swisskyrepo
/
Wordpresscan
mirror of https://github.com/swisskyrepo/Wordpresscan.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Basic Python 3 Conversion

pull/36/head
Robert Putt 2020-10-15 10:41:43 +01:00
parent 7485ef1050
commit f532162745
11 changed files with 99 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
engine/brute.py
View File

@ -6,9 +6,9 @@ import json
import os import os
import urllib import urllib
from core import * from engine.core import *
from wordpress import * from engine.wordpress import *
from thread_engine import ThreadEngine from engine.thread_engine import ThreadEngine
class Brute_Engine: class Brute_Engine:
def __init__(self, wordpress, brute, usernames, users_list, passwords_list): def __init__(self, wordpress, brute, usernames, users_list, passwords_list):
@ -39,7 +39,7 @@ class Brute_Engine:
print(notice("Bruteforcing detected users: ")) print(notice("Bruteforcing detected users: "))
for user in wordpress.users: for user in wordpress.users:
print info("User found "+ user['slug']) print(info("User found "+ user['slug']))
self.bruteforcing_pass(wordpress, user['slug'], passwords_list) self.bruteforcing_pass(wordpress, user['slug'], passwords_list)

18
engine/core.py
View File

@ -62,14 +62,14 @@ description : download and update the database from wpscan website
warning : user-agents.txt and timthumbs.txt are zip files warning : user-agents.txt and timthumbs.txt are zip files
""" """
def database_update(): def database_update():
print "\033[93mUpdating database\033[92m - Last update: \033[0m" + database_last_date('database/local_vulnerable_files.xml') print("\033[93mUpdating database\033[92m - Last update: \033[0m" + database_last_date('database/local_vulnerable_files.xml'))
update_url = "https://data.wpscan.org/" update_url = "https://data.wpscan.org/"
update_files = [ 'local_vulnerable_files.xml', 'local_vulnerable_files.xsd', update_files = [ 'local_vulnerable_files.xml', 'local_vulnerable_files.xsd',
'timthumbs.txt', 'user-agents.txt', 'wp_versions.xml', 'wp_versions.xsd', 'timthumbs.txt', 'user-agents.txt', 'wp_versions.xml', 'wp_versions.xsd',
'wordpresses.json', 'plugins.json', 'themes.json'] 'wordpresses.json', 'plugins.json', 'themes.json']
for f in update_files: for f in update_files:
print "\t\033[93mDownloading \033[0m"+ f +" \033[92mFile updated !\033[0m" print("\t\033[93mDownloading \033[0m"+ f +" \033[92mFile updated !\033[0m")
download_raw_file(update_url+f, "database/"+f, True) download_raw_file(update_url+f, "database/"+f, True)
unzip_file("database/user-agents.txt") unzip_file("database/user-agents.txt")
@ -214,26 +214,26 @@ def display_vulnerable_component(name, version, file):
with open('database/' + file + '.json') as data_file: with open('database/' + file + '.json') as data_file:
data = json.load(data_file) data = json.load(data_file)
print warning("Name: %s - v%s" % (name, version)) print(warning("Name: %s - v%s" % (name, version)))
if name in data.keys(): if name in data.keys():
# Display the out of date info if the version is lower of the latest version # Display the out of date info if the version is lower of the latest version
if is_lower(version, data[name]['latest_version'], False): if is_lower(version, data[name]['latest_version'], False):
print info("The version is out of date, the latest version is %s" % data[name]['latest_version']) print(info("The version is out of date, the latest version is %s" % data[name]['latest_version']))
# Display the vulnerability if it's not patched version # Display the vulnerability if it's not patched version
for vuln in data[name]['vulnerabilities']: for vuln in data[name]['vulnerabilities']:
if 'fixed_in' in vuln.keys() and (vuln['fixed_in'] == None or is_lower(version, vuln['fixed_in'], True)): if 'fixed_in' in vuln.keys() and (vuln['fixed_in'] == None or is_lower(version, vuln['fixed_in'], True)):
# Main informations # Main informations
print "\t",vulnerable("%s : %s - ID:%s" % (vuln['vuln_type'], vuln['title'] , vuln['id']) ) print("\t",vulnerable("%s : %s - ID:%s" % (vuln['vuln_type'], vuln['title'] , vuln['id']) ))
print "\t",display("Fixed in %s"% vuln['fixed_in']) print("\t",display("Fixed in %s"% vuln['fixed_in']))
# Display references # Display references
print "\t",display("References:") print("\t",display("References:"))
for refkey in vuln['references'].keys(): for refkey in vuln['references'].keys():
for ref in vuln['references'][refkey]: for ref in vuln['references'][refkey]:
if refkey != 'url': if refkey != 'url':
print "\t\t - %s %s" % (refkey.capitalize(), ref) print("\t\t - %s %s" % (refkey.capitalize(), ref))
else: else:
print "\t\t - %s" %ref print("\t\t - %s" % ref)

