Scoring system removed from version finderprinting
This commit is contained in:
erwanlr
@@ -26,41 +26,35 @@ ryandewhurst at gmail
|
|||||||
Position is important, DO NOT change anything unless you know what you are doing :p
|
Position is important, DO NOT change anything unless you know what you are doing :p
|
||||||
-->
|
-->
|
||||||
|
|
||||||
<wp-versions>
|
<wp-version>
|
||||||
|
|
||||||
<file src="wp-includes/js/wp-lists.js">
|
<file src="wp-includes/js/wp-lists.js">
|
||||||
<hash md5="87ce7e6067f829ba65df86fddb32bf5b">
|
<hash md5="87ce7e6067f829ba65df86fddb32bf5b">
|
||||||
<score>1</score>
|
<version>3.5</version>
|
||||||
<versions>3.5</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
<hash md5="46e1341cd4ea49f31046f7d7962adc7f">
|
<hash md5="46e1341cd4ea49f31046f7d7962adc7f">
|
||||||
<score>1</score>
|
<version>3.4.2</version>
|
||||||
<versions>3.4.2</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
</file>
|
</file>
|
||||||
|
|
||||||
<file src="wp-includes/js/customize-preview.js">
|
<file src="wp-includes/js/customize-preview.js">
|
||||||
<hash md5="617d9fd858e117c7d1d087be168b5643">
|
<hash md5="617d9fd858e117c7d1d087be168b5643">
|
||||||
<score>1</score>
|
<version>3.4.1</version>
|
||||||
<versions>3.4.1</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
<hash md5="da36bc2dfcb13350c799b62de68dfa4b">
|
<hash md5="da36bc2dfcb13350c799b62de68dfa4b">
|
||||||
<score>1</score>
|
<version>3.4</version>
|
||||||
<versions>3.4</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
<hash md5="a8a259fc5197a78ffe62d6be38dc52f8">
|
<hash md5="a8a259fc5197a78ffe62d6be38dc52f8">
|
||||||
<score>1</score>
|
<version>3.4-beta4</version>
|
||||||
<versions>3.4-beta4</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
</file>
|
</file>
|
||||||
|
|
||||||
<file src="wp-includes/js/plupload/plupload.js">
|
<file src="wp-includes/js/plupload/plupload.js">
|
||||||
|
|
||||||
<hash md5="85199c05db63fcb5880de4af8be7b571">
|
<hash md5="85199c05db63fcb5880de4af8be7b571">
|
||||||
<score>1</score>
|
<version>3.3.2</version>
|
||||||
<versions>3.3.2</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -70,8 +64,7 @@ ryandewhurst at gmail
|
|||||||
|
|
||||||
<!-- same md5 for 3.3.2 -->
|
<!-- same md5 for 3.3.2 -->
|
||||||
<hash md5="030d3bac906ba69e9fbc99c5bac54a8e">
|
<hash md5="030d3bac906ba69e9fbc99c5bac54a8e">
|
||||||
<score>1</score>
|
<version>3.3.1</version>
|
||||||
<versions>3.3.1</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -80,13 +73,11 @@ ryandewhurst at gmail
|
|||||||
<file src="wp-admin/js/wp-fullscreen.js">
|
<file src="wp-admin/js/wp-fullscreen.js">
|
||||||
|
|
||||||
<hash md5="5675f7793f171b6424bf72f9d7bf4d9a">
|
<hash md5="5675f7793f171b6424bf72f9d7bf4d9a">
|
||||||
<score>1</score>
|
<version>3.2.1</version>
|
||||||
<versions>3.2.1</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
<hash md5="7b423e0b7c9221092737ad5271d09863">
|
<hash md5="7b423e0b7c9221092737ad5271d09863">
|
||||||
<score>1</score>
|
<version>3.2</version>
|
||||||
<versions>3.2</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -95,8 +86,7 @@ ryandewhurst at gmail
|
|||||||
<file src="wp-admin/js/common.js">
|
<file src="wp-admin/js/common.js">
|
||||||
|
|
||||||
<hash md5="4516252d47a73630280869994d510180">
|
<hash md5="4516252d47a73630280869994d510180">
|
||||||
<score>1</score>
|
<version>3.3</version>
|
||||||
<versions>3.3</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -105,8 +95,7 @@ ryandewhurst at gmail
|
|||||||
<file src="wp-includes/css/admin-bar.css">
|
<file src="wp-includes/css/admin-bar.css">
|
||||||
|
|
||||||
<hash md5="181250fab3a7e2549a7e7fa21c2e6079">
|
<hash md5="181250fab3a7e2549a7e7fa21c2e6079">
|
||||||
<score>1</score>
|
