dfsg-2ubuntu7 [335 kB] Get:3 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 ruby3.3-dev arm64 3.3.4-2ubuntu5 [263 kB] Get:4 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 ruby-dev arm64 1:3.3~ubuntu3 [5,196 B] Get:5 http://ports.ubuntu.com/ubuntu-ports oracular/main arm64 ruby3.3-doc all 3.3.4-2ubuntu5 [2,229 kB] Fetched 2,842 kB in 5s (595 kB/s) Selecting previously unselected package libgmpxx4ldbl:arm64. (Reading database ... 271009 files and directories currently installed.) Preparing to unpack .../libgmpxx4ldbl_2%3a6.3.0+dfsg-2ubuntu7_arm64.deb ... Unpacking libgmpxx4ldbl:arm64 (2:6.3.0+dfsg-2ubuntu7) ... Selecting previously unselected package libgmp-dev:arm64. Preparing to unpack .../libgmp-dev_2%3a6.3.0+dfsg-2ubuntu7_arm64.deb ... Unpacking libgmp-dev:arm64 (2:6.3.0+dfsg-2ubuntu7) ... Selecting previously unselected package ruby3.3-dev:arm64. Preparing to unpack .../ruby3.3-dev_3.3.4-2ubuntu5_arm64.deb ... Unpacking ruby3.3-dev:arm64 (3.3.4-2ubuntu5) ... Selecting previously unselected package ruby-dev:arm64. Preparing to unpack .../ruby-dev_1%3a3.3~ubuntu3_arm64.deb ... Unpacking ruby-dev:arm64 (1:3.3~ubuntu3) ... Selecting previously unselected package ruby3.3-doc. Preparing to unpack .../ruby3.3-doc_3.3.4-2ubuntu5_all.deb ... Unpacking ruby3.3-doc (3.3.4-2ubuntu5) ... Setting up ruby3.3-doc (3.3.4-2ubuntu5) ... Setting up libgmpxx4ldbl:arm64 (2:6.3.0+dfsg-2ubuntu7) ... Setting up libgmp-dev:arm64 (2:6.3.0+dfsg-2ubuntu7) ... Setting up ruby3.3-dev:arm64 (3.3.4-2ubuntu5) ... Setting up ruby-dev:arm64 (1:3.3~ubuntu3) ... Processing triggers for libc-bin (2.40-1ubuntu3) ... jinsuk@ubuntu:~$ 다시 wpscan 설치 시도! jinsuk@ubuntu:~$ sudo gem install wpscan Building native extensions. This could take a while... Successfully installed yajl-ruby-1.4.3 Successfully installed ffi-1.17.0-aarch64-linux-gnu Successfully installed ethon-0.16.0 Successfully installed typhoeus-1.4.1 Successfully installed sys-proctable-1.3.0 Successfully installed ruby-progressbar-1.13.0 Successfully installed public_suffix-6.0.1 Successfully installed addressable-2.8.7 Successfully installed concurrent-ruby-1.3.4 Successfully installed tzinfo-2.0.6 PSA: I18n will be dropping support for Ruby < 3.2 in the next major release (April 2025), due to Ruby's end of life for 3.1 and below (https://endoflife.date/ruby). Please upgrade to Ruby 3.2 or newer by April 2025 to continue using future versions of this gem. Successfully installed i18n-1.14.6 Successfully installed connection_pool-2.4.1 Successfully installed activesupport-7.2.2 Successfully installed opt_parse_validator-1.10.0 Successfully installed nokogiri-1.16.7-aarch64-linux Successfully installed get_process_mem-0.2.7 Successfully installed cms_scanner-0.14.3 Successfully installed wpscan-3.8.27 Parsing documentation for yajl-ruby-1.4.3 Installing ri documentation for yajl-ruby-1.4.3 Parsing documentation for ffi-1.17.0-aarch64-linux-gnu Installing ri documentation for ffi-1.17.0-aarch64-linux-gnu Parsing documentation for ethon-0.16.0 Installing ri documentation for ethon-0.16.0 Parsing documentation for typhoeus-1.4.1 Installing ri documentation for typhoeus-1.4.1 Parsing documentation for sys-proctable-1.3.0 Installing ri documentation for sys-proctable-1.3.0 Parsing documentation for ruby-progressbar-1.13.0 Installing ri documentation for ruby-progressbar-1.13.0 Parsing documentation for public_suffix-6.0.1 Installing ri documentation for public_suffix-6.0.1 Parsing documentation for addressable-2.8.7 Installing ri documentation for addressable-2.8.7 Parsing documentation for concurrent-ruby-1.3.4 Installing ri documentation for concurrent-ruby-1.3.4 Parsing documentation for tzinfo-2.0.6 Installing ri documentation for tzinfo-2.0.6 Parsing documentation for i18n-1.14.6 Installing ri documentation for i18n-1.14.6 Parsing documentation for connection_pool-2.4.1 Installing ri documentation for connection_pool-2.4.1 Parsing documentation for activesupport-7.2.2 Installing ri documentation for activesupport-7.2.2 Parsing documentation for opt_parse_validator-1.10.0 Installing ri documentation for