14
engine/fuzz.py
View File

@ -5,8 +5,8 @@ import re
import json import json
from tornado import ioloop, httpclient from tornado import ioloop, httpclient
from core import * from engine.core import *
from wordpress import * from engine.wordpress import *
from lxml import etree from lxml import etree
from multiprocessing import Process, Pool from multiprocessing import Process, Pool
@ -22,7 +22,7 @@ class Fuzz_Engine:
description : fuzz every component used by the wordpress description : fuzz every component used by the wordpress
""" """
def fuzzing_component_aggressive(self, wordpress): def fuzzing_component_aggressive(self, wordpress):
print notice("Enumerating components from aggressive fuzzing ...") print(notice("Enumerating components from aggressive fuzzing ..."))
# Load json file # Load json file
with open('fuzz/wordpress.fuzz') as data_file: with open('fuzz/wordpress.fuzz') as data_file:
@ -45,7 +45,7 @@ class Fuzz_Engine:
description : fuzz every themes used by the wordpress description : fuzz every themes used by the wordpress
""" """
def fuzzing_themes_aggressive(self, wordpress): def fuzzing_themes_aggressive(self, wordpress):
print notice("Enumerating themes from aggressive fuzzing ...") print(notice("Enumerating themes from aggressive fuzzing ..."))
# Load json file # Load json file
with open('fuzz/wp_themes.fuzz') as data_file: with open('fuzz/wp_themes.fuzz') as data_file:
@ -68,7 +68,7 @@ class Fuzz_Engine:
description : fuzz every plugins used by the wordpress description : fuzz every plugins used by the wordpress
""" """
def fuzzing_plugins_aggressive(self, wordpress): def fuzzing_plugins_aggressive(self, wordpress):
print notice("Enumerating plugins from aggressive fuzzing ...") print(notice("Enumerating plugins from aggressive fuzzing ..."))
# Load json file # Load json file
with open('fuzz/wp_plugins.fuzz') as data_file: with open('fuzz/wp_plugins.fuzz') as data_file:
@ -106,9 +106,9 @@ def aggressive_request_themes(response):
def aggressive_request_component(response): def aggressive_request_component(response):
if (response.code) == 200: if (response.code) == 200:
if "reauth" in response.effective_url: if "reauth" in response.effective_url:
print "[i] Authentication Needed: " + response.effective_url+ " - found" print("[i] Authentication Needed: " + response.effective_url+ " - found")
else: else:
print "[i] File: " + response.effective_url+ " - found" print("[i] File: " + response.effective_url+ " - found")
global iter_aggressive global iter_aggressive
iter_aggressive-= 1 iter_aggressive-= 1