<version>3.1</version>
|
||||||
<versions>3.1</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -115,8 +104,7 @@ ryandewhurst at gmail
|
|||||||
<file src="$wp-content$/themes/twentyten/style.css">
|
<file src="$wp-content$/themes/twentyten/style.css">
|
||||||
|
|
||||||
<hash md5="6211e2ac1463bf99e98f28ab63e47c54">
|
<hash md5="6211e2ac1463bf99e98f28ab63e47c54">
|
||||||
<score>1</score>
|
<version>3.0</version>
|
||||||
<versions>3.0</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -125,18 +113,15 @@ ryandewhurst at gmail
|
|||||||
<file src="$wp-plugins$/akismet/readme.txt">
|
<file src="$wp-plugins$/akismet/readme.txt">
|
||||||
|
|
||||||
<hash md5="4d5e52da417aa0101054bd41e6243389">
|
<hash md5="4d5e52da417aa0101054bd41e6243389">
|
||||||
<score>1</score>
|
<version>2.8.6</version>
|
||||||
<versions>2.8.6</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
<hash md5="58e086dea9d24ed074fe84ba87386c69">
|
<hash md5="58e086dea9d24ed074fe84ba87386c69">
|
||||||
<score>1</score>
|
<version>2.8.5</version>
|
||||||
<versions>2.8.5</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
<hash md5="48c52025b5f28731e9a0c864c189c2e7">
|
<hash md5="48c52025b5f28731e9a0c864c189c2e7">
|
||||||
<score>1</score>
|
<version>2.8.2</version>
|
||||||
<versions>2.8.2</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -145,8 +130,7 @@ ryandewhurst at gmail
|
|||||||
<file src="wp-includes/js/wp-ajax-response.js">
|
<file src="wp-includes/js/wp-ajax-response.js">
|
||||||
|
|
||||||
<hash md5="0289d1c13821599764774d55516ab81a">
|
<hash md5="0289d1c13821599764774d55516ab81a">
|
||||||
<score>1</score>
|
<version>2.7.1</version>
|
||||||
<versions>2.7.1</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -155,8 +139,7 @@ ryandewhurst at gmail
|
|||||||
<file src="wp-includes/js/thickbox/thickbox.css">
|
<file src="wp-includes/js/thickbox/thickbox.css">
|
||||||
|
|
||||||
<hash md5="9c2bd2be0893adbe02a0f864526734c2">
|
<hash md5="9c2bd2be0893adbe02a0f864526734c2">
|
||||||
<score>1</score>
|
<version>2.7</version>
|
||||||
<versions>2.7</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -165,8 +148,7 @@ ryandewhurst at gmail
|
|||||||
<file src="wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin.js">
|
<file src="wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin.js">
|
||||||
|
|
||||||
<hash md5="5b140ddf0f08034402ae78b31d8a1a28">
|
<hash md5="5b140ddf0f08034402ae78b31d8a1a28">
|
||||||
<score>1</score>
|
<version>2.6</version>
|
||||||
<versions>2.6</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -175,8 +157,7 @@ ryandewhurst at gmail
|
|||||||
<file src="wp-includes/js/tinymce/themes/advanced/js/image.js">
|
<file src="wp-includes/js/tinymce/themes/advanced/js/image.js">
|
||||||
|
|
||||||
<hash md5="088245408531c58bb52cc092294cc384">
|
<hash md5="088245408531c58bb52cc092294cc384">
|
||||||
<score>1</score>
|
<version>2.5.1</version>
|
||||||
<versions>2.5.1</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -185,8 +166,7 @@ ryandewhurst at gmail
|
|||||||
<file src="wp-includes/js/tinymce/themes/advanced/js/link.js">
|
<file src="wp-includes/js/tinymce/themes/advanced/js/link.js">
|
||||||
|
|
||||||
<hash md5="19c6f3118728c38eb7779aab4847d2d9">
|
<hash md5="19c6f3118728c38eb7779aab4847d2d9">
|
||||||
<score>1</score>
|
<version>2.5</version>
|
||||||
<versions>2.5</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -195,8 +175,7 @@ ryandewhurst at gmail
|
|||||||
<file src="wp-includes/js/wp-ajax.js">
|
<file src="wp-includes/js/wp-ajax.js">
|
||||||
|
|
||||||
<hash md5="c5dbce0c3232c477033e0ce486c62755">
|
<hash md5="c5dbce0c3232c477033e0ce486c62755">
|
||||||
<score>1</score>
|
<version>2.2</version>
|
||||||
