garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WPSTools updated to respect ruby standards according to rubocop

Browse Source
This commit is contained in:
erwanlr
2013-01-24 17:04:45 +01:00
parent ce9f073f26
commit b0dd9ba989
18 changed files with 261 additions and 231 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
lib/browser.rb
View File

@@ -1,3 +1,4 @@
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
@@ -45,7 +46,11 @@ class Browser
override_config_with_options(options)
end
@hydra = Typhoeus::Hydra.new(:max_concurrency => @max_threads, :timeout => @request_timeout)
@hydra = Typhoeus::Hydra.new(
max_concurrency: @max_threads,
timeout: @request_timeout
)
# TODO : add an option for the cache dir instead of using a constant
@cache = CacheFileStore.new(CACHE_DIR + '/browser')
@@ -69,12 +74,13 @@ class Browser
end
def user_agent_mode=(ua_mode)
ua_mode ||= "static"
ua_mode ||= 'static'
if USER_AGENT_MODES.include?(ua_mode)
@user_agent_mode = ua_mode
# For semi-static user agent mode, the user agent has to be nil the first time (it will be set with the getter)
@user_agent = nil if ua_mode === "semi-static"
# For semi-static user agent mode, the user agent has to
# be nil the first time (it will be set with the getter)
@user_agent = nil if ua_mode === 'semi-static'
else
raise "Unknow user agent mode : '#{ua_mode}'"
end
@@ -83,12 +89,12 @@ class Browser
# return the user agent, according to the user_agent_mode
def user_agent
case @user_agent_mode
when "semi-static"
unless @user_agent
@user_agent = @available_user_agents.sample
end
when "random"
when 'semi-static'
unless @user_agent
@user_agent = @available_user_agents.sample
end
when 'random'
@user_agent = @available_user_agents.sample
end
@user_agent
end
@@ -109,21 +115,25 @@ class Browser
@proxy_auth = auth
elsif auth.is_a?(String)
if matches = %r{([^:]+):(.*)}.match(auth)
@proxy_auth = {:proxy_username => matches[1], :proxy_password => matches[2]}
@proxy_auth = {
proxy_username: matches[1],
proxy_password: matches[2]
}
else
raise_invalid_proxy_format()
raise_invalid_proxy_auth_format()
end
else
raise_invalid_proxy_format()
raise_invalid_proxy_auth_format()
end
end
end
def raise_invalid_proxy_format
raise "Invalid proxy auth format, expected username:password or {:proxy_username => username, :proxy_password => password}"
def raise_invalid_proxy_auth_format
raise 'Invalid proxy auth format, expected username:password or {proxy_username: username, proxy_password: password}'
end
# TODO reload hydra (if the .load_config is called on a browser object, hydra will not have the new @max_threads and @request_timeout)
# TODO reload hydra (if the .load_config is called on a browser object,
# hydra will not have the new @max_threads and @request_timeout)
def load_config(config_file = nil)
@config_file = config_file || @config_file
@@ -146,7 +156,9 @@ class Browser
end
@hydra.cache_getter do |request|
@cache.read_entry(Browser.generate_cache_key_from_request(request)) rescue nil
@cache.read_entry(
Browser.generate_cache_key_from_request(request)
) rescue nil
end
end

10
lib/cache_file_store.rb
View File

@@ -1,3 +1,4 @@
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
@@ -18,7 +19,8 @@
#
# => @todo take consideration of the cache_timeout :
# -> create 2 files per key : one for the data storage (key.store ?) and the other for the cache timeout (key.expiration, key.timeout ?)
# -> create 2 files per key : one for the data storage (key.store ?)
# and the other for the cache timeout (key.expiration, key.timeout ?)
# or 1 file for all timeouts ?
# -> 2 dirs : 1 for storage, the other for cache_timeout ?
#
@@ -28,14 +30,16 @@ require 'yaml'
class CacheFileStore
attr_reader :storage_path, :serializer
# The serializer must have the 2 methods .load and .dump (Marshal and YAML have them)
# The serializer must have the 2 methods .load and .dump
# (Marshal and YAML have them)
# YAML is Human Readable, contrary to Marshal which store in a binary format
# Marshal does not need any "require"
def initialize(storage_path, serializer = Marshal)
@storage_path = File.expand_path(storage_path)
@serializer = serializer
# File.directory? for ruby <= 1.9 otherwise, it makes more sense to do Dir.exist? :/
# File.directory? for ruby <= 1.9 otherwise,
# it makes more sense to do Dir.exist? :/
unless File.directory?(@storage_path)
Dir.mkdir(@storage_path)
end

