Ryan Dewhurst is an ethical hacker and penetration tester who has been committed to helping people in the WordPress community improve the security situation of the website and protect the website from malicious attackers for many years. Ryan is the creator of wpscan, a free black box word press security scanner that is tested by security experts and bloggers. Wpscan cli tool currently uses 21875 word press vulnerability databases. 1. Please tell me something about what you have done for people who don’t know you and your past and qualifications.
I’m interested in computers and the Internet, as long as I can remember. I often went to the neighbor’s house where the only person I knew had a computer and played solitaire on his windows 95 computer. He can’t surf the Internet, but I’m very happy when I interact with the computer. Later, when I was a teenager, I persuaded my mother to buy me a computer and get online this time! The ability to communicate with people all over the world captured my heart. Yahoo was big at that time. They were Yahoo! Services. Chat. In that service, they have a chat room called \
Later, I saw that the local university began to teach a bachelor’s degree in ethical hacking of computer security. I dropped out of school and started working when I was 15, so I have no qualifications so far. The course requires at least 3 qualifications, including GCSE level mathematics and English, but I don’t. So I immediately quit my low paid job and didn’t make much money in order to obtain the necessary qualifications, so I took the free fast track university course. Although qualified and rejected at the beginning, I found the teacher’s email address and wrote him a long story about how to make me feel that this course is the only thing I want to do in my life. And finally passed the course! Four years later, I completed the course with first-class honors.
After that, I worked as a web application security engineer in penetration testing company and tested many top British enterprises on security issues. I quit this job, started my own penetration testing company, and finally started my current wpscan. 2. Has been working in the web application security industry for many years. What is the opportunity for you to pay special attention to WordPress? I learned my experience and security, and accidentally chose WordPress as a blogging platform to start blogging. One day, I found a security vulnerability published by others that affected WordPress. I work in the field of security, personally use WordPress, and write a vulnerability exploit for testing on my website. Then we started looking for rabbit holes that affected other security vulnerabilities in WordPress, and finally put all this knowledge into a tool called wpscan.
3. Many web application security experts ignore WordPress. I’ve talked to a lot of people who say I’ll never use WordPress, or that my way of working is flawed (for example, the plug-in has full access to all hooks, etc.). What do you think of that? Word press is widely used on the web, making it an attractive target for attackers. This led many security researchers and black hat hackers to investigate WordPress when it was still in its infancy. WordPress is not yet mature today, so it has high security
Find problems. But compared with today, the WordPress kernel is a very secure content management system. The recent problem is third-party plug-ins. Initially, there are too many plug-ins to attract users, but all the plug-ins installed will bring additional risks to the website.
But with the creation of innovative companies, this is also improving. In my experience, WordPress plug-ins will become more secure over time. This is only because of the current focus on the research in this field and the level of the company. 4. Wpscan is related to open source scanners, plug-ins, vulnerability databases, etc. Can you explain how these items are linked, what users should use, and why? The wpscan WordPress vulnerability database is a combination of all our services. All our other products and services rely on databases, which are clients that use data and provide data in a way that is useful to users.
Wpscan cli tool is the first free product for non-commercial users. It scans the WordPress website from an external perspective so that hackers can view the WordPress website. However, the tool requires the user to be familiar with the use of the command line. According to the user’s technical level, the installation may not be simple. The tool is actually designed for penetration testers and developers. Recently added in the series is the wpscan word press security plug-in, which is more designed for daily word press users. Just start the API to scan, configure and receive the formal notification in the press repository. The idea of the plug-in is to identify security issues before hackers maliciously exploit them.
5. What is needed to maintain the database of word press plug-ins, themes and key vulnerabilities? How to find and maintain new problems? This requires a lot of work. All the vulnerabilities we entered in the database were executed by one of the professional word press security engineers, so you can be highly confident that this is not error detection, but the actual vulnerability. We look for loopholes from various sources. There is an independent team of hard core security researchers in WordPress, plug-ins or themes who can find vulnerabilities and submit them directly to us. In addition, we will continue to monitor social media, forums, blogs, websites and search engines, which can tell the security vulnerabilities of WordPress.
