Merge pull request #5611 from geekpi/master

translated

sources/tech/20170505 WPSeku – A Vulnerability Scanner to Find Security Issues in WordPress.md

@@ -1,93 +0,0 @@
-translating---geekpi
-
-WPSeku – A Vulnerability Scanner to Find Security Issues in WordPress
-============================================================
-
-by [Aaron Kili][9] | Published: May 5, 2017 | Last Updated: May 5, 2017
-
- Download Your Free eBooks NOW - [10 Free Linux eBooks for Administrators][10] | [4 Free Shell Scripting eBooks][11]
-
-WordPress is a free and open-source, highly customizable content management system (CMS) that is being used by millions around the world to run blogs and fully functional websites. Because it is the most used CMS out there, there are so many potential WordPress security issues/vulnerabilities to be concerned about.
-
-However, these security issues can be dealt with, if we follow common WordPress security best practices. In this article, we will show you how to use WPSeku, a WordPress vulnerability scanner in Linux, that can be used to find security holes in your WordPress installation and block potential threats.
-
-WPSeku is a simple WordPress vulnerability scanner written using Python, it can be used to scan local and remote WordPress installations to find security issues.
-
-### How to Install WPSeku – WordPress Vulnerability Scanner in Linux
-
-To install WPSeku in Linux, you need to clone the most recent version of WPSeku from its Github repository as shown.
-
-```
-$ cd ~
-$ git clone https://github.com/m4ll0k/WPSeku
-```
-
-Once you have obtained it, move into the WPSeku directory and run it as follows.
-
-```
-$ cd WPSeku
-```
-
-Now run the WPSeku using the `-u` option to specify your WordPress installation URL like this.
-
-```
-$ ./wpseku.py -u http://yourdomain.com 
-```
- [![WordPress Vulnerability Scanner](https://www.tecmint.com/wp-content/uploads/2017/05/WordPress-Vulnerability-Scanner.png)][1] 
-
-WordPress Vulnerability Scanner
-
-The command below will search for cross site scripting, local file inclusion, and SQL injection vulnerabilities in your WordPress plugins using the `-p` option, you need to specify the location of plugins in the URL:
-
-```
-$ ./wpseku.py -u http://yourdomain.com/wp-content/plugins/wp/wp.php?id= -p [x,l,s]
-```
-
-The following command will execute a brute force password login and password login via XML-RPC using the option `-b`. Also, you can set a username and wordlist using the `--user` and `--wordlist` options respectively as shown below.
-
-```
-$ ./wpseku.py -u http://yourdomian.com --user username --wordlist wordlist.txt -b [l,x]   
-```
-
-To view all WPSeku usage options, type.
-
-```
-$ ./wpseku.py --help
-```
- [![WPSeku WordPress Vulnerability Scanner Help](https://www.tecmint.com/wp-content/uploads/2017/05/WPSeku-WordPress-Vulnerability-Scanner-Help.png)][2] 
-
-WPSeku WordPress Vulnerability Scanner Help
-
-WPSeku Github repository: [https://github.com/m4ll0k/WPSeku][3]
-
-That’s it! In this article, we showed you how to get and use WPSeku for WordPress vulnerability scanning in Linux. WordPress is secure but only if we follow WordPress security best practices. Do you have any thoughts to share? If yes, then use the comment section below.
-
-
---------------------------------------------------------------------------------
-
-作者简介：
-
-Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.
-
-------------------
-
-via: https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/
-
-作者：[Aaron Kili  ][a]
-译者：[译者ID](https://github.com/译者ID)
-校对：[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
-
-[a]:https://www.tecmint.com/author/aaronkili/
-[1]:https://www.tecmint.com/wp-content/uploads/2017/05/WordPress-Vulnerability-Scanner.png
-[2]:https://www.tecmint.com/wp-content/uploads/2017/05/WPSeku-WordPress-Vulnerability-Scanner-Help.png
-[3]:https://github.com/m4ll0k/WPSeku
-[4]:https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/#
-[5]:https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/#
-[6]:https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/#
-[7]:https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/#
-[8]:https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/#comments
-[9]:https://www.tecmint.com/author/aaronkili/
-[10]:https://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/
-[11]:https://www.tecmint.com/free-linux-shell-scripting-books/

translated/tech/20170505 WPSeku – A Vulnerability Scanner to Find Security Issues in WordPress.md