2
lib/common/custom_option_parser.rb
View File

@@ -1,3 +1,5 @@
# encoding: UTF-8
#
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
#

2
lib/common/plugins/plugin.rb
View File

@@ -1,3 +1,5 @@
# encoding: UTF-8
#
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
#

2
lib/common/plugins/plugins.rb
View File

@@ -1,3 +1,5 @@
# encoding: UTF-8
#
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
#

93
lib/common_helper.rb
View File

@@ -1,3 +1,4 @@
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
@@ -18,39 +19,39 @@
LIB_DIR = File.dirname(__FILE__)
ROOT_DIR = File.expand_path(LIB_DIR + '/..') # expand_path is used to get "wpscan/" instead of "wpscan/lib/../"
DATA_DIR = ROOT_DIR + "/data"
CONF_DIR = ROOT_DIR + "/conf"
CACHE_DIR = ROOT_DIR + "/cache"
WPSCAN_LIB_DIR = LIB_DIR + "/wpscan"
WPSTOOLS_LIB_DIR = LIB_DIR + "/wpstools"
UPDATER_LIB_DIR = LIB_DIR + "/updater"
COMMON_LIB_DIR = LIB_DIR + "/common"
LOG_FILE = ROOT_DIR + "/log.txt"
DATA_DIR = ROOT_DIR + '/data'
CONF_DIR = ROOT_DIR + '/conf'
CACHE_DIR = ROOT_DIR + '/cache'
WPSCAN_LIB_DIR = LIB_DIR + '/wpscan'
WPSTOOLS_LIB_DIR = LIB_DIR + '/wpstools'
UPDATER_LIB_DIR = LIB_DIR + '/updater'
COMMON_LIB_DIR = LIB_DIR + '/common'
LOG_FILE = ROOT_DIR + '/log.txt'
# Plugins directories
COMON_PLUGINS_DIR = COMMON_LIB_DIR + "/plugins"
WPSCAN_PLUGINS_DIR = WPSCAN_LIB_DIR + "/plugins"
WPSTOOLS_PLUGINS_DIR = WPSTOOLS_LIB_DIR + "/plugins"
COMON_PLUGINS_DIR = COMMON_LIB_DIR + '/plugins'
WPSCAN_PLUGINS_DIR = WPSCAN_LIB_DIR + '/plugins'
WPSTOOLS_PLUGINS_DIR = WPSTOOLS_LIB_DIR + '/plugins'
# Data files
PLUGINS_FILE = DATA_DIR + "/plugins.txt"
PLUGINS_FULL_FILE = DATA_DIR + "/plugins_full.txt"
PLUGINS_VULNS_FILE = DATA_DIR + "/plugin_vulns.xml"
THEMES_FILE = DATA_DIR + "/themes.txt"
THEMES_FULL_FILE = DATA_DIR + "/themes_full.txt"
THEMES_VULNS_FILE = DATA_DIR + "/theme_vulns.xml"
WP_VULNS_FILE = DATA_DIR + "/wp_vulns.xml"
WP_VERSIONS_FILE = DATA_DIR + "/wp_versions.xml"
LOCAL_FILES_FILE = DATA_DIR + "/local_vulnerable_files.xml"
VULNS_XSD = DATA_DIR + "/vuln.xsd"
WP_VERSIONS_XSD = DATA_DIR + "/wp_versions.xsd"
LOCAL_FILES_XSD = DATA_DIR + "/local_vulnerable_files.xsd"
PLUGINS_FILE = DATA_DIR + '/plugins.txt'
PLUGINS_FULL_FILE = DATA_DIR + '/plugins_full.txt'
PLUGINS_VULNS_FILE = DATA_DIR + '/plugin_vulns.xml'
THEMES_FILE = DATA_DIR + '/themes.txt'
THEMES_FULL_FILE = DATA_DIR + '/themes_full.txt'
THEMES_VULNS_FILE = DATA_DIR + '/theme_vulns.xml'
WP_VULNS_FILE = DATA_DIR + '/wp_vulns.xml'
WP_VERSIONS_FILE = DATA_DIR + '/wp_versions.xml'
LOCAL_FILES_FILE = DATA_DIR + '/local_vulnerable_files.xml'
VULNS_XSD = DATA_DIR + '/vuln.xsd'
WP_VERSIONS_XSD = DATA_DIR + '/wp_versions.xsd'
LOCAL_FILES_XSD = DATA_DIR + '/local_vulnerable_files.xsd'
WPSCAN_VERSION = "2.0"
WPSCAN_VERSION = '2.0'
require "#{LIB_DIR}/environment"
# TODO : add an exclude pattern ?
def require_files_from_directory(absolute_dir_path, files_pattern = "*.rb")
def require_files_from_directory(absolute_dir_path, files_pattern = '*.rb')
