|
|
|||
| Rule General Information |
|---|
| Release Date: | 2023-01-03 | |
| Rule Name: | Scanner WPScan Detection - Config Backups Brute Forcing | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | WPScan is a vulnerability scanning tool that comes with Kali Linux by default, written in Ruby, and can scan WordPress sites for a variety of security vulnerabilities, including theme vulnerabilities, plugin vulnerabilities, and vulnerabilities in WordPress itself.This rule is used to detect the behavior of the WPScan scanner to burst the Config Backups of a WordPress site. | |
| Impact: | Attackers use scanners to scan targets, may find vulnerabilities in the target system, resulting in system information leakage, and then attack the system to obtain system permissions. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| 1. If scanning behavior from an unknown IP address is determined, block the IP address immediately. 2. ensure that the file system permissions of Web servers and applications are set properly, and restrict access to sensitive files and directories. 3. ensure that systems and applications are updated to the latest version and fix known vulnerabilities to reduce the impact on the system. |