How to install WPScan on Windows 10

What is WPScan?

WPScan is described as a ‘black box’ WordPress vulnerability checker and is free to use. It took me a couple of hours fiddling around, so I thought I’d help you get this installed by showing you some of the problems and providing the files and sources I used to get it working.

What you need to know…

WPScan is a command line utility, so you will need to know a little bit about the command prompt environment and the PATH variable. It isn’t hugely tricky to use, just don’t expect a fancy user interface. You’ll be telling the executable what to run and how to run via the command prompt.

Installation requires:

    • Ruby (version 2.2.X is the one I’m using, but 2.3.X may be OK too)
    • DevKit (to add Ruby Gems. Gems are extensions to Ruby, and the DevKit helps to provide a sane environment on Windows when adding them)
    • libcurl.dll (a dynamic link library to help make internet requests using cURL)
    • WPScan (the software itself)

The steps are:

Install Ruby

Download a RubyInstaller .zip file from http://rubyinstaller.org/downloads/
Unzip the file and execute it – you will be prompted as follows:
a) Select setup language
b) Ruby License agreement

Ruby installation agreement window
Ruby installation license agreement

c) Installation directory
– check all the additional boxes to help with environment setup (you may not need Tcl/Tk, but if space is no issue, just do it anyway)
– installs in the root of C:\ drive

Ruby installation window
Ruby installation options

Install the DevKit

Download a DevKit for use with Ruby 2.0 and above (32bit version) from http://rubyinstaller.org/downloads/
Download here: DevKit-mingw64-32-4.7.2-20130224-1151-sfx.exe

Unzip the file and execute it
a) Edit the extraction path to change from the default user to the root C:\DevKit location as follows:

DevKit default installation path
DevKit default installation path
Devkit install path changed
Devkit install path changed

b) Extraction can take a while, be patient. It looks like it gets stuck at 17% and 35% on my machine…

DevKit install progress
DevKit install progress

c) Open a command prompt (right click on the windows icon in the bottom left and choose Command Prompt (Admin) from the context menu)
d) Go to the installation directory using ‘cd’ cd C:\DevKit
e) Type ruby dk.rb init to initialise the DevKit, ready for binding
f) Type ruby dk.rb install to bind the DevKit to the ruby installation(s) in your path

Install cURL (or just use the libcurl.dll provided)

Download ‘curl-7.46.0-win32.exe’ from http://www.confusedbycode.com/curl/#downloads Download here:  curl-7-46-0-win32
Download here: libcurl.dll
Run the installation wizard and follow these steps:
a) Ensure that the option to install ‘C headers, lib files and dlls’ is selected

Choosing Curl installation options
Remember to select the libraries

b) cURL should be installed here: C:\Program Files (x86)\cURL
c) Check that the libcurl.dll has been installed here: C:\Program Files (x86)\cURL\dlls as you will need to copy this file later to the Ruby22 binary directory.

Install WPScan

Download WPScan zipfile ‘wpscanteam-wpscan-2.9.1-58-g89c0b8d.zip’ from: https://wpscan.org/

Download here: wpscanteam-wpscan-2.9.1-58-g89c0b8d.zip
Unzip and run the installer
a) Install to C:\wpscan (for simplicity of navigating using the command prompt)
b) Unzip the sample data.zip file into the C:\wpscan directory to create C:\wpscan\data
c) Copy the libcurl.dll file from the cURL installation to the following directory C:\Ruby22\bin

Directory of Ruby bin showing libcurl.dll
Place a copy of libcurl.dll in the Ruby bin directory

Install Ruby Gems

It should now be possible to issue the following commands, to install components required by WPScan:
From the command prompt, cd to C:\wpscan and type the following instructions:
gem install bundler
gem install typhoeus
gem install rspec-its
gem install ruby-progressbar
gem install nokogiri
gem install terminal-table
gem install webmock
gem install simplecov
gem install rspec
gem install xml-simple
gem install yajl-ruby
gem install bundler && bundle install --without test

If you receive an error message about SSL when installing (and can’t fix it), then use the following command to add a non SSL source:
gem sources --add http://rubygems.org

Then try to add the gem packages above again.

Try to run WPScan…

Staying in the C:\wpscan folder:
a) Type ruby wpscan.rb at the command prompt
If you see the following error message, check that you have copied libcurl.dll to the C:\Ruby22\bin directory.

Download here: libcurl.dll

Error message if libcurl is missing
If you see this, copy libcurl.dll to C:\Ruby22\bin

b) Once you have started WPScan successfully, you may be prompted to update the database. Select Y when asked.
If you see the following error message, there is a work around  – turning off SSL verification:

Error message when updating WPScan
Certificate error when updating the WPScan database

To fix this issue, I found and edited the db_updater.rb file located here: C:\wpscan\lib\common

Find this file and edit it
Find this db_updater.rb file and edit it

Change the code as follows by editing the ssl_verifypeer paramter and setting it to false:

Edits to the db_updater.rb file
Change and save the file as shown

It’s working when you see this:

WPScan in the command window
WPScan is working and shows options

Congratulations!

You can now use WPScan to analyse WordPress installations for vulnerabilities.

Leave a Reply

Your email address will not be published. Required fields are marked *