Dir[File.join(absolute_dir_path, files_pattern)].sort.each do |f|
f = File.expand_path(f)
require f
@@ -59,7 +60,7 @@ def require_files_from_directory(absolute_dir_path, files_pattern = "*.rb")
end
#require_files_from_directory(COMMON_LIB_DIR)
require_files_from_directory(COMMON_LIB_DIR, "**/*.rb")
require_files_from_directory(COMMON_LIB_DIR, '**/*.rb')
# Add protocol
def add_http_protocol(url)
@@ -71,8 +72,8 @@ def add_trailing_slash(url)
end
# Gets the string all elements in stringarray ends with
def get_equal_string_end(stringarray = [""])
already_found = ""
def get_equal_string_end(stringarray = [''])
already_found = ''
looping = true
counter = -1
if stringarray.kind_of? Array and stringarray.length > 1
@@ -97,15 +98,15 @@ end
# Since ruby 1.9.2, URI::escape is obsolete
# See http://rosettacode.org/wiki/URL_encoding#Ruby and http://www.ruby-forum.com/topic/207489
if RUBY_VERSION >= "1.9.2"
if RUBY_VERSION >= '1.9.2'
module URI
def self.escape(str)
URI.encode_www_form_component(str).gsub("+", "%20")
URI.encode_www_form_component(str).gsub('+', '%20')
end
end
end
if RUBY_VERSION < "1.9"
if RUBY_VERSION < '1.9'
class Array
# Fix for grep with symbols in ruby <= 1.8.7
def _grep_(regexp)
@@ -128,25 +129,25 @@ require_files_from_directory(UPDATER_LIB_DIR)
if @updater
REVISION = @updater.local_revision_number()
else
REVISION = "NA"
REVISION = 'NA'
end
# our 1337 banner
def banner()
def banner
puts '____________________________________________________'
puts " __ _______ _____ "
puts " \\ \\ / / __ \\ / ____| "
puts " \\ \\ /\\ / /| |__) | (___ ___ __ _ _ __ "
puts " \\ \\/ \\/ / | ___/ \\___ \\ / __|/ _` | '_ \\ "
puts " \\ /\\ / | | ____) | (__| (_| | | | |"
puts ' __ _______ _____ '
puts ' \\ \\ / / __ \\ / ____| '
puts ' \\ \\ /\\ / /| |__) | (___ ___ __ _ _ __ '
puts ' \\ \\/ \\/ / | ___/ \\___ \\ / __|/ _` | \'_ \\ '
puts ' \\ /\\ / | | ____) | (__| (_| | | | |'
puts " \\/ \\/ |_| |_____/ \\___|\\__,_|_| |_| v#{WPSCAN_VERSION}r#{REVISION}"
puts
puts " WordPress Security Scanner by the WPScan Team"
puts " Sponsored by the RandomStorm Open Source Initiative"
puts ' WordPress Security Scanner by the WPScan Team'
puts ' Sponsored by the RandomStorm Open Source Initiative'
puts '_____________________________________________________'
puts
if RUBY_VERSION < "1.9"
puts "[WARNING] Ruby < 1.9 not officially supported, please upgrade."
if RUBY_VERSION < '1.9'
puts '[WARNING] Ruby < 1.9 not officially supported, please upgrade.'
puts
end
end
@@ -165,16 +166,16 @@ end
def get_metasploit_url(module_path)
# remove leading slash
module_path = module_path.sub(/^\//, "")
module_path = module_path.sub(/^\//, '')
"http://www.metasploit.com/modules/#{module_path}"
end
# Override for puts to enable logging
def puts(o = "")
def puts(o = '')
# remove color for logging
if o.respond_to?("gsub")
if o.respond_to?('gsub')
temp = o.gsub(/\e\[\d+m(.*)?\e\[0m/, '\1')
File.open(LOG_FILE, "a+") { |f| f.puts(temp) }
File.open(LOG_FILE, 'a+') { |f| f.puts(temp) }
end
super(o)
end

