Removes the ListGenerator plugin from WPStools

2014-09-13 13:57:45 +02:00
parent 8b44354fec
commit cbe33caeef
8 changed files with 0 additions and 226 deletions
--- a/lib/wpstools/plugins/list_generator/generate_list.rb
+++ b/lib/wpstools/plugins/list_generator/generate_list.rb
@@ -1,114 +0,0 @@
 # encoding: UTF-8
 # This tool generates a list to use for plugin and theme enumeration
 class GenerateList
  attr_accessor :verbose
  # type = themes | plugins
  def initialize(type, verbose)
    if type =~ /plugins/i
      @type           = 'plugin'
      @svn_url        = 'http://plugins.svn.wordpress.org/'
      @popular_url    = 'http://wordpress.org/plugins/browse/popular/'
      @popular_regex  = %r{<h3><a href="http://wordpress.org/plugins/([^/]+)/">.+</a></h3>}i
    elsif type =~ /themes/i
      @type           = 'theme'
      @svn_url        = 'http://themes.svn.wordpress.org/'
      @popular_url    = 'http://wordpress.org/themes/browse/popular/'
      @popular_regex  = %r{<h3><a href="http://wordpress.org/themes/([^/]+)">.+</a></h3>}i
    else
      raise "Type #{type} not defined"
    end
    @verbose  = verbose
    @browser  = Browser.instance(request_timeout: 20000, connect_timeout: 20000, max_threads: 1, cache_ttl: 0)
  end
  def set_file_name(type)
    case @type
    when 'plugin'
      case type
      when :full
        @file_name = PLUGINS_FULL_FILE
      when :popular
        @file_name = PLUGINS_FILE
      else
        raise 'Unknown type'
      end
    when 'theme'
      case type
      when :full
        @file_name = THEMES_FULL_FILE
      when :popular
        @file_name = THEMES_FILE
      else
        raise 'Unknown type'
      end
      else
        raise "Unknown type #@type"
    end
  end
  def generate_full_list
    set_file_name(:full)
    items = SvnParser.new(@svn_url).parse
    save items
  end
  def generate_popular_list(pages)
    set_file_name(:popular)
    items = get_popular_items(pages)
    save items
  end
  # Send a HTTP request to the WordPress most popular theme or plugin webpage
  # parse the response for the names.
  def get_popular_items(pages)
    found_items = []
    page_count  = 1
    retries     = 0
    (1...(pages.to_i + 1)).each do |page|
      # First page has another URL
      url = (page == 1) ? @popular_url : @popular_url + 'page/' + page.to_s + '/'
      puts "[+] Parsing page #{page_count}" if @verbose
      code = 0
      while code != 200 && retries <= 3
        puts red("[!] Retrying request for page #{page} (Code: #{code})") unless code == 0
        request  = @browser.forge_request(url)
        response = request.run
        code     = response.code
        sleep(5) unless code == 200
        retries += 1
      end
      page_count += 1
      found = 0
      response.body.scan(@popular_regex).each do |item|
        found_items << item[0]
        found = found + 1
      end
      retries = 0
      puts "[+] Found #{found} items on page #{page}" if @verbose
    end
    found_items.sort!
    found_items.uniq
  end
  # Save the file
  def save(items)
    items.sort!
    items.uniq!
