The document summarizes a presentation on testing the tool WPScan. It details setting up different environments like Oracle Virtualbox and WAMP to test WPScan's username enumeration, brute force, and scanning abilities against different WordPress versions. Testing found that brute forcing over 50 threads caused a denial of service on a laptop. A Hyper-V test took over 24 hours to attempt over 372,000 passwords without success. The conclusion recommends improvements to WPScan like better fault tolerance, restarting brute force lists, and detecting denial of service from threading. The most important outcome is advancing one's education, which is critical for all students.

1. A Presentation
Defense For
Masters of Information Systems
Brandon Barclay

2. Disclaimer:
• Don’t get crazy with this information.
• Some of these tools can cause damage to information systems, be
careful.
• Lastly, your actions are your actions. So be careful.

3. A WPScan Review

4. Featuring

7. The purpose
• Test WPScan Username Enumerations
• Test WPScan Brute Force
• Test WPScan Scanning
• Test WPScan against different versions of WordPress

8. The Setup

11. Oracle Virtualbox Free Version
• Doesn’t support Linux 64bit installation
• But was not uninstalled
• Just in case

15. IIS 8 & Server 2012 Installation of Wamp
• Multiple Errors
• IIS 8 Couldn’t access subdirector sites.
• Other various issues with APACHE occurred for WAMP.
• Both were scrapped from the study.

16. Backbox Terminal

17. Must Be IN WPScan Directory

19. Sudo –s

20. The Controls
• Controls were put into place to create a baseline for testing
• For brute forcing
• List 20 passwords, 19 wrong and 1 right.
• For Site Testing
• The Latest Version of WordPress 4.1.1
• admin username
• admin2121 password used for all sites

21. Continuous Flash

25. Enumerated Usernames

26. A Control List
Enumerated
User Name

32. Recorded Out Comes

33. No threading faster than thread
count of 50

34. 50 Thread Count Faster than No Threading

35. Slower After 50 Thread Count

36. Big List – Still did not contain admin2121

37. Thread Count 50 Used
• First brute force with threading
• Labtop
• Immediate DOS
• Laptop resources maxed out
• Laptop unreachable
• Brute force ran for 60,000 results with no entries found within 3 hours and 37 minutes
• No Results
• Hyper-V Windows 7 Wamp
• No DOS
• 24 hours 4 minutes and 9 seconds. It attempted 372,903 out of 14,344,392 passwords
• No Results

38. Security
If NO is selected

41. Should Mention Potential Block

42. Target unreachable 403

43. MYSQL Ithemes Lockout Table

44. Conclusion
• More documentation on localhost environment setups
• Better support for fault tolerance
• Ability to restart brute force lists
• Different brute force methodologies
• Better threading
• DOS detection for threading
• Ithemes security IP deletion listing
• More testing to determine if threading is faster

45. The Most Important Outcome of All
• Extremely Valuable
• Advancing Without is Overly Difficult
• It’s So Critical, Every Student Needs It, Even if They Don’t Know It
• It Might Even Cause A Person To Lose Sleep At Night If They Don’t
Have It Yet.

47. Thank You Everyone
• Questions?