7
lib/environment.rb
View File

@@ -1,3 +1,4 @@
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
@@ -47,7 +48,7 @@ rescue LoadError => e
if missing_gem
if missing_gem =~ /nokogiri/i
puts
puts "Nokogiri needs some packets, please run 'sudo apt-get install libxml2 libxml2-dev libxslt1-dev' to install them. Then run the command below"
puts 'Nokogiri needs some packets, please run \'sudo apt-get install libxml2 libxml2-dev libxslt1-dev\' to install them. Then run the command below'
puts
end
puts "[TIP] Try to run 'gem install #{missing_gem}' or 'gem install --user-install #{missing_gem}'. If you still get an error, Please see README file or https://github.com/wpscanteam/wpscan"
@@ -55,7 +56,7 @@ rescue LoadError => e
exit(1)
end
if Typhoeus::VERSION == "0.4.0"
puts "Typhoeus 0.4.0 detected, please update the gem otherwise wpscan will not work correctly"
if Typhoeus::VERSION == '0.4.0'
puts 'Typhoeus 0.4.0 detected, please update the gem otherwise wpscan will not work correctly'
exit(1)
end

4
lib/updater/git_updater.rb
View File

@@ -1,3 +1,4 @@
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
@@ -24,7 +25,8 @@ class GitUpdater < Updater
%x[git #{repo_directory_arguments()} status 2>&1] =~ /On branch/ ? true : false
end
# Git has not a revsion number like SVN, so we will take the 7 first chars of the last commit hash
# Git has not a revsion number like SVN,
# so we will take the 7 first chars of the last commit hash
def local_revision_number
git_log = %x[git #{repo_directory_arguments()} log -1 2>&1]
git_log[/commit ([0-9a-z]{7})/i, 1].to_s

3
lib/updater/svn_updater.rb
View File

@@ -1,3 +1,4 @@
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
@@ -21,7 +22,7 @@ require File.expand_path(File.dirname(__FILE__) + '/updater')
class SvnUpdater < Updater
REVISION_PATTERN = /revision="(\d+)"/i
TRUNK_URL = "https://github.com/wpscanteam/wpscan"
TRUNK_URL = 'https://github.com/wpscanteam/wpscan'
def is_installed?
%x[svn info "#@repo_directory" --xml 2>&1] =~ /revision=/ ? true : false