@@ -0,0 +1,91 @@
+WPSeku - 一个找出 WordPress 安全问题的漏洞扫描器
+============================================================
+
+by [Aaron Kili][9] | Published: May 5, 2017 | Last Updated: May 5, 2017
+
+立即下载你的免费电子书 - [10 本给管理员的免费 Linux 电子书][10] | [4 本免费的 Shell 脚本电子书][11]
+
+WordPress 是一个免费开源、高度可自定义的内容管理系统（CMS），它被全世界数以百万计的人来运行博客和完整的网站。因为它是被用的最多的 CMS，因此有许多潜在的 WordPress 安全问题/漏洞需要考虑。
+
+然而，如果我们遵循通常的 WordPress 最佳实践，这些安全问题可以被处理。在本篇中，我们会向你展示如何使用 WPSeku，一个 Linux 中的 WordPress 漏洞扫描器，它可以被用来找出你的 WordPress 安装的安全漏洞，并阻止潜在的威胁。
+
+WPSeku 是一个用 Python 写的简单 WordPress 漏洞扫描器，它可以被用来扫描本地以及远程的 WordPress 安装来找出安全问题。
+
+### 如何安装 WPSeku - Linux 中的 WordPress 漏洞扫描器
+
+要在 Linux 中安装 WPSeku，你需要如下从 Github clone 最新版本的 WPSeku。
+
+```
+$ cd ~
+$ git clone https://github.com/m4ll0k/WPSeku
+```
+
+完成之后，进入 WPSeku 目录，并如下运行。
+
+```
+$ cd WPSeku
+```
+
+使用 `-u` 选项指定 WordPress 的安装 URL，如下运行 WPSeku：
+
+```
+$ ./wpseku.py -u http://yourdomain.com 
+```
+ [![WordPress Vulnerability Scanner](https://www.tecmint.com/wp-content/uploads/2017/05/WordPress-Vulnerability-Scanner.png)][1] 
+
+WordPress 漏洞扫描器
+
+以下命令使用 `-p` 选项搜索 WordPress 插件中的跨站脚本、本地文件夹入和 SQL 注入漏洞，你需要在 URL 中指定插件的位置：
+
+```
+$ ./wpseku.py -u http://yourdomain.com/wp-content/plugins/wp/wp.php?id= -p [x,l,s]
+```
+
+以下命令将使用 `-b` 选项通过 XML-RPC 执行暴力密码登录。另外，你可以使用 `--user` 和 `--wordlist` 选项分别设置用户名和单词列表，如下所示。
+
+```
+$ ./wpseku.py -u http://yourdomian.com --user username --wordlist wordlist.txt -b [l,x]   
+```
+
+要浏览所有 WPSeku 使用选项，输入：
+
+```
+$ ./wpseku.py --help
+```
+ [![WPSeku WordPress Vulnerability Scanner Help](https://www.tecmint.com/wp-content/uploads/2017/05/WPSeku-WordPress-Vulnerability-Scanner-Help.png)][2] 
+
+WPSeku WordPress 漏洞扫描帮助
+
+WPSeku Github 仓库：[https://github.com/m4ll0k/WPSeku][3]
+
+就是这样了！在本篇中，我们向你展示了如何在 Linux 中获取并使用 WPSeku 用于 WordPress 漏洞扫描。WordPress 是安全的，但仅在如果我们遵循 WordPress 安全最佳实践的情况下。你有要分享的想法么？如果有，请在评论区留言。
+
+
+--------------------------------------------------------------------------------
+
+作者简介：
+
+Aaron Kili 是一个 Linux 及 F.O.S.S 热衷者，即将成为 Linux 系统管理员、web 开发者，目前是 TecMint 的内容创作者，他喜欢用电脑工作，并坚信分享知识。
+
+------------------
+
+via: https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/
+
+作者：[Aaron Kili  ][a]
+译者：[geekpi](https://github.com/geekpi)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:https://www.tecmint.com/author/aaronkili/
+[1]:https://www.tecmint.com/wp-content/uploads/2017/05/WordPress-Vulnerability-Scanner.png
+[2]:https://www.tecmint.com/wp-content/uploads/2017/05/WPSeku-WordPress-Vulnerability-Scanner-Help.png
+[3]:https://github.com/m4ll0k/WPSeku
+[4]:https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/#
+[5]:https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/#
+[6]:https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/#
+[7]:https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/#
+[8]:https://www.tecmint.com/wpseku-wordpress-vulnerability-security-scanner/#comments
+[9]:https://www.tecmint.com/author/aaronkili/
+[10]:https://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/
+[11]:https://www.tecmint.com/free-linux-shell-scripting-books/