We sometimes conduct independent safety research on our own. For example, our team members found a CSRF (cross site request forge) vulnerability in the recently patched word press core. In addition, due to the existence of multiple honeypots for web monitoring attacks, we found a 0-day vulnerability. 
For us, the most time-consuming is the classification of vulnerabilities. If it’s to help an attacker, I don’t want to disclose information about weaknesses. I want to make sure that the plug-in vendor has pushed patches before identifying vulnerabilities and adding details to the database. However, this is not always the case because some suppliers cannot be contacted or are not interested. tooth
In some cases, you can work closely with the WordPress plug-in team to identify vulnerabilities and take measures to protect WordPress users. In order to make this process transparent, we also have an open policy on how to deal with the vulnerability data we receive.
7. Based on what you have seen in the WP vulnerability database and wpscan project so far, what do you think of the future of WordPress security and security coding (plug-ins, themes), etc? I’m an optimist and I think things are getting better. Recently, the security of WordPress has attracted more and more attention, and you can use more solutions. WordPress core, all plug-ins and all themes will not reach 100% security point, but I think most plug-ins with large-scale installation foundation can reach enough security point. We must continue to clean it up. 8. There is also a development background. What are the three most important skills for WordPress plug-in and theme developers? Check user input and encode user output. For example, thoroughly use word press’s esc_html(), esc_attr(), and esc_url() functions in the right place. Always use the prepare() function when creating SQL queries. Always check the user’s ability before running the dangerous function. 9. What do you think are the three most important or security best practices that WordPress site administrators must implement to protect the site and maintain security? WordPress versions, plug-ins and themes remain up-to-date. Install the security plug-in. There are many good things. Choose one to use. Please use a secure password. Make sure the password is unique and complex. For example, it can be implemented using a password manager. 10. You have a long history in the web application security industry. I met you through DVWA a few years ago. Please explain to readers what DVWA is and why it was developed? Damn volatile web app (DVWA) is an open source project created by the University for self-study of web application security. I think the best way to learn is to use examples that can actually be used maliciously. Later, with the help of others, I launched it online and gained high popularity. Today is managed by an old friend of Robin wood (@ diginja). Therefore, if you have problems with your installation, we will be happy to help you. 11. Do you have any tips and \/ or resources to share with people who want to know more about word press and application security? Twitter is one of the best resources I think. Focus on those who live and breathe on this theme and learn from them. The people I recommend to follow are @ tnash, @ random_robbie, @ viss, and there are too many others to mention. There is also a very active Facebook word press security group. If you want to learn more about web application security, please recommend the Web Application Hacker’s handbook book. 12. What is the future of wpscan project? What’s the plan? We recently redesigned the entire vulnerability database website and invested a lot of energy in the back-end to manage vulnerabilities. Our wpscan cli tool is very stable. It has been used since 2011 and now needs little improvement. The plan is to continue to spend time studying the security issues of WordPress, plug-ins and themes to ensure that the vulnerability database is always in the correct and up-to-date state. We also hope to make more efforts in the future WordPress security plug-in. This is the WordPress ecosystem
I believe this will help us to be better understood in the. 13. In order to inspire others, can you say more about your journey? Through experience, what are the pitfalls you face and what help you achieve and overcome your current success? In my introduction, I talked about it a little, but here I will talk about the pitfalls of working in some large technology companies. After graduating from college, I want to work in a large technology company. I think it can bring trust to my colleagues and family. I interviewed Mozilla, Facebook, Google and automatic (WordPress producer) and others. Although the interview was successful, it always failed and didn’t get a job offer. Although it’s hard to talk about your failure, I believe that dreaming can help others realize that there is light at the end of the tunnel. Today, I jointly own wpscan, which is a profitable and successful enterprise. Many companies that I failed in the interview have now become our customers and automatic has become our sponsor. I feel very grateful. In life, sometimes you may not be on the right path that you think will lead you to your dreams. Sometimes you need to explore your own life path and lay the foundation for others to follow your path. 14. Thank you for your interview. Would you please tell me where readers can find you online? Sure@ There are a lot of tweets on ethics hack3r. You can also follow wpscan’s official twitter account.
