Merge pull request #295 from Kiblyn11/wordpress-workflow-wp-config

wp-config misconfig and wordpress workflow

security-misconfiguration/wordpress-accessible-wpconfig.yaml

@@ -0,0 +1,20 @@
+id: wordpress-accessible-wpconfig
+info:
+  name: WordPress accessible wp-config
+  author: Kiblyn11 & zomsop82
+  severity: high
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-config.php'
+      - '{{BaseURL}}/wp-config-sample.php'
+      - '{{BaseURL}}/wp-config.php.txt'
+      - '{{BaseURL}}/wp-config.php.bak'
+      - '{{BaseURL}}/wp-config.php.old'
+      - '{{BaseURL}}/wp-config-backup.txt'
+      - '{{BaseURL}}/wp-license.php?file=../..//wp-config'
+    matchers:
+      - type: word
+        words:
+          - DB_NAME
+        part: body

workflows/wordpress-workflow.yaml

@@ -0,0 +1,22 @@
+id: wordpress-workflow
+info:
+  name: Wordpress workflow
+  author: Kiblyn11 & zomsop82
+variables:
+  wordpress_tech: technologies/tech-detect.yaml
+  wordpress_dir_listing: files/wordpress-directory-listing.yaml
+  wordpress_user_enum: files/wordpress-user-enumeration.yaml
+  wordpress_wpconfig: security-misconfiguration/wordpress-accessible-wpconfig.yaml
+  wordpress_duplicator_path_traversal: vulnerabilities/wordpress-duplicator-path-traversal.yaml
+  wordpress_wordfence_xss: vulnerabilities/wordpress-wordfence-xss.yaml
+logic: |
+  wordpress_tech()
+
+  if wordpress_tech["wordpress"] {
+
+    wordpress_dir_listing()
+    wordpress_user_enum()
+    wordpress_wpconfig()
+    wordpress_duplicator_path_traversal()
+    wordpress_wordfence_xss()
+  }