Want to subscribe to topics you're interested in?
Become a Member

Wordpress Wordpress Checksum Verification

Discussion in 'Blogs & CMS usage' started by ethanpil, May 13, 2017.

  1. ethanpil

    ethanpil Active Member

    168
    47
    28
    Nov 8, 2015
    Ratings:
    +87
    Local Time:
    8:13 AM
    • Like Like x 2
  2. eva2000

    eva2000 Administrator Staff Member

    28,984
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,766
    Local Time:
    8:13 AM
    Nginx 1.13.x
    MariaDB 5.5
    nice

    fyi, centmin.sh menu option 22 wordpress installer auto installs sucuri security wp plugin which has full file integrity checking as well :)
     
  3. ethanpil

    ethanpil Active Member

    168
    47
    28
    Nov 8, 2015
    Ratings:
    +87
    Local Time:
    8:13 AM
    I think commandline scan is much more efficent and easy for reporting... Here is an exmaple from one of my servers:

    Code:
    [root@server public]# wp checksum all --details
    Checking plugin all-in-one-wp-security-and-firewall
    Checking plugin cloudflare
    Checking plugin disable-comments
    Checking plugin limit-login-attempts
    Checking plugin super-static-cache
    Checking plugin wordfence
    Checking plugin wp-optimize
    Checking plugin wordpress-seo
    Checking theme twentyfifteen
    +--------+-------------------------------------+-----------+---------+------------------+---------------------------+
    | Type   | Slug                                | Status    | Version | Result           | Issues                    |
    +--------+-------------------------------------+-----------+---------+------------------+---------------------------+
    | plugin | all-in-one-wp-security-and-firewall | Unchecked | 4.2.7   |                  |                           |
    | plugin | cloudflare                          | Checked   | 3.2.1   | Ok               |                           |
    | plugin | disable-comments                    | Checked   | 1.6     | Ok               |                           |
    | plugin | limit-login-attempts                | Checked   | 1.7.1   | Ok               |                           |
    | plugin | super-static-cache                  | Checked   | 3.3.3   | Changes detected | {"readme.txt":"MODIFIED"} |
    | plugin | wordfence                           | Checked   | 6.3.8   | Ok               |                           |
    | plugin | wp-optimize                         | Checked   | 2.1.1   | Ok               |                           |
    | plugin | wordpress-seo                       | Checked   | 4.7.1   | Ok               |                           |
    | theme  | twentyfifteen                       | Checked   | 1.7     | Ok               |                           |
    +--------+-------------------------------------+-----------+---------+------------------+---------------------------+
    
    [root@server public]# 
    
     
    • Like Like x 2
  4. eva2000

    eva2000 Administrator Staff Member

    28,984
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,766
    Local Time:
    8:13 AM
    Nginx 1.13.x
    MariaDB 5.5
    that looks very nice indeed :)
     
  5. ethanpil

    ethanpil Active Member

    168
    47
    28
    Nov 8, 2015
    Ratings:
    +87
    Local Time:
    8:13 AM
    Here is another goodie I just found: GitHub - markri/wp-sec: Wp-sec is an exentsion for wp-cli which checks for Wordpress CVE security issues at wpvulndb.com

    Wp-sec is an exentsion for wp-cli which checks for Wordpress CVE security issues at wpvulndb.com

    Code:
    #wp wp-sec check
    
    -----------------------------------------------
    Checking core vulnerabilities for version 4.7
    -----------------------------------------------
    
    
    Found 19 core vulnerabilities:
    -----------------------------
    Title: WordPress 4.3-4.7 - Potential Remote Code Execution (RCE) in PHPMailer
    Fixed in: 4.7.1
    -----------------------------
    Title: WordPress 4.7 - User Information Disclosure via REST API
    CVE's: 2017-5487
    Fixed in: 4.7.1
    -----------------------------
    Title: WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php
    CVE's: 2017-5488
    Fixed in: 4.7.1
    -----------------------------
    Title: WordPress 4.7 - Cross-Site Request Forgery (CSRF) via Flash Upload
    CVE's: 2017-5489
    Fixed in: 4.7.1
    -----------------------------
    Title: WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback
    CVE's: 2017-5490
    Fixed in: 4.7.1
    -----------------------------
    Title: WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
    CVE's: 2017-5491
    Fixed in: 4.7.1
    -----------------------------
    Title: WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
    CVE's: 2017-5492
    Fixed in: 4.7.1
    -----------------------------
    Title: WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)
    CVE's: 2017-5493
    Fixed in: 4.7.1
    -----------------------------
    Title: WordPress 4.2.0-4.7.1 - Press This UI Available to Unauthorised Users
    CVE's: 2017-5610
    Fixed in: 4.7.2
    -----------------------------
    Title: WordPress 3.5-4.7.1 - WP_Query SQL Injection
    CVE's: 2017-5611
    Fixed in: 4.7.2
    -----------------------------
    Title: WordPress 4.3.0-4.7.1 - Cross-Site Scripting (XSS) in posts list table
    CVE's: 2017-5612
    Fixed in: 4.7.2
    -----------------------------
    Title: WordPress 4.7.0-4.7.1 - Unauthenticated Page/Post Content Modification via REST API
    Fixed in: 4.7.2
    -----------------------------
    Title: WordPress 3.6.0-4.7.2 - Authenticated Cross-Site Scripting (XSS) via Media File Metadata
    CVE's: 2017-6814
    Fixed in: 4.7.3
    -----------------------------
    Title: WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation
    CVE's: 2017-6815
    Fixed in: 4.7.3
    -----------------------------
    Title: WordPress 4.7.0-4.7.2 - Authenticated Unintended File Deletion in Plugin Delete
    CVE's: 2017-6816
    Fixed in: 4.7.3
    -----------------------------
    Title: WordPress  4.0-4.7.2 - Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds
    CVE's: 2017-6817
    Fixed in: 4.7.3
    -----------------------------
    Title: WordPress 4.7-4.7.2 - Cross-Site Scripting (XSS) via Taxonomy Term Names
    CVE's: 2017-6818
    Fixed in: 4.7.3
    -----------------------------
    Title: WordPress 4.2-4.7.2 - Press This CSRF DoS
    CVE's: 2017-6819
    Fixed in: 4.7.3
    -----------------------------
    Title: WordPress 2.3-4.7.4 - Host Header Injection in Password Reset
    CVE's: 2017-8295
    Fixed in: 
    
