burp_wp: WPScan like plugin for Burp Suite
Burp WP
Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy.
Usage
Install extension. Browse WordPress sites through Burp proxy. Vulnerable plugins and themes will appear in the issue list.
If you have Burp Pro, issues will also appear inside Scanner tab. Interesting things will be highlighted.
Installation
- Download Jython standalone JAR, for example, version 2.7
- Go to Extender->Options. Set path inside
Location of Jython standalone JAR file
- Download newest Burp WP
- Go to Extender->Extensions. Click Add. Set
Extension type
toPython
. Set path insideExtension file
.
- Burp WP should appear inside
Burp Extensions list
. Also you will see new tab.
Intruder payload generator
Because proxy requests and responses are used it’s not possible to discover all plugins and themes installed on a specific website.
You can try to get more information manually using intruder payload generator.
Right click on URL inside Proxy->HTTP history and choose Send to Burp WP Intruder.
This will replace request method to GET, remove all parameters and set payload position marker.
Now go to Intruder->Tab X->Positions. Correct URL so it points to WordPress homepage.
Inside Payloads tab uncheck Payload encoding so /
won’t be converted to %2f
.
Then set Payload type to Extension generated. Now click Select generator:
There are 3 generators:
- WordPress Plugins
- WordPress Themes
- WordPress Plugins and themes
Copyright (c) 2018 Kacper Szurek
Source: https://github.com/kacperszurek/