colored output
This commit is contained in:
Christian Mehlmauer
@@ -120,3 +120,10 @@ def banner()
|
|||||||
puts
|
puts
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def colorize(text, color_code)
|
||||||
|
"\e[#{color_code}m#{text}\e[0m"
|
||||||
|
end
|
||||||
|
|
||||||
|
def red(text); colorize(text, 31) end
|
||||||
|
def green(text); colorize(text, 32) end
|
||||||
|
|||||||
@@ -61,21 +61,21 @@ module BruteForce
|
|||||||
if response.body =~ /login_error/i
|
if response.body =~ /login_error/i
|
||||||
puts "\nIncorrect username and/or password." if @verbose
|
puts "\nIncorrect username and/or password." if @verbose
|
||||||
elsif response.code == 302
|
elsif response.code == 302
|
||||||
puts "\n [SUCCESS] Username : #{username} Password : #{password}\n"
|
puts "\n " + green("[SUCCESS]") + " Username : #{username} Password : #{password}\n"
|
||||||
found << { :name => username, :password => password }
|
found << { :name => username, :password => password }
|
||||||
password_found = true
|
password_found = true
|
||||||
elsif response.timed_out?
|
elsif response.timed_out?
|
||||||
puts "ERROR: Request timed out."
|
puts red("ERROR:") + " Request timed out."
|
||||||
elsif response.code == 0
|
elsif response.code == 0
|
||||||
puts "ERROR: No response from remote server. WAF/IPS?"
|
puts red("ERROR:") + " No response from remote server. WAF/IPS?"
|
||||||
# code is a fixnum, needs a string for regex
|
# code is a fixnum, needs a string for regex
|
||||||
elsif response.code.to_s =~ /^50/
|
elsif response.code.to_s =~ /^50/
|
||||||
puts "ERROR: Server error, try reducing the number of threads."
|
puts red("ERROR:") + " Server error, try reducing the number of threads."
|
||||||
else
|
else
|
||||||
puts "\nERROR: We recieved an unknown response for #{password}..."
|
puts "\n" + red("ERROR:") + " We recieved an unknown response for #{password}..."
|
||||||
if @verbose
|
if @verbose
|
||||||
puts "Code: #{response.code.to_s}"
|
puts red("Code: #{response.code.to_s}")
|
||||||
puts "Body: #{response.body}"
|
puts red("Body: #{response.body}")
|
||||||
puts
|
puts
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
76
wpscan.rb
76
wpscan.rb
@@ -92,67 +92,67 @@ begin
|
|||||||
wp_theme = wp_target.theme
|
wp_theme = wp_target.theme
|
||||||
if wp_theme
|
if wp_theme
|
||||||
# Theme version is handled in wp_item.to_s
|
# Theme version is handled in wp_item.to_s
|
||||||
puts "[!] The WordPress theme in use is #{wp_theme}"
|
puts green("[!]") + " The WordPress theme in use is #{wp_theme}"
|
||||||
|
|
||||||
theme_vulnerabilities = wp_theme.vulnerabilities
|
theme_vulnerabilities = wp_theme.vulnerabilities
|
||||||
unless theme_vulnerabilities.empty?
|
unless theme_vulnerabilities.empty?
|
||||||
puts "[+] We have identified #{theme_vulnerabilities.size} vulnerabilities for this theme :"
|
puts red("[+]") + " We have identified #{theme_vulnerabilities.size} vulnerabilities for this theme :"
|
||||||
theme_vulnerabilities.each do |vulnerability|
|
theme_vulnerabilities.each do |vulnerability|
|
||||||
puts
|
puts
|
||||||
puts " | * Title: #{vulnerability.title}"
|
puts " | " + red("* Title: #{vulnerability.title}")
|
||||||
puts " | * Reference: #{vulnerability.reference}"
|
puts " | " + red("* Reference: #{vulnerability.reference}")
|
||||||
end
|
end
|
||||||
puts
|
puts
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
if wp_target.has_readme?
|
if wp_target.has_readme?
|
||||||
puts "[!] The WordPress '#{wp_target.readme_url}' file exists"
|
puts red("[!]") + " The WordPress '#{wp_target.readme_url}' file exists"
|
||||||
end
|
end
|
||||||
|
|
||||||
if wp_target.has_full_path_disclosure?
|
if wp_target.has_full_path_disclosure?
|
||||||
puts "[!] Full Path Disclosure (FPD) in '#{wp_target.full_path_disclosure_url}'"
|
puts red("[!]") + " Full Path Disclosure (FPD) in '#{wp_target.full_path_disclosure_url}'"
|
||||||
end
|
end
|
||||||
|
|
||||||
if wp_target.has_debug_log?
