The best way to determine if your web site has built in vulnerabilities that an attacker could exploit is to hack your website yourself. This is not typically a do-it-yourself project, unless you have some decent technical skills. But with a little time and a few free downloadable tools, it could be something you could try, if for no other reason than to learn how easy this can be. This type of website penetration testing is used to find unpatched vulnerabilities, test the security of web applications, and meet regulatory compliance requirements
A good way to start is to scan your website using WPScan. WPScan is a black box vulnerability scanner for WordPress written in PHP. It is installed in Kali Linux, and other security distros, or can be downloaded from Git Hub for installation in your preferred distro. WPScan searches for version information on installations of Apache Web Server, WordPress, WordPress themes, and plugins. WPScan uses a database of 18,000 plugins and 2600 themes during scanning the target to find outdated versions and vulnerabilities. WPScan can:
- Detect a version of currently installed WordPress.
- Detect enabled features on currently installed WordPress.
- Enumerate theme version and name.
- Detect installed plugins and can tell you if it is outdated or not.
- Enumerate user names also.
- Detect sensitive files like readme, robots.txt, database replacing files, etc.
Once you have a list of vulnerabilities at hand, you can use Metaploit to find exploits that would work against them. From Metasploit you could run Meterpreter in order to spawn a terminal or shell session, and launch pass the hash tool like Mimikatz. From here you could:
In Metasploit
|
In Mimikatz
|
These techniques are available to potential attackers as well. The quick fix to any vulnerabilities you discover is to update your Apache, WordPress, plugin, and theme versions to the latest release. Once you have upgraded everything, run another scan to see if an vulnerabities remain.
More information:
- How to hack into a WordPress website, the complete guide 30th May 2016 Ogi Djuraskovic
- WordPress Penetration Testing using WPScan & Metasploit Raj Chandel 9-27-2017
APR
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com