<versions>2.2</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -205,13 +184,11 @@ ryandewhurst at gmail
|
|||||||
<file src="$wp-content$/themes/default/style.css">
|
<file src="$wp-content$/themes/default/style.css">
|
||||||
|
|
||||||
<hash md5="e44545f529a54de88209ce588676231c">
|
<hash md5="e44545f529a54de88209ce588676231c">
|
||||||
<score>1</score>
|
<version>2.0.1</version>
|
||||||
<versions>2.0.1</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
<hash md5="f786f66d3a40846aa22dcdfeb44fa562">
|
<hash md5="f786f66d3a40846aa22dcdfeb44fa562">
|
||||||
<score>1</score>
|
<version>2.0</version>
|
||||||
<versions>2.0</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
@@ -220,13 +197,11 @@ ryandewhurst at gmail
|
|||||||
<file src="wp-layout.css">
|
<file src="wp-layout.css">
|
||||||
|
|
||||||
<hash md5="7140e06c00ed03d2bb3dad7672557510">
|
<hash md5="7140e06c00ed03d2bb3dad7672557510">
|
||||||
<score>1</score>
|
<version>1.2.1</version>
|
||||||
<versions>1.2.1</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
<hash md5="1bcc9253506c067eb130c9fc4f211a2f">
|
<hash md5="1bcc9253506c067eb130c9fc4f211a2f">
|
||||||
<score>1</score>
|
<version>1.2-delta</version>
|
||||||
<versions>1.2-delta</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
</file>
|
</file>
|
||||||
|
|
||||||
@@ -234,10 +209,9 @@ ryandewhurst at gmail
|
|||||||
<file src="layout2b.css">
|
<file src="layout2b.css">
|
||||||
|
|
||||||
<hash md5="baec6b6ccbf71d8dced9f1bf67c751e1">
|
<hash md5="baec6b6ccbf71d8dced9f1bf67c751e1">
|
||||||
<score>1</score>
|
<version>0.71-gold</version>
|
||||||
<versions>0.71-gold</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
|
|
||||||
</wp-versions>
|
</wp-version>
|
||||||
|
|||||||
@@ -118,18 +118,6 @@ class WpVersion < Vulnerable
|
|||||||
# wordpress version.
|
# wordpress version.
|
||||||
#
|
#
|
||||||
# It does this by using client side file hashing
|
# It does this by using client side file hashing
|
||||||
# with a scoring system.
|
|
||||||
#
|
|
||||||
# The scoring system is a number representing
|
|
||||||
# the uniqueness of a client side file across
|
|
||||||
# all versions of wordpress.
|
|
||||||
#
|
|
||||||
# Example:
|
|
||||||
#
|
|
||||||
# Score - Hash - File - Versions
|
|
||||||
# 1 - 3e63c08553696a1dedb24b22ef6783c3 - /wp-content/themes/twentyeleven/style.css - 3.2.1
|
|
||||||
# 2 - 15fc925fd39bb496871e842b2a754c76 - /wp-includes/js/wp-lists.js - 2.6,2.5.1
|
|
||||||
# 3 - 3f03bce84d1d2a169b4bf4d8a0126e38 - /wp-includes/js/autosave.js - 2.9.2,2.9.1,2.9
|
|
||||||
#
|
#
|
||||||
# /!\ Warning : this method might return false positive if the file used for fingerprinting is part of a theme (they can be updated)
|
# /!\ Warning : this method might return false positive if the file used for fingerprinting is part of a theme (they can be updated)
|
||||||
#
|
#
|
||||||
@@ -151,7 +139,7 @@ class WpVersion < Vulnerable
|
|||||||
|
|
||||||
node.search('hash').each do |hash|
|
node.search('hash').each do |hash|
|
||||||
if hash.attribute('md5').text == md5sum
|
if hash.attribute('md5').text == md5sum
|
||||||
return hash.search('versions').text
|
return hash.search('version').text
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -29,13 +29,11 @@ ryandewhurst at gmail
|
|||||||
<wp-versions>
|
<wp-versions>
|
||||||
<file src="wp-admin/js/wp-fullscreen.js">
|
<file src="wp-admin/js/wp-fullscreen.js">
|
||||||
<hash md5="5675f7793f171b6424bf72f9d7bf4d9a">
|
<hash md5="5675f7793f171b6424bf72f9d7bf4d9a">
|
||||||
<score>1</score>
|
<version>3.2.1</version>
|
||||||
<versions>3.2.1</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
|
|
||||||
<hash md5="7b423e0b7c9221092737ad5271d09863">
|
<hash md5="7b423e0b7c9221092737ad5271d09863">
|
||||||
<score>1</score>
|
