garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Better string concatenation in code

Browse Source
This commit is contained in:
Peter
2014-01-09 21:53:01 +01:00
parent f737c92988
commit 85ad8d8b9f
1 changed files with 33 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
wpscan.rb
View File

@@ -109,32 +109,32 @@ def main
# Output runtime data # Output runtime data
start_time = Time.now start_time = Time.now
start_memory = get_memory_usage start_memory = get_memory_usage
puts green('[+]') + " URL: #{wp_target.url}" puts "#{green('[+]')} URL: #{wp_target.url}"
puts green('[+]') + " Started: #{start_time.asctime}" puts "#{green('[+]')} Started: #{start_time.asctime}"
puts puts
if wp_target.wordpress_hosted? if wp_target.wordpress_hosted?
puts red('[!]') + " We do not support scanning *.wordpress.com hosted blogs" puts "#{red('[!]')} We do not support scanning *.wordpress.com hosted blogs"
end end
if wp_target.has_robots? if wp_target.has_robots?
puts green('[+]') + " robots.txt available under: '#{wp_target.robots_url}'" puts "#{green('[+]')} robots.txt available under: '#{wp_target.robots_url}'"
wp_target.parse_robots_txt.each do |dir| wp_target.parse_robots_txt.each do |dir|
puts green('[+]') + " Interesting entry from robots.txt: #{dir}" puts "#{green('[+]')} Interesting entry from robots.txt: #{dir}"
end end
end end
if wp_target.has_readme? if wp_target.has_readme?
puts red('[!]') + " The WordPress '#{wp_target.readme_url}' file exists" puts "#{red('[!]')} The WordPress '#{wp_target.readme_url}' file exists"
end end
if wp_target.has_full_path_disclosure? if wp_target.has_full_path_disclosure?
puts red('[!]') + " Full Path Disclosure (FPD) in: '#{wp_target.full_path_disclosure_url}'" puts "#{red('[!]')} Full Path Disclosure (FPD) in: '#{wp_target.full_path_disclosure_url}'"
end end
if wp_target.has_debug_log? if wp_target.has_debug_log?
puts red('[!]') + " Debug log file found: #{wp_target.debug_log_url}" puts "#{red('[!]')} Debug log file found: #{wp_target.debug_log_url}"
end end
wp_target.config_backup.each do |file_url| wp_target.config_backup.each do |file_url|
@@ -146,7 +146,7 @@ def main
end end
wp_target.interesting_headers.each do |header| wp_target.interesting_headers.each do |header|
output = green('[+]') + " Interesting header: " output = "#{green('[+]')} Interesting header: "
if header[1].class == Array if header[1].class == Array
header[1].each do |value| header[1].each do |value|
@@ -158,20 +158,20 @@ def main
end end
if wp_target.multisite? if wp_target.multisite?
puts green('[+]') + ' This site seems to be a multisite (http://codex.wordpress.org/Glossary#Multisite)' puts "#{green('[+]')} This site seems to be a multisite (http://codex.wordpress.org/Glossary#Multisite)"
end end
if wp_target.registration_enabled? if wp_target.registration_enabled?
puts green('[+]') + ' User registration is enabled' puts "#{green('[+]')} User registration is enabled"
end end
if wp_target.has_xml_rpc? if wp_target.has_xml_rpc?
puts green('[+]') + " XML-RPC Interface available under: #{wp_target.xml_rpc_url}" puts "#{green('[+]')} XML-RPC Interface available under: #{wp_target.xml_rpc_url}"
end end
if wp_target.has_malwares? if wp_target.has_malwares?
malwares = wp_target.malwares malwares = wp_target.malwares
puts red('[!]') + " #{malwares.size} malware(s) found:" puts "#{red('[!]')} #{malwares.size} malware(s) found:"
malwares.each do |malware_url| malwares.each do |malware_url|
puts puts
@@ -192,14 +192,14 @@ def main
if wp_theme = wp_target.theme if wp_theme = wp_target.theme
puts puts
# Theme version is handled in #to_s # Theme version is handled in #to_s
puts green('[+]') + " WordPress theme in use: #{wp_theme}" puts "#{green('[+]')} WordPress theme in use: #{wp_theme}"
wp_theme.output(wpscan_options.verbose) wp_theme.output(wpscan_options.verbose)
# Check for parent Themes # Check for parent Themes
while wp_theme.is_child_theme? while wp_theme.is_child_theme?