|
if wp_target.has_debug_log?
|
||||||
puts "[!] Debug log file found : #{wp_target.debug_log_url}"
|
puts red("[!]") + " Debug log file found : #{wp_target.debug_log_url}"
|
||||||
end
|
end
|
||||||
|
|
||||||
wp_target.config_backup.each do |file_url|
|
wp_target.config_backup.each do |file_url|
|
||||||
puts "[!] A wp-config.php backup file has been found '#{file_url}'"
|
puts red("[!]") + " A wp-config.php backup file has been found '#{file_url}'"
|
||||||
end
|
end
|
||||||
|
|
||||||
if wp_target.has_malwares?
|
if wp_target.has_malwares?
|
||||||
malwares = wp_target.malwares
|
malwares = wp_target.malwares
|
||||||
puts "[!] #{malwares.size} malware(s) found :"
|
puts red("[!]") + " #{malwares.size} malware(s) found :"
|
||||||
|
|
||||||
malwares.each do |malware_url|
|
malwares.each do |malware_url|
|
||||||
puts
|
puts
|
||||||
puts " | " + malware_url
|
puts " | " + red("#{malware_url}")
|
||||||
end
|
end
|
||||||
puts
|
puts
|
||||||
end
|
end
|
||||||
|
|
||||||
wp_version = wp_target.version
|
wp_version = wp_target.version
|
||||||
if wp_version
|
if wp_version
|
||||||
puts "[!] WordPress version #{wp_version.number} identified from #{wp_version.discovery_method}"
|
puts green("[+]") + " WordPress version #{wp_version.number} identified from #{wp_version.discovery_method}"
|
||||||
|
|
||||||
version_vulnerabilities = wp_version.vulnerabilities
|
version_vulnerabilities = wp_version.vulnerabilities
|
||||||
|
|
||||||
unless version_vulnerabilities.empty?
|
unless version_vulnerabilities.empty?
|
||||||
puts
|
puts
|
||||||
puts "[+] We have identified #{version_vulnerabilities.size} vulnerabilities from the version number :"
|
puts red("[!]") + " We have identified #{version_vulnerabilities.size} vulnerabilities from the version number :"
|
||||||
version_vulnerabilities.each do |vulnerability|
|
version_vulnerabilities.each do |vulnerability|
|
||||||
puts
|
puts
|
||||||
puts " | * Title: #{vulnerability.title}"
|
puts " | " + red("* Title: #{vulnerability.title}")
|
||||||
puts " | * Reference: #{vulnerability.reference}"
|
puts " | " + red("* Reference: #{vulnerability.reference}")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
if wpscan_options.enumerate_plugins == nil and wpscan_options.enumerate_only_vulnerable_plugins == nil
|
if wpscan_options.enumerate_plugins == nil and wpscan_options.enumerate_only_vulnerable_plugins == nil
|
||||||
puts
|
puts
|
||||||
puts "[+] Enumerating plugins from passive detection ... "
|
puts green("[+]") + " Enumerating plugins from passive detection ... "
|
||||||
|
|
||||||
plugins = wp_target.plugins_from_passive_detection(:url => wp_target.uri, :wp_content_dir => wp_target.wp_content_dir)
|
plugins = wp_target.plugins_from_passive_detection(:url => wp_target.uri, :wp_content_dir => wp_target.wp_content_dir)
|
||||||
unless plugins.empty?
|
unless plugins.empty?
|
||||||
@@ -165,8 +165,8 @@ begin
|
|||||||
|
|
||||||
plugin.vulnerabilities.each do |vulnerability|
|
plugin.vulnerabilities.each do |vulnerability|
|
||||||
puts " |"
|
puts " |"
|
||||||
puts " | [!] #{vulnerability.title}"
|
puts " | " + red("[!] #{vulnerability.title}")
|
||||||
puts " | * Reference: #{vulnerability.reference}"
|
puts " | " + red("* Reference: #{vulnerability.reference}")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
@@ -177,7 +177,7 @@ begin
|
|||||||
# Enumerate the installed plugins
|
# Enumerate the installed plugins
|
||||||
if wpscan_options.enumerate_plugins or wpscan_options.enumerate_only_vulnerable_plugins
|
if wpscan_options.enumerate_plugins or wpscan_options.enumerate_only_vulnerable_plugins
|
||||||
puts
|
puts
|
||||||
puts "[+] Enumerating installed plugins #{'(only vulnerable ones)' if wpscan_options.enumerate_only_vulnerable_plugins} ..."