1
lib/updater/updater.rb
View File

@@ -1,3 +1,4 @@
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013

1
lib/updater/updater_factory.rb
View File

@@ -1,3 +1,4 @@
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013

44
lib/wpstools/plugins/checker/checker_plugin.rb
View File

@@ -1,3 +1,5 @@
# encoding: UTF-8
#
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
#
@@ -18,13 +20,11 @@
class CheckerPlugin < Plugin
def initialize
super(
:author => "@wpscanteam - @erwanlr"
)
super(author: 'WPScanTeam - @erwanlr')
register_options(
["--check-vuln-ref-urls", "--cvru", "Check all the vulnerabilities reference urls for 404"],
["--check-local-vulnerable-files LOCAL_DIRECTORY", "--clvf", "Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells"]
['--check-vuln-ref-urls', '--cvru', 'Check all the vulnerabilities reference urls for 404'],
['--check-local-vulnerable-files LOCAL_DIRECTORY', '--clvf', 'Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells']
)
end
@@ -39,11 +39,11 @@ class CheckerPlugin < Plugin
end
def check_vuln_ref_urls
vuln_ref_files = [ PLUGINS_VULNS_FILE , THEMES_VULNS_FILE, WP_VULNS_FILE ]
vuln_ref_files = [PLUGINS_VULNS_FILE, THEMES_VULNS_FILE, WP_VULNS_FILE]
error_codes = [404, 500, 403]
not_found_regexp = %r{No Results Found|error 404|ID Invalid or Not Found}i
puts "[+] Checking vulnerabilities reference urls"
puts '[+] Checking vulnerabilities reference urls'
vuln_ref_files.each do |vuln_ref_file|
xml = Nokogiri::XML(File.open(vuln_ref_file)) do |config|
@@ -51,7 +51,7 @@ class CheckerPlugin < Plugin
end
urls = []
xml.xpath("//reference").each { |node| urls << node.text }
xml.xpath('//reference').each { |node| urls << node.text }
urls.uniq!
@@ -63,7 +63,7 @@ class CheckerPlugin < Plugin
number_of_urls = urls.size
urls.each do |url|
request = browser.forge_request(url, { :cache_timeout => 0, :follow_location => true })
request = browser.forge_request(url, { cache_timeout: 0, follow_location: true })
request_count += 1
request.on_complete do |response|
@@ -95,11 +95,11 @@ class CheckerPlugin < Plugin
if Dir::exist?(dir_to_scan)
xml_file = LOCAL_FILES_FILE
local_hashes = {}
file_extension_to_scan = "*.{js,php,swf,html,htm}"
file_extension_to_scan = '*.{js,php,swf,html,htm}'
print "[+] Generating local hashes ... "
print '[+] Generating local hashes ... '
Dir[File::join(dir_to_scan, "**", file_extension_to_scan)].each do |filename|
Dir[File::join(dir_to_scan, '**', file_extension_to_scan)].each do |filename|
sha1sum = Digest::SHA1.file(filename).hexdigest
if local_hashes.has_key?(sha1sum)
@@ -109,36 +109,36 @@ class CheckerPlugin < Plugin
end
end
puts "done."
puts 'done.'
puts "[+] Checking for vulnerable files ..."
puts '[+] Checking for vulnerable files ...'
xml = Nokogiri::XML(File.open(xml_file)) do |config|
config.noblanks
end
xml.xpath("//hash").each do |node|
sha1sum = node.attribute("sha1").text
xml.xpath('//hash').each do |node|
sha1sum = node.attribute('sha1').text
if local_hashes.has_key?(sha1sum)
local_filenames = local_hashes[sha1sum]
vuln_title = node.search("title").text
vuln_filename = node.search("file").text
vuln_refrence = node.search("reference").text
vuln_title = node.search('title').text
vuln_filename = node.search('file').text
vuln_refrence = node.search('reference').text
puts " #{vuln_filename} found :"
puts " | Location(s):"
puts ' | Location(s):'
local_filenames.each do |file|
puts " | - #{file}"
end
puts " |"
puts ' |'
puts " | Title: #{vuln_title}"
puts " | Refrence: #{vuln_refrence}" if !vuln_refrence.empty?
puts
end
end
puts "done."
puts 'done.'
else
puts "The supplied directory '#{dir_to_scan}' does not exist"