6
engine/load_plugins.py
View File

@ -6,7 +6,7 @@ import json
import os import os
import imp import imp
from wordpress import * from engine.wordpress import *
class Load_Plugins: class Load_Plugins:
plugin_folder = "./plugins" plugin_folder = "./plugins"
@ -14,7 +14,7 @@ class Load_Plugins:
def __init__(self, wordpress): def __init__(self, wordpress):
available_plugins = os.listdir(self.plugin_folder) available_plugins = os.listdir(self.plugin_folder)
for plugins in available_plugins: for plugins in available_plugins:
if not ".pyc" in plugins and not "__init__" in plugins: if not ".pyc" in plugins and not "__init__" in plugins and not "__pycache__" in plugins:
# Find and load the package # Find and load the package
name = plugins.replace('.py','') name = plugins.replace('.py','')
@ -26,5 +26,5 @@ class Load_Plugins:
loaded = imp.load_module('plugins.' + name, f, file, desc) loaded = imp.load_module('plugins.' + name, f, file, desc)
# Run the __init__ # Run the __init__
print notice('Plugin %s loaded.' % loaded.name) print(notice('Plugin %s loaded.' % loaded.name))
loaded.__init__(wordpress) loaded.__init__(wordpress)

32
engine/scan.py
View File

@ -5,8 +5,8 @@ import re
import json import json
from tornado import ioloop, httpclient from tornado import ioloop, httpclient
from core import * from engine.core import *
from wordpress import * from engine.wordpress import *
from lxml import etree from lxml import etree
from multiprocessing import Process, Pool from multiprocessing import Process, Pool
@ -30,7 +30,7 @@ class Scan_Engine:
match = regex.findall(wordpress.index.text) match = regex.findall(wordpress.index.text)
if match != []: if match != []:
wordpress.version = match[0] wordpress.version = match[0]
print critical("WordPress version %s identified from advanced fingerprinting" % wordpress.version) print(critical("WordPress version %s identified from advanced fingerprinting" % wordpress.version))
return True return True
return False return False
@ -45,7 +45,7 @@ class Scan_Engine:
match = regex.findall(r) match = regex.findall(r)
if match != []: if match != []:
wordpress.version = match[0] wordpress.version = match[0]
print critical("WordPress version %s identified from advanced fingerprinting" % wordpress.version) print(critical("WordPress version %s identified from advanced fingerprinting" % wordpress.version))
return True return True
return False return False
@ -79,7 +79,7 @@ class Scan_Engine:
# Detect the version # Detect the version
if ddl_hash == root[i][j].get('md5'): if ddl_hash == root[i][j].get('md5'):
wordpress.version = root[i][j][0].text wordpress.version = root[i][j][0].text
print critical("WordPress version %s identified from advanced fingerprinting" % wordpress.version) print(critical("WordPress version %s identified from advanced fingerprinting" % wordpress.version))
return return
@ -110,7 +110,7 @@ class Scan_Engine:
# This version doesn't exist # This version doesn't exist
if wordpress.version not in data: if wordpress.version not in data:
print warning("The version %s isn't in the database - Please try the option --update" % (wordpress.version)) print(warning("The version %s isn't in the database - Please try the option --update" % (wordpress.version)))
return return
