1. Wordpress Plugins Scanner
„To hack or not hack, that is the real question!“
Avădănei Andrei
Founder & CEO DefCamp
linkedin.com/in/andreiavadanei
twitter.com/AndreiAvadanei
2. Short bio
● Founder & CEO of DefCamp … and CTO (tech), CFO (financial), CMO (marketing), Sales
Manager, Community Manager, Speaker, Team Coordinator :))
● Founder Cyber Security Research Center from Romania (CCSIR)
● Community manager @worldit.info
● Vice President at GREPIT
● Volunteer at BitDefender Romania
● ...
3. Once upon a time..
● Somewhere in the www appeared HTML websites
(bullshit)
● Then web 2.0 websites took the lights
● + third party plugins (hell yeah)
● It was a wonderful time full of innovation and peace (>:D<)
● Then came the hackers and seized a big opportunnity
● But that is another story. >:)
4. Third-party apps
● Some sort of crowd development
● A good idea, poorly implemented
● Used by everybody in different ways (Google, Facebook,
Apple, Wordpress, Joomla, Vbulletin, Moodle ..)
● Usually there is no security test for apps before being
accepted in their market store
● And there is the place where all magic starts
5. Case study : Wordpress
● 23,688 plugins
● 416,305,218 downloads
● and counting
● Not bad, right?
● If we cannot break in the core, lets hack his chilldrens
● And here WP Plugins Scanner come in
6. WP Plugins Scanner
● White box pentesting tool
● Hooked RIPS implemented
● You can download plugins from WP directory
● You can build some sort of repository on your localhost
● Asynchronous scanning
● Soon :
– target websites and enumerate their plugins
– subversioning for plugins
– auto-monitor updates
– cache-ing results
– similar scanners for Joomla, Vbulletin and others?