parent = wp_theme.get_parent_theme parent = wp_theme.get_parent_theme
puts puts
puts green('[+]') + " Detected parent theme: #{parent}" puts "#{green('[+]')} Detected parent theme: #{parent}"
parent.output(wpscan_options.verbose) parent.output(wpscan_options.verbose)
wp_theme = parent wp_theme = parent
end end
@@ -208,7 +208,7 @@ def main
if wpscan_options.enumerate_plugins == nil and wpscan_options.enumerate_only_vulnerable_plugins == nil if wpscan_options.enumerate_plugins == nil and wpscan_options.enumerate_only_vulnerable_plugins == nil
puts puts
puts green('[+]') + ' Enumerating plugins from passive detection ... ' puts "#{green('[+]')} Enumerating plugins from passive detection ..."
wp_plugins = WpPlugins.passive_detection(wp_target) wp_plugins = WpPlugins.passive_detection(wp_target)
if !wp_plugins.empty? if !wp_plugins.empty?
@@ -216,14 +216,14 @@ def main
wp_plugins.output(wpscan_options.verbose) wp_plugins.output(wpscan_options.verbose)
else else
puts green('[+]') + ' No plugins found' puts "#{green('[+]')} No plugins found"
end end
end end
# Enumerate the installed plugins # Enumerate the installed plugins
if wpscan_options.enumerate_plugins or wpscan_options.enumerate_only_vulnerable_plugins or wpscan_options.enumerate_all_plugins if wpscan_options.enumerate_plugins or wpscan_options.enumerate_only_vulnerable_plugins or wpscan_options.enumerate_all_plugins
puts puts
puts green('[+]') + " Enumerating installed plugins #{'(only vulnerable ones)' if wpscan_options.enumerate_only_vulnerable_plugins} ..." puts "#{green('[+]')} Enumerating installed plugins #{'(only vulnerable ones)' if wpscan_options.enumerate_only_vulnerable_plugins} ..."
puts puts
wp_plugins = WpPlugins.aggressive_detection(wp_target, wp_plugins = WpPlugins.aggressive_detection(wp_target,
@@ -234,18 +234,18 @@ def main
) )
puts puts
if !wp_plugins.empty? if !wp_plugins.empty?
puts green('[+]') + " We found #{wp_plugins.size} plugins:" puts "#{green('[+]')} We found #{wp_plugins.size} plugins:"
wp_plugins.output(wpscan_options.verbose) wp_plugins.output(wpscan_options.verbose)
else else
puts green('[+]') + ' No plugins found' puts "#{green('[+]')} No plugins found"
end end
end end
# Enumerate installed themes # Enumerate installed themes
if wpscan_options.enumerate_themes or wpscan_options.enumerate_only_vulnerable_themes or wpscan_options.enumerate_all_themes if wpscan_options.enumerate_themes or wpscan_options.enumerate_only_vulnerable_themes or wpscan_options.enumerate_all_themes
puts puts
puts green('[+]') + " Enumerating installed themes #{'(only vulnerable ones)' if wpscan_options.enumerate_only_vulnerable_themes} ..." puts "#{green('[+]')} Enumerating installed themes #{'(only vulnerable ones)' if wpscan_options.enumerate_only_vulnerable_themes} ..."
puts puts
wp_themes = WpThemes.aggressive_detection(wp_target, wp_themes = WpThemes.aggressive_detection(wp_target,
@@ -256,17 +256,17 @@ def main
) )
puts puts
if !wp_themes.empty? if !wp_themes.empty?