if data[wordpress.version]["vulnerabilities"] == []: if data[wordpress.version]["vulnerabilities"] == []:
@ -124,20 +124,20 @@ class Scan_Engine:
for vuln in data[version]["vulnerabilities"]: for vuln in data[version]["vulnerabilities"]:
# Basic infos # Basic infos
print warning("\t%s : %s - ID:%s" % (vuln['vuln_type'], vuln['title'] , vuln['id']) ) print(warning("\t%s : %s - ID:%s" % (vuln['vuln_type'], vuln['title'] , vuln['id'])))
print info("\tFixed in %s"% vuln['fixed_in']) print(info("\tFixed in %s"% vuln['fixed_in']))
# Display references # Display references
print info("\tReferences:") print(info("\tReferences:"))
for refkey in vuln['references'].keys(): for refkey in vuln['references'].keys():
for ref in vuln['references'][refkey]: for ref in vuln['references'][refkey]:
if refkey != 'url': if refkey != 'url':
print "\t\t - %s %s" % (refkey.capitalize(), ref) print("\t\t - %s %s" % (refkey.capitalize(), ref))
else: else:
print "\t\t - %s" %ref print("\t\t - %s" % ref)
print "" print("")
""" """
@ -145,7 +145,7 @@ class Scan_Engine:
description : enumerate every theme used by the wordpress description : enumerate every theme used by the wordpress
""" """
def enumerating_themes_passive(self, wordpress): def enumerating_themes_passive(self, wordpress):
print notice("Enumerating themes from passive detection ...") print(notice("Enumerating themes from passive detection ..."))
# Theme name (css file) # Theme name (css file)
regex = re.compile('wp-content/themes/(.*?)/.*?[css|js].*?ver=([0-9\.]*)') regex = re.compile('wp-content/themes/(.*?)/.*?[css|js].*?ver=([0-9\.]*)')
@ -173,7 +173,7 @@ class Scan_Engine:
description : enumerate every plugins used by the wordpress description : enumerate every plugins used by the wordpress
""" """
def enumerating_plugins_passive(self, wordpress): def enumerating_plugins_passive(self, wordpress):
print notice("Enumerating plugins from passive detection ...") print(notice("Enumerating plugins from passive detection ..."))
# Plugin name (js file) # Plugin name (js file)
regex = re.compile('wp-content/plugins/(.*?)/.*?[css|js].*?ver=([0-9\.]*)') regex = re.compile('wp-content/plugins/(.*?)/.*?[css|js].*?ver=([0-9\.]*)')
@ -201,7 +201,7 @@ class Scan_Engine:
description : enumerate every themes used by the wordpress description : enumerate every themes used by the wordpress
""" """
def enumerating_themes_aggressive(self, wordpress): def enumerating_themes_aggressive(self, wordpress):
print notice("Enumerating themes from aggressive detection ...") print(notice("Enumerating themes from aggressive detection ..."))
# Load json file # Load json file
with open('database/themes.json') as data_file: with open('database/themes.json') as data_file:
@ -222,7 +222,7 @@ class Scan_Engine:
description : enumerate every plugins used by the wordpress description : enumerate every plugins used by the wordpress
""" """
def enumerating_plugins_aggressive(self, wordpress): def enumerating_plugins_aggressive(self, wordpress):
print notice("Enumerating plugins from aggressive detection ...") print(notice("Enumerating plugins from aggressive detection ..."))
# Load json file # Load json file
with open('database/plugins.json') as data_file: with open('database/plugins.json') as data_file:

6
engine/thread_engine.py
View File

@ -2,17 +2,17 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
from threading import Thread from threading import Thread
# from time import sleep # from time import sleep
from core import critical, info from engine.core import critical, info
class ThreadEngine(object): class ThreadEngine(object):
def __init__(self, max_threads): def __init__(self, max_threads):
if max_threads < 1: if max_threads < 1:
print critical('Threads number must be > 0') print(critical('Threads number must be > 0'))
exit() exit()
self.max_threads = max_threads self.max_threads = max_threads
self.threads = [] self.threads = []
print info('Start %d threads ...' % self.max_threads) print(info('Start %d threads ...' % self.max_threads))
def new_task(self, task, args): def new_task(self, task, args):
""" Try to launch the new task, """ Try to launch the new task,

61
engine/wordpress.py
View File

@ -4,7 +4,7 @@ import requests
import re import re
import json import json
from random import randint from random import randint
from core import * from engine.core import *
class Wordpress: class Wordpress:
url = "http://wp-example.com" url = "http://wp-example.com"
@ -17,7 +17,7 @@ class Wordpress:
files = set() files = set()
def __init__(self, url, user_agent, nocheck, max_threads): def __init__(self, url, user_agent, nocheck, max_threads):
print info("URL: %s" % url) print(info("URL: %s" % url))
self.url = url self.url = url
self.agent = user_agent self.agent = user_agent
self.max_threads = int(max_threads) self.max_threads = int(max_threads)
@ -71,7 +71,7 @@ class Wordpress:
self.index = requests.get(self.url, headers={"User-Agent":self.agent}, verify=False) self.index = requests.get(self.url, headers={"User-Agent":self.agent}, verify=False)
if nocheck == False: if nocheck == False:
if not "wp-" in self.index.text: if not "wp-" in self.index.text:
print critical("Not a WordPress !") print(critical("Not a WordPress !"))
exit() exit()
""" """
@ -81,28 +81,23 @@ class Wordpress:
def is_up_and_installed(self): def is_up_and_installed(self):
try: try:
r = requests.get(self.url, allow_redirects=False, headers={"User-Agent":self.agent} , verify=False) r = requests.get(self.url, allow_redirects=False, headers={"User-Agent":self.agent} , verify=False)
if 'location' in r.headers: if 'location' in r.headers:
# Install is not complete # Install is not complete
if "wp-admin/install.php" in r.headers['location']: if "wp-admin/install.php" in r.headers['location']:
print critical("The Website is not fully configured and currently in install mode. Call it to create a new admin user.") print(critical("The Website is not fully configured and currently in install mode. Call it to create a new admin user."))
exit() exit()
# Redirect # Redirect
print notice("The remote host tried to redirect to: %s" % r.headers['location']) print(notice("The remote host tried to redirect to: %s" % r.headers['location']))
user_input = str(raw_input("[?] Do you want to follow the redirection ? [Y]es [N]o, ")) user_input = str(raw_input("[?] Do you want to follow the redirection ? [Y]es [N]o, "))
if user_input.lower() == "y": if user_input.lower() == "y":
self.url = r.headers['location'] self.url = r.headers['location']
else: else:
print critical("Redirection not followed - End of the scan !") print(critical("Redirection not followed - End of the scan !"))
exit() exit()
except Exception as e: except Exception as e:
print e print(e)
print critical("Website down!") print(critical("Website down!"))
exit() exit()
@ -123,7 +118,7 @@ class Wordpress:
if len(matches) > 0 and matches[0] != None and matches[0] != "": if len(matches) > 0 and matches[0] != None and matches[0] != "":
self.version = matches[0] self.version = matches[0]
print critical("The Wordpress '%s' file exposing a version number: %s" % (self.url+'readme.html', matches[0])) print(critical("The Wordpress '%s' file exposing a version number: %s" % (self.url+'readme.html', matches[0])))
""" """
name : is_debug_log() name : is_debug_log()
@ -133,7 +128,7 @@ class Wordpress:
r = requests.get(self.url + 'debug.log', headers={"User-Agent":self.agent}, verify=False) r = requests.get(self.url + 'debug.log', headers={"User-Agent":self.agent}, verify=False)
