Bugfix Plugin version + is running a WP instance

pull/4/head
Swissky 2017-02-26 19:48:59 +01:00
parent fb3e843a18
commit 71ffb2ddd9
2 changed files with 14 additions and 4 deletions

View File

@ -140,7 +140,7 @@ class Scan_Engine:
r = requests.get(wordpress.url).text r = requests.get(wordpress.url).text
# Theme name (css file) # Theme name (css file)
regex = re.compile('wp-content/themes/(.*?)/.*?[css|js].*?ver=([0-9\.]*)') #.replace('min','') regex = re.compile('wp-content/themes/(.*?)/.*?[css|js].*?ver=([0-9\.]*)')
match = regex.findall(r) match = regex.findall(r)
theme = {} theme = {}
@ -167,7 +167,7 @@ class Scan_Engine:
r = requests.get(wordpress.url).text r = requests.get(wordpress.url).text
# Plugin name (js file) # Plugin name (js file)
regex = re.compile('wp-content/plugins/(.*?)/.*?[css|js].*?ver=([0-9\.]*)') #.replace('min','') regex = re.compile('wp-content/plugins/(.*?)/.*?[css|js].*?ver=([0-9\.]*)')
match = regex.findall(r) match = regex.findall(r)
plugin = {} plugin = {}
@ -180,6 +180,6 @@ class Scan_Engine:
plugin_name = plugin_name.replace('.min','') plugin_name = plugin_name.replace('.min','')
plugin_version = m[1] plugin_version = m[1]
if plugin_name not in plugin.keys(): if plugin_name not in plugin.keys() and m[1]!='1':
plugin[plugin_name] = m[1] plugin[plugin_name] = m[1]
self.display_vulnerable_component(plugin_name, plugin_version, "plugins") self.display_vulnerable_component(plugin_name, plugin_version, "plugins")

View File

@ -17,6 +17,7 @@ class Wordpress:
self.url = url self.url = url
self.clean_url() self.clean_url()
self.is_up_and_installed() self.is_up_and_installed()
self.is_wordpress()
self.is_readme() self.is_readme()
self.is_debug_log() self.is_debug_log()
self.is_backup_file() self.is_backup_file()
@ -35,6 +36,15 @@ class Wordpress:
if self.url[-1] != '/': if self.url[-1] != '/':
self.url = self.url + '/' self.url = self.url + '/'
"""
name : is_wordpress()
description : detect a WordPress instance
"""
def is_wordpress(self):
r = requests.get(self.url).text
if not "wp_" in r:
print critical("Not a WordPress !")
exit()
""" """
name : is_up_and_installed() name : is_up_and_installed()
@ -53,7 +63,7 @@ class Wordpress:
# Redirect # Redirect
print notice("The remote host tried to redirect to: %s" % r.headers['location']) print notice("The remote host tried to redirect to: %s" % r.headers['location'])
user_input = str(raw_input("[?] Do you want follow the redirection ? [Y]es [N]o, ")) user_input = str(raw_input("[?] Do you want to follow the redirection ? [Y]es [N]o, "))
if user_input == "Y": if user_input == "Y":
self.url = r.headers['location'] self.url = r.headers['location']