I had to clean up a hacked WordPress site recently and one of the steps I took was to scan the entire site with Automattic’s Exploit Scanner.
It needs a hash file for the version of WP you’re scanning and since it hasn’t been updated in 2 years or so, it doesn’t have them. WordPress has had several security updates since, so the plugin doesn’t even have the hash files for older versions of WP. This is easy enough to solve since the plugin itself comes with a hashes-generator.php.
You can call that page in your browser and it’ll show you all the hashes: thewebsite.com/wp-content/plugins/exploit-scanner/hashes-generator.php or thewebsite.com/wordpressfolder/wp-content/plugins/exploit-scanner/hashes-generator.php depending on where your WordPress files live.
Save the document it shows you, straight from the browser to your computer somewhere convenient, as hashes-x.x.x.php in which x.x.x represents the version number of that WordPress install. And by someplace convenient I mean someplace where you’ll easily be able to upload it to the right folder later.
Open the file in an editor of some kind and remove the opening en closing <pre>-tags from the file.
Upload to ../wp-content/plugins/exploit-scanner/. Now you can run the scan and see relevant results!