BLOG Updates and WordPress fingerprinting tool

I got a request from visitors to be able to get posts via e-mail,
Now you can subscribe to your category of intrest and get updates whenever a new post is published.

I also decided to start a “pick of the week” or “tool of the week” postings where each week i’ll post tools and scripts i find useful.

First tool of the week is : Plecost, a WordPress Finger Printer.

Plecost is written in python, basically you can think of it as a  wordpress scanner.

Description as appears in author website:

Plecost is a WordPress finger printer tool. Search and retrieve information about the plugins versions installed in WordPress systems. It can analyze a single URL or perform an analysis based on the results indexed by Google. Additionally displays CVE code associated with each plugin, if there.

To test the tool results and accuracy  i have setup a wordpress blog on virtual box , downloaded and installed randomly picked plugins.

Here is the directory listing of the installed plugins:

root@bt:/var/www/wordpress/wp-content/plugins# ls -l
total 36
drwxr-xr-x 2 root root 4096 Feb 10 2009 akismet
drwxr-xr-x 2 root root 4096 Jul 11 13:51 easy-random-quotes
drwxr-xr-x 6 root root 4096 Jul 11 13:51 events-calendar
drwxr-xr-x 8 root root 4096 Jul 11 13:51 global-flash-galleries
-rw-r--r-- 1 root root 2143 Nov 14 2008 hello.php
drwxr-xr-x 3 root root 4096 Jul 11 13:51 smartlinker
drwxr-xr-x 2 root root 4096 Jul 11 13:51 stats
drwxr-xr-x 2 root root 4096 Jul 11 13:51 twitvid
drwxr-xr-x 2 root root 4096 Jul 11 13:51 wp-mass-mail

Scan Results:

root@Blackbox:/pentest/web/plecost-0.2.2-8-beta# ./plecost-0.2.2-8-beta.py -i wp_plugin_list.txt -c -t 100 192.168.1.104/wordpress
-------------------------------------------------
[*] Input plugin list set to: wp_plugin_list.txt
[*] Colored output set on.
[*] Num of threats set to: 100
-------------------------------------------------

==> Results for: 192.168.1.104/wordpress <==

[i] WordPress version found: 2.7

[*] Search for installed plugins

[i] Plugin found: stats
|_Latest version: 1.6.1
|_ Installed version: 1.7.2
|_CVE list:
|___CVE-2009-2144: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2144)
|___CVE-2009-2143: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2143)
|___CVE-2007-4104: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4104)
|___CVE-2007-3288: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3288)

[i] Plugin found: akismet
|_Latest version: 2.2.7
|_Installed version: No results
|_CVE list:
|___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)
|___CVE-2007-2714: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2714)
|___CVE-2006-4743: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4743)

[i] Plugin found: events-calendar
|_Latest version: 6.6-beta
|_ Installed version: 6.6.2

[i] Plugin found: wp-mass-mail
|_Latest version: 1.01
|_ Installed version: 4.3

[i] Plugin found: smartlinker
|_Latest version: 1.5
|_ Installed version: 2.1

[i] Plugin found: twitvid
|_Latest version: 0.1
|_ Installed version: 0.2

[*] Done

As you can see the results were pretty good.

Post to Twitter

One Comment


  1. ffranz
    Jul 11, 2010

    thanks for the pingback!

Recent Posts