<version>3.2</version>
|
||||||
<versions>3.2</versions>
|
|
||||||
</hash>
|
</hash>
|
||||||
</file>
|
</file>
|
||||||
</wp-versions>
|
</wp-versions>
|
||||||
|
|||||||
@@ -237,12 +237,15 @@ describe WpVersion do
|
|||||||
let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_VERSION_DIR + "/advanced" }
|
let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_VERSION_DIR + "/advanced" }
|
||||||
|
|
||||||
it "should return 3.2.1" do
|
it "should return 3.2.1" do
|
||||||
stub_request_to_fixture(:url => @target_uri.merge("wp-admin/js/wp-fullscreen.js").to_s,
|
stub_request_to_fixture(
|
||||||
:status => 200,
|
:url => @target_uri.merge("wp-admin/js/wp-fullscreen.js").to_s,
|
||||||
:fixture => "#{fixtures_dir}/3.2.1.js")
|
:fixture => "#{fixtures_dir}/3.2.1.js"
|
||||||
version = WpVersion.find_from_advanced_fingerprinting(:base_url => @target_uri,
|
)
|
||||||
|
version = WpVersion.find_from_advanced_fingerprinting(
|
||||||
|
:base_url => @target_uri,
|
||||||
:wp_content_dir => "wp-content",
|
:wp_content_dir => "wp-content",
|
||||||
:version_xml => "#{fixtures_dir}/wp_versions.xml")
|
:version_xml => "#{fixtures_dir}/wp_versions.xml"
|
||||||
|
)
|
||||||
version.should == "3.2.1"
|
version.should == "3.2.1"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
@@ -251,17 +254,19 @@ describe WpVersion do
|
|||||||
let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_VERSION_DIR + "/opml" }
|
let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_VERSION_DIR + "/opml" }
|
||||||
|
|
||||||
it "should return 3.4.2" do
|
it "should return 3.4.2" do
|
||||||
stub_request_to_fixture(:url => @target_uri.merge("wp-links-opml.php").to_s,
|
stub_request_to_fixture(
|
||||||
:status => 200,
|
:url => @target_uri.merge("wp-links-opml.php").to_s,
|
||||||
:fixture => "#{fixtures_dir}/wp-links-opml.xml")
|
:fixture => "#{fixtures_dir}/wp-links-opml.xml"
|
||||||
|
)
|
||||||
version = WpVersion.find_from_links_opml(:base_url => @target_uri)
|
version = WpVersion.find_from_links_opml(:base_url => @target_uri)
|
||||||
version.should == "3.4.2"
|
version.should == "3.4.2"
|
||||||
end
|
end
|
||||||
|
|
||||||
it "should return nil" do
|
it "should return nil" do
|
||||||
stub_request_to_fixture(:url => @target_uri.merge("wp-links-opml.php").to_s,
|
stub_request_to_fixture(
|
||||||
:status => 200,
|
:url => @target_uri.merge("wp-links-opml.php").to_s,
|
||||||
:fixture => "#{fixtures_dir}/wp-links-opml-nogenerator.xml")
|
:fixture => "#{fixtures_dir}/wp-links-opml-nogenerator.xml"
|
||||||
|
)
|
||||||
version = WpVersion.find_from_links_opml(:base_url => @target_uri)
|
version = WpVersion.find_from_links_opml(:base_url => @target_uri)
|
||||||
version.should be_nil
|
version.should be_nil
|
||||||
end
|
end
|
||||||
@@ -282,9 +287,10 @@ describe WpVersion do
|
|||||||
# All requests get a HTTP 404
|
# All requests get a HTTP 404
|
||||||
stub_request(:any, /.*/).to_return(:status => 404)
|
stub_request(:any, /.*/).to_return(:status => 404)
|
||||||
# Wordpress Version 3.2.1
|
# Wordpress Version 3.2.1
|
||||||
stub_request_to_fixture(:url => @target_uri.merge("wp-admin/js/wp-fullscreen.js").to_s,
|
stub_request_to_fixture(
|
||||||
:status => 200,
|
:url => @target_uri.merge("wp-admin/js/wp-fullscreen.js").to_s,
|
||||||
:fixture => "#{fixtures_dir}/3.2.1.js")
|
:fixture => "#{fixtures_dir}/3.2.1.js"
|
||||||
|
)
|
||||||
version = WpVersion.find(@target_uri, "wp-content")
|
version = WpVersion.find(@target_uri, "wp-content")
|
||||||
version.number.should == "3.2.1"
|
version.number.should == "3.2.1"
|
||||||
version.discovery_method.should == "advanced fingerprinting"
|
version.discovery_method.should == "advanced fingerprinting"
|
||||||
|
|||||||
Reference in New Issue
Block a user