opt_parse_validator-1.10.0 Parsing documentation for nokogiri-1.16.7-aarch64-linux Installing ri documentation for nokogiri-1.16.7-aarch64-linux Parsing documentation for get_process_mem-0.2.7 Installing ri documentation for get_process_mem-0.2.7 Parsing documentation for cms_scanner-0.14.3 Installing ri documentation for cms_scanner-0.14.3 Parsing documentation for wpscan-3.8.27 Installing ri documentation for wpscan-3.8.27 Done installing documentation for yajl-ruby, ffi, ethon, typhoeus, sys-proctable, ruby-progressbar, public_suffix, addressable, concurrent-ruby, tzinfo, i18n, connection_pool, activesupport, opt_parse_validator, nokogiri, get_process_mem, cms_scanner, wpscan after 8 seconds 18 gems installed jinsuk@ubuntu:~$ 드디어 wpscan 설치가 끝났다. 이제 WPScan 데이터베이스를 갱신하자. jinsuk@ubuntu:~$ wpscan --update _______________________________________________________________ __ _______ _____ \ \ / / __ \ / ____| \ \ /\ / /| |__) | (___ ___ __ _ _ __ ® \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \ \ /\ / | | ____) | (__| (_| | | | | \/ \/ |_| |_____/ \___|\__,_|_| |_| WordPress Security Scanner by the WPScan Team Version 3.8.27 @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart _______________________________________________________________ [i] Updating the Database ... [i] Update completed. jinsuk@ubuntu:~$ 설치와 DB 갱신이 끝났으니 WordPress가 설치된 사이트를 대상으로 스캔을 진행할 수 있다. jinsuk@ubuntu:~$ wpscan --url https://wp-*****.me/ --enumerate vp _______________________________________________________________ __ _______ _____ \ \ / / __ \ / ____| \ \ /\ / /| |__) | (___ ___ __ _ _ __ ® \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \ \ /\ / | | ____) | (__| (_| | | | | \/ \/ |_| |_____/ \___|\__,_|_| |_| WordPress Security Scanner by the WPScan Team Version 3.8.27 Sponsored by Automattic - https://automattic.com/ @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart _______________________________________________________________ [+] URL: https://wp-*****.me/ [104.26.10.213] [+] Started: Sun Nov 10 16:09:55 2024 Interesting Finding(s): [+] Headers | Interesting Entries: | - x-curious: We are hiring! contact@wp-media.me | - x-*****-nginx-bypass: No | - x-onecom-rid: 88c04d1b218a7931734c3d5d76fc3188 | - x-request-id: 88c04d1b218a7931734c3d5d76fc3188 | - x-node: proxy1.prv.wpmediapod1-cph3.one.com | - cf-cache-status: DYNAMIC | - report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJ8T96HSuKhKzE4XoOB0wxzqzEbHVDKDQG9esZPImVuuSRfUcOgRDIqEGWWhJRJ3CHnf9XsheHB7Hw1NkI1DE3DrtdWOGrS%2FYbtFjnQWLx1yvesLTNNV3jVe3fHVGg%3D%3D"}],"group":"cf-nel","max_age":604800} | - nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} | - server: cloudflare | - cf-ray: 8e043830ab1eb417-KIX | - server-timing: cfL4;desc="?proto=TCP&rtt=40815&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3409&recv_bytes=831&delivery_rate=68309&cwnd=254&unsent_bytes=0&cid=16e4728bffb54f8e&ts=858&x=0" | Found By: Headers (Passive Detection) | Confidence: 100% [+] robots.txt found: https://wp-*****.me/robots.txt | Interesting Entries: | - /wp-admin | - /wp-includes | - /wp-content/plugins | - /wp-content/cache | - /trackback | - /feed | - /comments | - /category/*/* | - */trackback | - */feed | - */comments | - /*.pdf$ | - /*?s=* | - /wp-login.php | - /wp-content/themes/V4/assets/js/optim/* | - /cdn-cgi/ | - /wp-content/uploads | - /*.php$ | - /*.inc$ | - /*.gz$ | Found By: Robots Txt (Aggressive Detection) | Confidence: 100% [+] This site has 'Must Use Plugins': https://wp-*****.me/wp-content/mu-plugins/ | Found By: Direct Access (Aggressive Detection) | Confidence: 80% | Reference: http://codex.wordpress.org/Must_Use_Plugins [+] WordPress version 6.6.1 identified (Outdated, released on 2024-07-23). | Found By: Rss Generator (Aggressive Detection) | - https://wp-*****.me/feed/, 위의 예는 워드프레스 홈페이지를 대상으로 취약한 플러그인(vp == vulnerable plugins)을 스캔한 결과이다. 해당 누리집에서는 취약한 플러그인이 발견되지 않았다. (보안 문제로 URL의 호스트명 일부를 *****로 처리하였다.) [처음 작성한 날: 2024.11.10] [마지막으로 고친 날: 2024.11.10] < 이전 글 : [짧은알림] Ubuntu+Gnome (우분투+그놈) 환경에서 가장자리 창정렬 비활성화 하기 (2024.12.01) > 다음 글 : [짧은알림] 우분투 24.04의 libEGL warning 오류 고치기 (2024.10.25) |