    -------------------------------
    Checking plugin vulnerabilities
    -------------------------------
    
    Vulnerabilities:
    No known plugin vulnerabilities found
    
    ------------------------------
    Checking theme vulnerabilities
    ------------------------------
    
    Vulnerabilities:
    No known theme vulnerabilities found
    -----------------------------------------------
    
    Error: 19 core, 0 plugin and 0 theme vulnerabilities found
    
    
     
    • Like Like x 1
  6. eva2000

    eva2000 Administrator Staff Member

    28,984
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,766
    Local Time:
    8:13 AM
    Nginx 1.13.x
    MariaDB 5.5
    Very nice.. will test these for inclusion :)
     
  7. eva2000

    eva2000 Administrator Staff Member

    28,984
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,766
    Local Time:
    8:13 AM
    Nginx 1.13.x
    MariaDB 5.5
    • Like Like x 1
    • Winner Winner x 1
  8. eva2000

    eva2000 Administrator Staff Member

    28,984
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,766
    Local Time:
    8:13 AM
    Nginx 1.13.x
    MariaDB 5.5
    interesting wp-checksum and wp-sec complaining of allowed memory size exhausted

    edit: hmmm composer might need 1.5GB memory limit https://getcomposer.org/doc/articles/troubleshooting.md#memory-limit-errors ! :eek:

    Code (Text):
    Installing wpcli.sh
    ------------------------------------------------------------
    installing...
    
    Error: /usr/bin/wp not found !!! Downloading now......
    2017-06-11 01:39:20 URL:https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar [6804077/6804077] -> "/usr/bin/wp" [1]
    Download done.
    
    Error: /root/wpcli/wp-completion.bash not found !!! Downloading now......
    2017-06-11 01:39:22 URL:https://raw.githubusercontent.com/wp-cli/wp-cli/master/utils/wp-completion.bash [495/495] -> "/root/wpcli/wp-completion.bash" [1]
    Download done.
    
    
    -------------------------------------------------------------
    install wp-cli https://github.com/eriktorsner/wp-checksum
    Installing package eriktorsner/wp-checksum (dev-master)
    Updating /root/.wp-cli/packages/composer.json to require the package...
    Using Composer to install the package...
    ---
    Loading composer repositories with package information
    Updating dependencies
    PHP Fatal error:  Allowed memory size of 268435456 bytes exhausted (tried to allocate 24 bytes) in phar:///usr/bin/wp/vendor/composer/composer/src/Composer/DependencyResolver/Solver.php on line 220
    -------------------------------------------------------------
    install wp-cli https://github.com/markri/wp-sec
    Installing package markri/wp-sec (dev-master)
    Updating /root/.wp-cli/packages/composer.json to require the package...
    Using Composer to install the package...
    ---
    Loading composer repositories with package information
    Updating dependencies
    PHP Fatal error:  Allowed memory size of 268435456 bytes exhausted (tried to allocate 32 bytes) in phar:///usr/bin/wp/vendor/composer/composer/src/Composer/DependencyResolver/RuleWatchGraph.php on line 52
    -------------------------------------------------------------
    update wp-cli packages
    Using Composer to update packages...
    ---
    Loading composer repositories with package information
    Updating dependencies
    PHP Fatal error:  Allowed memory size of 268435456 bytes exhausted (tried to allocate 32 bytes) in phar:///usr/bin/wp/vendor/composer/composer/src/Composer/DependencyResolver/RuleWatchNode.php on line 40
    -------------------------------------------------------------
    wp-cli info
    PHP binary:     /usr/local/bin/php
    PHP version:    5.6.30
    php.ini used:   /usr/local/lib/php.ini
    WP-CLI root dir:        phar://wp-cli.phar
    WP-CLI vendor dir:      phar://wp-cli.phar/vendor
    WP_CLI phar path:       /usr/local/src/centminmod/addons
    WP-CLI packages dir:    /root/.wp-cli/packages/
    WP-CLI global config:
    WP-CLI project config:
    WP-CLI version: 1.2.1
    -------------------------------------------------------------
    
    -------------------------------------------------------------
    wp-cli install completed
    Read http://wp-cli.org/ for full usage info
    
    -------------------------------------------------------------
    Please log out of SSH session and log back in
    You can then call wp-cli via command: wp
    i.e. wp --info --allow-root
    -------------------------------------------------------------
     
    Last edited: Jun 11, 2017
    • Informative Informative x 1