WordPress CD

I needed a research environment to help develop WPScan so I put together a VirtualBox virtual machine with every WordPress release installed (not including MU or BETA/Candidates). The download, untar and database creation was all automated. The manual bit was installing them all.

Installed are the following versions of WordPress:
wordpress-0.71-gold
wordpress-1.0-platinum
wordpress-1.0.1-miles
wordpress-1.0.2-blakey
wordpress-1.2-delta
wordpress-1.2-mingus
wordpress-1.2.1
wordpress-1.2.2
wordpress-1.5-strayhorn
wordpress-1.5.1.1
wordpress-1.5.1.2
wordpress-1.5.1.3
wordpress-1.5.1
wordpress-1.5.2
wordpress-2.0.1
wordpress-2.0.10

wordpress-2.0.11
wordpress-2.0.4
wordpress-2.0.5
wordpress-2.0.6
wordpress-2.0.7
wordpress-2.0.8
wordpress-2.0.9
wordpress-2.0
wordpress-2.1.1
wordpress-2.1.2
wordpress-2.1.3
wordpress-2.1
wordpress-2.2.1
wordpress-2.2.2
wordpress-2.2.3
wordpress-2.2
wordpress-2.3.1
wordpress-2.3.2
wordpress-2.3.3
wordpress-2.3
wordpress-2.5.1
wordpress-2.5
wordpress-2.6.1
wordpress-2.6.2
wordpress-2.6.3
wordpress-2.6.5
wordpress-2.6
wordpress-2.7.1
wordpress-2.7
wordpress-2.8.1
wordpress-2.8.2
wordpress-2.8.3
wordpress-2.8.4
wordpress-2.8.5
wordpress-2.8.6
wordpress-2.8
wordpress-2.9.1
wordpress-2.9.2
wordpress-2.9
wordpress-3.0.1
wordpress-3.0.2
wordpress-3.0.3
wordpress-3.0.4
wordpress-3.0.5
wordpress-3.0.6
wordpress-3.0
wordpress-3.1.1
wordpress-3.1.2
wordpress-3.1.3
wordpress-3.1.4
wordpress-3.1
wordpress-3.2.1
wordpress-3.2

Install:
1. To install, simply download the OVA file (link below).
2. Open VirtualBox and import the appliance.
3. Add a static DNS entry to your firewall or edit your local hosts file. Add the VM hostname “lamp” and its IP address.
4. Browse to the DHCP assigned IP address in your browser.

This virtual machine makes an excellent vulnerable box for a lab, WordPress development, etc..

Download:

MD5: 8b8dbead74f6ba9f7935625ff2d24392

http://www.ethicalhack3r.co.uk/wpcd/WPCD.ova

UPDATE:

The download link has been changed and installation instructions updated.

The WordPress installs wouldn’t work as they were configured to my local IP of “192.168.1.103″. Thanks to @biosshadow, he has gone through every install and changed the configured IP to the hostname of the virtual machine “lamp”.

To get it up and running, you will need to add a static DNS entry to your firewall or edit your local hosts file to point the “lamp” hosthame to the vitual machines IP.

Thanks to @biosshadow for changing all of the installs to the hostname.

17 thoughts on “WordPress CD

  1. Andre Gironda

    What’s the root password or an account name and password that has sudo privileges?

  2. John

    /root/wpscan-1.0/lib/discover.rb:138:in `theme_name’: uninitialized constant Discover::Typhoeus (NameError)
    from ./wpscan.rb:245:in `’

    any ideas about this error?

  3. frank -- Decoding SwiftHack

    ethicalhack3r,

    I imported the WordPress.ova into a vanilla VirtualBox installation, and when I ran it I got this error:

    Failed to open a session for the virtual machine WordPress.

    Nonexistent host networking interface, name ‘en1: AirPort’ (VERR_INTERNAL_ERROR).

    Result Code: E_FAIL (0×80004005)
    Component: Console
    Interface: IConsole {1968b7d3-e3bf-4ceb-99e0-cb7c913317bb}

    Any ideas on what might have been the problem?

    – frank

  4. ethicalhack3r

    @Frank -
    Change the Network interface in the VirtualBox settings to the one you will be using.

  5. Ryan

    @shemesh

    Found a local copy and uploading to my server now, should be up within a few hours, I’ll post the link and update the post. You will have to install the latest versions of WordPress as I haven’t kept it up to date.

Comments are closed.