    puts "[*] We have parsed #{items.length} #{@type}s"
    File.open(@file_name, 'w') { |f| f.puts(items) }
    puts "New #@file_name file created"
  end
 end
--- a/lib/wpstools/plugins/list_generator/list_generator_plugin.rb
+++ b/lib/wpstools/plugins/list_generator/list_generator_plugin.rb
@@ -1,53 +0,0 @@
 # encoding: UTF-8
 class ListGeneratorPlugin < Plugin
  def initialize
    super(author: 'WPScanTeam - @FireFart')
    register_options(
      ['--generate-plugin-list [NUMBER_OF_PAGES]', '--gpl', Integer, 'Generate a new data/plugins.txt file. (supply number of *pages* to parse, default : 150)'],
      ['--generate-full-plugin-list', '--gfpl', 'Generate a new full data/plugins.txt file'],
      ['--generate-theme-list [NUMBER_OF_PAGES]', '--gtl', Integer, 'Generate a new data/themes.txt file. (supply number of *pages* to parse, default : 20)'],
      ['--generate-full-theme-list', '--gftl', 'Generate a new full data/themes.txt file'],
      ['--generate-all', '--ga', 'Generate a new full plugins, full themes, popular plugins and popular themes list']
    )
  end
  def run(options = {})
    @verbose     = options[:verbose] || false
    generate_all = options[:generate_all] || false
    if options.has_key?(:generate_plugin_list) || generate_all
      most_popular('plugin', options[:generate_plugin_list] || 150)
    end
    if options[:generate_full_plugin_list] || generate_all
      full('plugin')
    end
    if options.has_key?(:generate_theme_list) || generate_all
      most_popular('theme', options[:generate_theme_list] || 20)
    end
    if options[:generate_full_theme_list] || generate_all
      full('theme')
    end
  end
  private
  def most_popular(type, number_of_pages)
    puts "[+] Generating new most popular #{type} list"
    puts
    GenerateList.new(type + 's', @verbose).generate_popular_list(number_of_pages)
  end
  def full(type)
    puts "[+] Generating new full #{type} list"
    puts
    GenerateList.new(type + 's', @verbose).generate_full_list
  end
 end
--- a/lib/wpstools/plugins/list_generator/svn_parser.rb
+++ b/lib/wpstools/plugins/list_generator/svn_parser.rb
@@ -1,31 +0,0 @@
 # encoding: UTF-8
 # This Class Parses SVN Repositories via HTTP
 class SvnParser
  attr_accessor :verbose, :svn_root, :keep_empty_dirs
  def initialize(svn_root)
    @svn_root    = svn_root
  end
  def parse
    get_root_directories
  end
  #Private methods start here
  private
  # Gets all directories in the SVN root
  def get_root_directories
    dirs      = []
    rootindex = Browser.get(@svn_root).body
    rootindex.scan(%r{<li><a href=".+">(.+)/</a></li>}i).each do |dir|
      dirs << dir[0]
    end
    dirs.sort!
    dirs.uniq
  end
 end
--- a/lib/wpstools/wpstools_helper.rb
+++ b/lib/wpstools/wpstools_helper.rb
@@ -12,21 +12,6 @@ def usage
  puts
  puts 'Examples:'
  puts
  puts "- Generate a new 'most popular' plugin list, up to 150 pages ..."
  puts "ruby #{script_name} --generate-plugin-list 150"
  puts
  puts '- Generate a new full plugin list'
  puts "ruby #{script_name} --generate-full-plugin-list"
  puts
  puts "- Generate a new 'most popular' theme list, up to 150 pages ..."
  puts "ruby #{script_name} --generate-theme-list 150"
  puts
  puts '- Generate a new full theme list'
  puts "ruby #{script_name} --generate-full-theme-list"
  puts
  puts '- Generate all list'
  puts "ruby #{script_name} --generate-all"
  puts
  puts 'Locally scan a wordpress installation for vulnerable files or shells'
  puts "ruby #{script_name} --check-local-vulnerable-files /var/www/wordpress/"
  puts
--- a/spec/lib/wpstools/plugins/list_generator/generate_list_spec.rb
+++ b/spec/lib/wpstools/plugins/list_generator/generate_list_spec.rb
@@ -1,5 +0,0 @@
 # encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../../wpstools_helper')
 # TODO
--- a/spec/lib/wpstools/plugins/list_generator/svn_parser_spec.rb
+++ b/spec/lib/wpstools/plugins/list_generator/svn_parser_spec.rb
@@ -1,5 +0,0 @@
 # encoding: UTF-8
 require File.expand_path(File.dirname(__FILE__) + '/../../wpstools_helper')
 # TODO
--- a/spec/lib/wpstools/wpstools_helper.rb
+++ b/spec/lib/wpstools/wpstools_helper.rb
@@ -1,6 +1,4 @@
 # encoding: UTF-8
 require 'spec_helper'
 require WPSTOOLS_LIB_DIR + '/wpstools_helper'
--- a/wpstools.rb
+++ b/wpstools.rb
@@ -17,7 +17,6 @@ begin
  plugins = Plugins.new(option_parser)
  plugins.register(
    CheckerPlugin.new,
    ListGeneratorPlugin.new,
    StatsPlugin.new,
    CheckerSpelling.new
  )