|
puts green("[+]") + " Enumerating installed plugins #{'(only vulnerable ones)' if wpscan_options.enumerate_only_vulnerable_plugins} ..."
|
||||||
puts
|
puts
|
||||||
|
|
||||||
options = {}
|
options = {}
|
||||||
@@ -191,7 +191,7 @@ begin
|
|||||||
unless plugins.empty?
|
unless plugins.empty?
|
||||||
puts
|
puts
|
||||||
puts
|
puts
|
||||||
puts "[+] We found #{plugins.size.to_s} plugins:"
|
puts green("[+]") + " We found #{plugins.size.to_s} plugins:"
|
||||||
|
|
||||||
plugins.each do |plugin|
|
plugins.each do |plugin|
|
||||||
puts
|
puts
|
||||||
@@ -206,8 +206,8 @@ begin
|
|||||||
#vulnerability['vulnerability'][0]['postdata'] == nil ? "" : postdata = CGI.unescapeHTML(vulnerability['vulnerability'][0]['postdata']) # postdata
|
#vulnerability['vulnerability'][0]['postdata'] == nil ? "" : postdata = CGI.unescapeHTML(vulnerability['vulnerability'][0]['postdata']) # postdata
|
||||||
|
|
||||||
puts " |"
|
puts " |"
|
||||||
puts " | [!] #{vulnerability.title}"
|
puts " | " + red("[!] #{vulnerability.title}")
|
||||||
puts " | * Reference: #{vulnerability.reference}"
|
puts " | " + red("* Reference: #{vulnerability.reference}")
|
||||||
|
|
||||||
# This has been commented out as MSF are moving from
|
# This has been commented out as MSF are moving from
|
||||||
# XML-RPC to MessagePack.
|
# XML-RPC to MessagePack.
|
||||||
@@ -219,7 +219,7 @@ begin
|
|||||||
end
|
end
|
||||||
|
|
||||||
if plugin.error_log?
|
if plugin.error_log?
|
||||||
puts " | [!] A WordPress error_log file has been found : #{plugin.error_log_url}"
|
puts " | " + red("[!]") + " A WordPress error_log file has been found : #{plugin.error_log_url}"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
@@ -231,7 +231,7 @@ begin
|
|||||||
# Enumerate installed themes
|
# Enumerate installed themes
|
||||||
if wpscan_options.enumerate_themes or wpscan_options.enumerate_only_vulnerable_themes
|
if wpscan_options.enumerate_themes or wpscan_options.enumerate_only_vulnerable_themes
|
||||||
puts
|
puts
|
||||||
puts "[+] Enumerating installed themes #{'(only vulnerable ones)' if wpscan_options.enumerate_only_vulnerable_themes} ..."
|
puts green("[+]") + " Enumerating installed themes #{'(only vulnerable ones)' if wpscan_options.enumerate_only_vulnerable_themes} ..."
|
||||||
puts
|
puts
|
||||||
|
|
||||||
options = {}
|
options = {}
|
||||||
@@ -245,7 +245,7 @@ begin
|
|||||||
unless themes.empty?
|
unless themes.empty?
|
||||||
puts
|
puts
|
||||||
puts
|
puts
|
||||||
puts "[+] We found #{themes.size.to_s} themes:"
|
puts green("[+]") + " We found #{themes.size.to_s} themes:"
|
||||||
|
|
||||||
themes.each do |theme|
|
themes.each do |theme|
|
||||||
puts
|
puts
|
||||||
@@ -257,8 +257,8 @@ begin
|
|||||||
|
|
||||||
theme.vulnerabilities.each do |vulnerability|
|
theme.vulnerabilities.each do |vulnerability|
|
||||||
puts " |"
|
puts " |"
|
||||||
puts " | [!] #{vulnerability.title}"
|
puts " | " + red("[!] #{vulnerability.title}")
|
||||||
puts " | * Reference: #{vulnerability.reference}"
|
puts " | " + red("* Reference: #{vulnerability.reference}")
|
||||||
|
|
||||||
# This has been commented out as MSF are moving from
|
# This has been commented out as MSF are moving from
|
||||||
# XML-RPC to MessagePack.
|
# XML-RPC to MessagePack.
|
||||||
@@ -277,7 +277,7 @@ begin
|
|||||||
|
|
||||||
if wpscan_options.enumerate_timthumbs
|
if wpscan_options.enumerate_timthumbs
|
||||||
puts
|
puts
|
||||||
puts "[+] Enumerating timthumb files ..."
