COMMANDDUMP – installing wpscan penetration tool on a clean ubuntu 14.04 server

Posted on
COMMANDDUMPRubyUbuntu

COMMANDDUMP – installing wpscan penetration tool on a clean ubuntu 14.04 server

WPScan (http://wpscan.org/)  has instructions for installing on Ubuntu 14.04,  however when attempting to install it on a clean 14.04 there were several missing dependencies.

(In Ubuntu 14.04 the default is ruby1.8 so the commands I added address this)

So I came up with the following commanddump required to install  – this works as of 1/19/2016

 

sudo apt-get install libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev build-essential libgmp-dev  #remove this package ruby-dev which links to an old package
sudo apt-get install ril1.9.1
sudo apt-get install ruby1.9.1-dev #thanks stackoverflow
gem install addressable -v '2.4.0'
#checkpoint you should receive a 'Successfully installed addressable-2.4.0
gem install ffi -v '1.9.10
#checkpoint you may need to install some ruby gems files
git clone https://github.com/wpscanteam/wpscan.git cd wpscan sudo gem install bundler && bundle install --without test
sudo gem install bundler && bundle install --without test

 

By the way, kudos to this guy (@_FireFart_) for getting his username displayed every time someone updates this awesome software

root@server:# ruby wpscan.rb --update
_______________________________________________________________
 __ _______ _____
 \ \ / / __ \ / ____|
 \ \ /\ / /| |__) | (___ ___ __ _ _ __
 \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
 \ /\ / | | ____) | (__| (_| | | | |
 \/ \/ |_| |_____/ \___|\__,_|_| |_|

 WordPress Security Scanner by the WPScan Team
 Version 2.9
 Sponsored by Sucuri - https://sucuri.net
 @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
_______________________________________________________________

[i] Updating the Database ...