Summary
I was having a look at tools to check the vulnerabilities for WordPress and found this one called WPScan.
I tried to test it out with its Docker Image and a WordPress website, but because the website is in my local network, WPScan could not have resolved the hostname:
Scan Aborted: The url supplied 'https://my-wordpress.in-my-local-network.local/' seems to be down (Couldn't resolve host name)
So I created a shell script to make the container use my custom /etc/resolv.conf so that it resolves the IP Address via my own DNS Cache Server (dnsmasq) which provides the network information in my local network ( = The IP Addres for my-wordpress.in-my-local-network.local can be referred as 192.168.0.123 ).
About WPScan
I think WPScan is not the tool to check if your WordPress has a malicious file. It is a tool to prevent such a situation.
Requirements
- Docker
- Internet
- You being enable to apply what this post says to suit to your situation
Steps
Install Docker
If you do not want to use Docker, WPScan provids the command version as well so that you can stop reading this and then go with the command instead.
Add this script to your Linux Server
I included some requiresments so that you cannot just run it by pasting this script.
This script downloads the Docker Image if your Docker does not have it. So don't freak out in case you just ran the script without understadning what it does.
You amend the script to suit to your situation. For instance, you may want to refer
/etc/resolv.confin your server instead.
/somewhere/wpscan
==========
#!/bin/bash
hasDocker=$(which docker)
if [ -z "$hasDocker" ];
then
echo "You must install Docker"
exit
fi
hasWpScan=$(docker images | egrep "^wpscanteam/wpscan")
if [ -z "$hasWpScan" ];
then
echo
echo "Downloading the image for WPScan"
docker pull wpscanteam/wpscan
fi
base_dir=$(dirname "${BASH_SOURCE[0]}")
resolv=$base_dir/resolv.conf
if [ ! -f "$resolv" ];
then
echo
echo "Directory $base_dir must have the file \"resolv.conf\""
echo
echo 'Example of "resolv.conf"'
echo '(192.168.0.10 is your DNS Cache Server having the relationships between host-ip for your private network)'
echo '(You do not need to use this script if it is 192.168.1.1 because that is the default)'
echo "=========="
cat <<EOT
domain local
search local
nameserver 192.168.0.10
EOT
echo
exit
fi
exec docker \
run \
--rm \
-it \
-v $resolv:/etc/resolv.conf:ro \
wpscanteam/wpscan \
--disable-tls-checks \
$@
chmod +x /somewhere/wpscan
Add another file to your Linux Server
If your DNS Server is 192.168.1.1, you do not need to do anything in this post because the default value of nameserver is 192.168.1.1 in the Docker Image.
If that is not your case and you want to keep going, create another file /somewhere/resolv.conf (It can be created with ln -s /etc/resolv.conf if that suites to your situation). /somewhere/wpscan expects this file to be in the same directory so you may want to amend the script if you do not like that.
The file needs to look like this:
/somewhere/resolv.conf
==========
domain local
search local
nameserver 192.168.0.10
192.168.0.10 is the IP Address for the DNS Server you want to use. The DNS Server must be able to return the IP Address for your WordPress website like 192.168.0.123 from the URL like https://my-wordpress-in-my-local-network.local/. So you change the value 192.168.0.10 to suit to your situation.
Run your WordPress
If not running. In my case, it needs to be running with Docker Container so I need to run docker-compose up.
Run the script
/somewhere/wpscan \
--api-token exampleKckgfg0bkS5t5nEXAMPLE12kuIkJ5Example \
--url https://my-test-wordpress.thank-you-for-reading.local/
Top comments (0)