55
lib/wpstools/plugins/list_generator/generate_list.rb
View File

@@ -1,5 +1,4 @@
#!/usr/bin/env ruby
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
@@ -26,14 +25,14 @@ class GenerateList
# type = themes | plugins
def initialize(type, verbose)
if type =~ /plugins/i
@type = "plugin"
@svn_url = "http://plugins.svn.wordpress.org/"
@popular_url = "http://wordpress.org/extend/plugins/browse/popular/"
@type = 'plugin'
@svn_url = 'http://plugins.svn.wordpress.org/'
@popular_url = 'http://wordpress.org/extend/plugins/browse/popular/'
@popular_regex = %r{<h3><a href="http://wordpress.org/extend/plugins/(.+)/">.+</a></h3>}i
elsif type =~ /themes/i
@type = "theme"
@svn_url = "http://themes.svn.wordpress.org/"
@popular_url = "http://wordpress.org/extend/themes/browse/popular/"
@type = 'theme'
@svn_url = 'http://themes.svn.wordpress.org/'
@popular_url = 'http://wordpress.org/extend/themes/browse/popular/'
@popular_regex = %r{<h3><a href="http://wordpress.org/extend/themes/(.+)">.+</a></h3>}i
else
raise "Type #{type} not defined"
@@ -45,24 +44,24 @@ class GenerateList
def set_file_name(type)
case @type
when "plugin"
case type
when :full
@file_name = PLUGINS_FULL_FILE
when :popular
@file_name = PLUGINS_FILE
else
raise "Unknown type"
end
when "theme"
case type
when :full
@file_name = THEMES_FULL_FILE
when :popular
@file_name = THEMES_FILE
else
raise "Unknown type"
end
when 'plugin'
case type
when :full
@file_name = PLUGINS_FULL_FILE
when :popular
@file_name = PLUGINS_FILE
else
raise 'Unknown type'
end
when 'theme'
case type
when :full
@file_name = THEMES_FULL_FILE
when :popular
@file_name = THEMES_FILE
else
raise 'Unknown type'
end
else
raise "Unknown type #@type"
end
@@ -87,7 +86,7 @@ class GenerateList
page_count = 1
queue_count = 0
(1...(pages.to_i+1)).each do |page|
(1...(pages.to_i + 1)).each do |page|
# First page has another URL
url = (page == 1) ? @popular_url : @popular_url + 'page/' + page.to_s + '/'
request = @browser.forge_request(url)
@@ -95,7 +94,7 @@ class GenerateList
queue_count += 1
request.on_complete do |response|
puts "[+] Parsing page " + page_count.to_s if @verbose
puts "[+] Parsing page #{page_count}" if @verbose
page_count += 1
response.body.scan(@popular_regex).each do |item|
puts "[+] Found popular #@type: #{item}" if @verbose

24
lib/wpstools/plugins/list_generator/list_generator_plugin.rb
View File

@@ -1,3 +1,5 @@
# encoding: UTF-8
#
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
#
@@ -18,18 +20,16 @@
class ListGeneratorPlugin < Plugin
def initialize
super(
:author => "WPScanTeam - @FireFart"
)
super(author: 'WPScanTeam - @FireFart')
register_options(
["--generate-plugin-list [NUMBER_OF_PAGES]", "--gpl", Integer, "Generate a new data/plugins.txt file. (supply number of *pages* to parse, default : 150)"],
["--generate-full-plugin-list", "--gfpl", "Generate a new full data/plugins.txt file"],
['--generate-plugin-list [NUMBER_OF_PAGES]', '--gpl', Integer, 'Generate a new data/plugins.txt file. (supply number of *pages* to parse, default : 150)'],
['--generate-full-plugin-list', '--gfpl', 'Generate a new full data/plugins.txt file'],
["--generate-theme-list [NUMBER_OF_PAGES]", "--gtl", Integer, "Generate a new data/themes.txt file. (supply number of *pages* to parse, default : 150)"],
["--generate-full-theme-list", "--gftl", "Generate a new full data/themes.txt file"],
['--generate-theme-list [NUMBER_OF_PAGES]', '--gtl', Integer, 'Generate a new data/themes.txt file. (supply number of *pages* to parse, default : 150)'],
['--generate-full-theme-list', '--gftl', 'Generate a new full data/themes.txt file'],
["--generate-all", "--ga", "Generate a new full plugins, full themes, popular plugins and popular themes list"],
['--generate-all', '--ga', 'Generate a new full plugins, full themes, popular plugins and popular themes list']
)
end
@@ -40,13 +40,13 @@ class ListGeneratorPlugin < Plugin
if options.has_key?(:generate_plugin_list) || generate_all
number_of_pages = options[:generate_plugin_list] || 150
puts "[+] Generating new most popular plugin list"
puts '[+] Generating new most popular plugin list'
puts
GenerateList.new('plugins', verbose).generate_popular_list(number_of_pages)
end
if options[:generate_full_plugin_list] || generate_all
puts "[+] Generating new full plugin list"
puts '[+] Generating new full plugin list'
puts
GenerateList.new('plugins', verbose).generate_full_list
end
@@ -54,13 +54,13 @@ class ListGeneratorPlugin < Plugin
if options.has_key?(:generate_theme_list) || generate_all
number_of_pages = options[:generate_theme_list] || 150
puts "[+] Generating new most popular theme list"
puts '[+] Generating new most popular theme list'
puts
GenerateList.new('themes', verbose).generate_popular_list(number_of_pages)
end
if options[:generate_full_theme_list] || generate_all
puts "[+] Generating new full theme list"
puts '[+] Generating new full theme list'
puts
GenerateList.new('themes', verbose).generate_full_list
end

