metasploit-framework/modules/auxiliary/scanner/http/wordpress_scanner.rb

##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

require 'msf/core'

class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::HTTP::Wordpress
  include Msf::Auxiliary::Scanner
  include Msf::Auxiliary::Report

  def initialize
    super(
      'Name'        => 'Wordpress Scanner',
      'Description' => 'Detects Wordpress installations and their version number',
      'Author'      => [ 'Christian Mehlmauer' ],
      'License'     => MSF_LICENSE
    )
  end

  def run_host(target_host)
    print_status("Trying ip #{target_host}")
    if wordpress_and_online?
      version = wordpress_version
      version_string = version ? version : '(no version detected)'
      print_good("#{target_host} running Wordpress #{version_string}")
      report_note(
          {
              :host   => target_host,
              :proto  => 'tcp',
              :sname => (ssl ? 'https' : 'http'),
              :port   => rport,
              :type   => "Wordpress #{version_string}",
              :data   => target_uri
          })
    end
  end
end
added a wordpress scanner 2013-11-10 22:08:59 +00:00			`##`
Fix up comment splats with the correct URI See the complaint on #4039. This doesn't fix that particular issue (it's somewhat unrelated), but does solve around a file parsing problem reported by @void-in 2014-10-17 16:47:33 +00:00			`# This module requires Metasploit: http://metasploit.com/download`
added a wordpress scanner 2013-11-10 22:08:59 +00:00			`# Current source: https://github.com/rapid7/metasploit-framework`
			`##`

			`require 'msf/core'`

use MetasploitModule as a class name 2016-03-08 13:02:44 +00:00			`class MetasploitModule < Msf::Auxiliary`
Update moduels using Msf::HTTP::Wordpress 2015-10-15 16:47:13 +00:00			`include Msf::Exploit::Remote::HTTP::Wordpress`
added a wordpress scanner 2013-11-10 22:08:59 +00:00			`include Msf::Auxiliary::Scanner`
			`include Msf::Auxiliary::Report`

			`def initialize`
			`super(`
Change 4-space tabs to 2-space tabs 2013-11-12 17:29:28 +00:00			`'Name' => 'Wordpress Scanner',`
Fix caps in description 2013-11-18 22:15:50 +00:00			`'Description' => 'Detects Wordpress installations and their version number',`
Update @Meatballs and @FireFart in authors.rb 2014-04-09 15:46:10 +00:00			`'Author' => [ 'Christian Mehlmauer' ],`
Change 4-space tabs to 2-space tabs 2013-11-12 17:29:28 +00:00			`'License' => MSF_LICENSE`
added a wordpress scanner 2013-11-10 22:08:59 +00:00			`)`
			`end`

			`def run_host(target_host)`
			`print_status("Trying ip #{target_host}")`
			`if wordpress_and_online?`
			`version = wordpress_version`
			`version_string = version ? version : '(no version detected)'`
bugfix for wordpress_scanner 2013-11-10 23:24:32 +00:00			`print_good("#{target_host} running Wordpress #{version_string}")`
added a wordpress scanner 2013-11-10 22:08:59 +00:00			`report_note(`
			`{`
			`:host => target_host,`
			`:proto => 'tcp',`
			`:sname => (ssl ? 'https' : 'http'),`
			`:port => rport,`
			`:type => "Wordpress #{version_string}",`
			`:data => target_uri`
			`})`
			`end`
			`end`
			`end`