Wordpress Fingerprinting

Wordpress comes bundled with the tinymce.js plug-in. Because this code changes every wordpress release, we are able to use its md5sum to determine a wordpress version against a target site. A perl script is below.

<syntaxhighlight lang="perl"> !/usr/bin/perl use strict; use LWP::UserAgent; use HTTP::Request; use HTTP::Response; use Digest::MD5 qw(md5_hex); my $domain = shift

We have more tools coming soon! Look forward to Chimera Live CD.

These are the offensive security tools developed by our wiki staff.

Vanguard - web application vulnerability testing engine written in Perl Jynx2 - A second version of the classic LD_Preload Jynx Rootkit written in C Bleeding Life - PHP and MySQL powered web browser buffer overflow exploit pack GScrape - Perl based google scraper for finding vulnerable websites Kolkata - Configurable web application fingerprinting engine using file checksums written in Perl Lfi_autopwn.pl - automatically spawn a shell using a File inclusion exploit, written in Perl. MySql 5 Enumeration - automatically map the contents of a remote database given a URL vulnerable to SQL injection, written in Perl Social Network Forgery Utility - Rickroll your friends with this PHP content forgery generation utility.

Wordpress Fingerprinting
is part of a series on

Web applications

Visit the Web applications Portal for complete coverage.

Wordpress Fingerprinting

Navigation menu

Views

Personal tools

Wiki

Community

Search

Tools