15
lib/wpstools/plugins/list_generator/svn_parser.rb
View File

@@ -1,5 +1,4 @@
#!/usr/bin/env ruby
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
@@ -24,12 +23,12 @@ class SvnParser
attr_accessor :verbose, :svn_root, :keep_empty_dirs
def initialize(svn_root)
@svn_root = svn_root
@svn_browser = Browser.instance
@svn_hydra = @svn_browser.hydra
@svn_root = svn_root
@svn_browser = Browser.instance
@svn_hydra = @svn_browser.hydra
end
def parse()
def parse
get_root_directories
end
@@ -38,11 +37,13 @@ class SvnParser
# Gets all directories in the SVN root
def get_root_directories
dirs = []
dirs = []
rootindex = @svn_browser.get(@svn_root).body
rootindex.scan(%r{<li><a href=".+">(.+)/</a></li>}i).each do |dir|
dirs << dir[0]
end
dirs.sort!
dirs.uniq
end

19
lib/wpstools/wpstools_helper.rb
View File

@@ -1,3 +1,4 @@
# encoding: UTF-8
#--
# WPScan - WordPress Security Scanner
# Copyright (C) 2012-2013
@@ -19,33 +20,33 @@
require File.expand_path(File.dirname(__FILE__) + '/../common_helper')
require_files_from_directory(WPSTOOLS_LIB_DIR)
require_files_from_directory(WPSTOOLS_PLUGINS_DIR, "**/*.rb")
require_files_from_directory(WPSTOOLS_PLUGINS_DIR, '**/*.rb')
def usage()
def usage
script_name = $0
puts
puts "-h for further help."
puts '-h for further help.'
puts
puts "Examples:"
puts 'Examples:'
puts
puts "- Generate a new 'most popular' plugin list, up to 150 pages ..."
puts "ruby #{script_name} --generate-plugin-list 150"
puts
puts "- Generate a new full plugin list"
puts '- Generate a new full plugin list'
puts "ruby #{script_name} --generate-full-plugin-list"
puts
puts "- Generate a new 'most popular' theme list, up to 150 pages ..."
puts "ruby #{script_name} --generate-theme-list 150"
puts
puts "- Generate a new full theme list"
puts '- Generate a new full theme list'
puts "ruby #{script_name} --generate-full-theme-list"
puts
puts "- Generate all list"
puts '- Generate all list'
puts "ruby #{script_name} --generate-all"
puts
puts "Locally scan a wordpress installation for vulnerable files or shells"
puts 'Locally scan a wordpress installation for vulnerable files or shells'
puts "ruby #{script_name} --check-local-vulnerable-files /var/www/wordpress/"
puts
puts "See README for further information."
puts 'See README for further information.'
puts
end