Bugfix Plugin version + is running a WP instance

engine/scan.py

@@ -140,7 +140,7 @@ class Scan_Engine:
 		r = requests.get(wordpress.url).text
 	
 		# Theme name (css file)
-		regex = re.compile('wp-content/themes/(.*?)/.*?[css|js].*?ver=([0-9\.]*)') #.replace('min','')
+		regex = re.compile('wp-content/themes/(.*?)/.*?[css|js].*?ver=([0-9\.]*)')
 		match = regex.findall(r)
 		theme = {}
 
@@ -167,7 +167,7 @@ class Scan_Engine:
 		r = requests.get(wordpress.url).text
 
 		# Plugin name (js file)
-		regex = re.compile('wp-content/plugins/(.*?)/.*?[css|js].*?ver=([0-9\.]*)') #.replace('min','')
+		regex = re.compile('wp-content/plugins/(.*?)/.*?[css|js].*?ver=([0-9\.]*)') 
 		match = regex.findall(r)
 		plugin = {}
 
@@ -180,6 +180,6 @@ class Scan_Engine:
 			plugin_name = plugin_name.replace('.min','')
 			plugin_version = m[1]
 
-			if plugin_name not in plugin.keys():
+			if plugin_name not in plugin.keys() and m[1]!='1':
 				plugin[plugin_name] = m[1]
 				self.display_vulnerable_component(plugin_name, plugin_version, "plugins")

engine/wordpress.py

@@ -17,6 +17,7 @@ class Wordpress:
 		self.url = url
 		self.clean_url()
 		self.is_up_and_installed()
+		self.is_wordpress()
 		self.is_readme()
 		self.is_debug_log()
 		self.is_backup_file()
@@ -35,6 +36,15 @@ class Wordpress:
 		if self.url[-1] != '/':
 			self.url = self.url + '/'
 
+	"""
+	name        : is_wordpress()
+	description : detect a WordPress instance
+	"""  
+	def is_wordpress(self):
+		r = requests.get(self.url).text
+		if not "wp_" in r:
+			print critical("Not a WordPress !")
+			exit()
 
 	"""
 	name        : is_up_and_installed()
@@ -53,7 +63,7 @@ class Wordpress:
 
 		  		# Redirect
 	  			print notice("The remote host tried to redirect to: %s" % r.headers['location'])
-	  			user_input = str(raw_input("[?] Do you want follow the redirection ? [Y]es [N]o, "))
+	  			user_input = str(raw_input("[?] Do you want to follow the redirection ? [Y]es [N]o, "))
 
 	  			if user_input == "Y":
 	  				self.url = r.headers['location']