puts green('[+]') + " We found #{wp_themes.size} themes:" puts "#{green('[+]')} We found #{wp_themes.size} themes:"
wp_themes.output(wpscan_options.verbose) wp_themes.output(wpscan_options.verbose)
else else
puts green('[+]') + ' No themes found' puts "#{green('[+]')} No themes found"
end end
end end
if wpscan_options.enumerate_timthumbs if wpscan_options.enumerate_timthumbs
puts puts
puts green('[+]') + ' Enumerating timthumb files ...' puts "#{green('[+]')} Enumerating timthumb files ..."
puts puts
wp_timthumbs = WpTimthumbs.aggressive_detection(wp_target, wp_timthumbs = WpTimthumbs.aggressive_detection(wp_target,
@@ -277,7 +277,7 @@ def main
) )
puts puts
if !wp_timthumbs.empty? if !wp_timthumbs.empty?
puts green('[+]') + " We found #{wp_timthumbs.size} timthumb file/s:" puts "#{green('[+]')} We found #{wp_timthumbs.size} timthumb file/s:"
puts puts
wp_timthumbs.output(wpscan_options.verbose) wp_timthumbs.output(wpscan_options.verbose)
@@ -285,14 +285,14 @@ def main
puts puts
puts red(' * Reference: http://www.exploit-db.com/exploits/17602/') puts red(' * Reference: http://www.exploit-db.com/exploits/17602/')
else else
puts green('[+]') + ' No timthumb files found' puts "#{green('[+]')} No timthumb files found"
end end
end end
# If we haven't been supplied a username, enumerate them... # If we haven't been supplied a username, enumerate them...
if !wpscan_options.username and wpscan_options.wordlist or wpscan_options.enumerate_usernames if !wpscan_options.username and wpscan_options.wordlist or wpscan_options.enumerate_usernames
puts puts
puts green('[+]') + ' Enumerating usernames ...' puts "#{green('[+]')} Enumerating usernames ..."
wp_users = WpUsers.aggressive_detection(wp_target, wp_users = WpUsers.aggressive_detection(wp_target,
enum_options.merge( enum_options.merge(
@@ -302,7 +302,7 @@ def main
) )
if wp_users.empty? if wp_users.empty?
puts green('[+]') + " We did not enumerate any usernames" puts "#{green('[+]')} We did not enumerate any usernames"
if wpscan_options.wordlist if wpscan_options.wordlist
puts 'Try supplying your own username with the --username option' puts 'Try supplying your own username with the --username option'
@@ -310,7 +310,7 @@ def main
exit(1) exit(1)
end end
else else
puts green('[+]') + " Identified the following #{wp_users.size} user/s:" puts "#{green('[+]')} Identified the following #{wp_users.size} user/s:"
wp_users.output(margin_left: ' ' * 4) wp_users.output(margin_left: ' ' * 4)
end end
@@ -328,13 +328,13 @@ def main
puts puts
puts "The plugin #{protection_plugin.name} has been detected. It might record the IP and timestamp of every failed login and/or prevent brute forcing altogether. Not a good idea for brute forcing!" puts "The plugin #{protection_plugin.name} has been detected. It might record the IP and timestamp of every failed login and/or prevent brute forcing altogether. Not a good idea for brute forcing!"
print '[?] Do you want to start the brute force anyway ? [y/n] ' print "[?] Do you want to start the brute force anyway ? [y/n] "
bruteforce = false if Readline.readline !~ /^y/i bruteforce = false if Readline.readline !~ /^y/i
end end
puts puts
if bruteforce if bruteforce
puts green('[+]') + ' Starting the password brute forcer' puts "#{green('[+]')} Starting the password brute forcer"
begin begin
wp_users.brute_force( wp_users.brute_force(
@@ -347,7 +347,7 @@ def main
wp_users.output(show_password: true, margin_left: ' ' * 2) wp_users.output(show_password: true, margin_left: ' ' * 2)
end end
else else
puts 'Brute forcing aborted' puts "Brute forcing aborted"
end end
end end
@@ -368,7 +368,7 @@ def main
puts red(e.message) puts red(e.message)
else else
puts red("[ERROR] #{e.message}") puts red("[ERROR] #{e.message}")
puts red('Trace:') puts red("Trace:")
puts red(e.backtrace.join("\n")) puts red(e.backtrace.join("\n"))
end end
exit(1) exit(1)