|
puts green("[+]") + " Enumerating timthumb files ..."
|
||||||
puts
|
puts
|
||||||
|
|
||||||
options = {}
|
options = {}
|
||||||
@@ -291,14 +291,14 @@ begin
|
|||||||
timthumbs = wp_target.timthumbs
|
timthumbs = wp_target.timthumbs
|
||||||
|
|
||||||
puts
|
puts
|
||||||
puts "[+] We found #{timthumbs.size.to_s} timthumb file/s :"
|
puts green("[+]") + " We found #{timthumbs.size.to_s} timthumb file/s :"
|
||||||
puts
|
puts
|
||||||
|
|
||||||
timthumbs.each do |t|
|
timthumbs.each do |t|
|
||||||
puts " | [!] #{t[:url]}#{t[:wp_content_dir]}/#{t[:path]}"
|
puts " | " + red("[!]") + " #{t[:url]}#{t[:wp_content_dir]}/#{t[:path]}"
|
||||||
end
|
end
|
||||||
puts
|
puts
|
||||||
puts " * Reference: http://www.exploit-db.com/exploits/17602/"
|
puts red(" * Reference: http://www.exploit-db.com/exploits/17602/")
|
||||||
else
|
else
|
||||||
puts
|
puts
|
||||||
puts "No timthumb files found :("
|
puts "No timthumb files found :("
|
||||||
@@ -308,7 +308,7 @@ begin
|
|||||||
# If we haven't been supplied a username, enumerate them...
|
# If we haven't been supplied a username, enumerate them...
|
||||||
if !wpscan_options.username and wpscan_options.wordlist or wpscan_options.enumerate_usernames
|
if !wpscan_options.username and wpscan_options.wordlist or wpscan_options.enumerate_usernames
|
||||||
puts
|
puts
|
||||||
puts "[+] Enumerating usernames ..."
|
puts green("[+]") + " Enumerating usernames ..."
|
||||||
|
|
||||||
usernames = wp_target.usernames(:range => wpscan_options.enumerate_usernames_range)
|
usernames = wp_target.usernames(:range => wpscan_options.enumerate_usernames_range)
|
||||||
|
|
||||||
@@ -320,7 +320,7 @@ begin
|
|||||||
exit(1)
|
exit(1)
|
||||||
else
|
else
|
||||||
puts
|
puts
|
||||||
puts "We found the following #{usernames.length.to_s} username/s :"
|
puts green("[+]") + " We found the following #{usernames.length.to_s} username/s :"
|
||||||
puts
|
puts
|
||||||
|
|
||||||
max_id_length = usernames.sort{|a,b| a.id <=> b.id}.last.id.to_s.length
|
max_id_length = usernames.sort{|a,b| a.id <=> b.id}.last.id.to_s.length
|
||||||
@@ -361,7 +361,7 @@ begin
|
|||||||
puts "Brute forcing aborted"
|
puts "Brute forcing aborted"
|
||||||
else
|
else
|
||||||
puts
|
puts
|
||||||
puts "[+] Starting the password brute forcer"
|
puts green("[+]") + " Starting the password brute forcer"
|
||||||
puts
|
puts
|
||||||
wp_target.brute_force(usernames, wpscan_options.wordlist)
|
wp_target.brute_force(usernames, wpscan_options.wordlist)
|
||||||
end
|
end
|
||||||
@@ -369,12 +369,12 @@ begin
|
|||||||
|
|
||||||
stop_time = Time.now
|
stop_time = Time.now
|
||||||
puts
|
puts
|
||||||
puts "[+] Finished at #{stop_time.asctime}"
|
puts green("[+] Finished at #{stop_time.asctime}")
|
||||||
elapsed = stop_time - start_time
|
elapsed = stop_time - start_time
|
||||||
puts("[+] Elapsed time: #{Time.at(elapsed).utc.strftime("%H:%M:%S")}")
|
puts green("[+] Elapsed time: #{Time.at(elapsed).utc.strftime("%H:%M:%S")}")
|
||||||
exit() # must exit!
|
exit() # must exit!
|
||||||
rescue => e
|
rescue => e
|
||||||
puts "[ERROR] #{e.message}"
|
puts red("[ERROR] #{e.message}")
|
||||||
puts "Trace :"
|
puts red("Trace :")
|
||||||
puts e.backtrace.join("\n")
|
puts red(e.backtrace.join("\n"))
|
||||||
end
|
end
|
||||||
|
|||||||
Reference in New Issue
Block a user