if "200" in str(r) and not "404" in r.text : if "200" in str(r) and not "404" in r.text :
self.files.add('debug.log') self.files.add('debug.log')
print critical( "Debug log file found: %s" % (self.url + 'debug.log') ) print(critical( "Debug log file found: %s" % (self.url + 'debug.log')))
""" """
@ -176,7 +171,7 @@ class Wordpress:
r = requests.get(self.url + b, headers={"User-Agent":self.agent}, verify=False) r = requests.get(self.url + b, headers={"User-Agent":self.agent}, verify=False)
if "200" in str(r) and not "404" in r.text : if "200" in str(r) and not "404" in r.text :
self.files.add(b) self.files.add(b)
print critical("A wp-config.php backup file has been found in: %s" % (self.url + b) ) print(critical("A wp-config.php backup file has been found in: %s" % (self.url + b)))
""" """
@ -187,7 +182,7 @@ class Wordpress:
r = requests.get(self.url + "xmlrpc.php", headers={"User-Agent":self.agent}, verify=False) r = requests.get(self.url + "xmlrpc.php", headers={"User-Agent":self.agent}, verify=False)
if r.status_code == 405 : if r.status_code == 405 :
self.files.add("xmlrpc.php") self.files.add("xmlrpc.php")
print info("XML-RPC Interface available under: %s " % (self.url+"xmlrpc.php") ) print(info("XML-RPC Interface available under: %s " % (self.url+"xmlrpc.php")))
""" """
@ -202,7 +197,7 @@ class Wordpress:
r = requests.get(self.url + directory, headers={"User-Agent":self.agent}, verify=False) r = requests.get(self.url + directory, headers={"User-Agent":self.agent}, verify=False)
if "Index of" in r.text: if "Index of" in r.text:
self.files.add(directory) self.files.add(directory)
print warning("%s directory has directory listing enabled : %s" % (name, self.url + directory)) print(warning("%s directory has directory listing enabled : %s" % (name, self.url + directory)))
""" """
@ -213,11 +208,11 @@ class Wordpress:
r = requests.get(self.url + "robots.txt", headers={"User-Agent":self.agent}, verify=False) r = requests.get(self.url + "robots.txt", headers={"User-Agent":self.agent}, verify=False)
if "200" in str(r) and not "404" in r.text : if "200" in str(r) and not "404" in r.text :
self.files.add("robots.txt") self.files.add("robots.txt")
print info("robots.txt available under: %s " % (self.url+"robots.txt") ) print(info("robots.txt available under: %s " % (self.url+"robots.txt")))
lines = r.text.split('\n') lines = r.text.split('\n')
for l in lines: for l in lines:
if "Disallow:" in l: if "Disallow:" in l:
print info("\tInteresting entry from robots.txt: %s" % (l)) print(info("\tInteresting entry from robots.txt: %s" % (l)))
""" """
name : is_common_file() name : is_common_file()
@ -229,7 +224,7 @@ class Wordpress:
r = requests.get(self.url + f, headers={"User-Agent":self.agent}, verify=False) r = requests.get(self.url + f, headers={"User-Agent":self.agent}, verify=False)
if "200" in str(r) and not "404" in r.text : if "200" in str(r) and not "404" in r.text :
self.files.add(f) self.files.add(f)
print info("%s available under: %s " % (f, self.url+f) ) print(info("%s available under: %s " % (f, self.url+f)))
""" """
name : full_path_disclosure() name : full_path_disclosure()
@ -241,7 +236,7 @@ class Wordpress:
matches = regex.findall(r) matches = regex.findall(r)
if matches != []: if matches != []:
print warning("Full Path Disclosure (FPD) in %s exposing %s" % (self.url + "wp-includes/rss-functions.php", matches[0].replace('\n','')) ) print(warning("Full Path Disclosure (FPD) in %s exposing %s" % (self.url + "wp-includes/rss-functions.php", matches[0].replace('\n',''))))
""" """
@ -252,10 +247,10 @@ class Wordpress:
r = requests.get(self.url + "wp-json/wp/v2/users", headers={"User-Agent":self.agent} , verify=False) r = requests.get(self.url + "wp-json/wp/v2/users", headers={"User-Agent":self.agent} , verify=False)
if "200" in str(r): if "200" in str(r):
print notice("Enumerating Wordpress users") print(notice("Enumerating Wordpress users"))
users = json.loads(r.text) users = json.loads(r.text)
for user in users: for user in users:
print info("\tIdentified the following user : %s, %s, %s" % (user['id'], user['name'], user['slug']) ) print(info("\tIdentified the following user : %s, %s, %s" % (user['id'], user['name'], user['slug'])))
self.users = users self.users = users
@ -264,12 +259,12 @@ class Wordpress:
description : display a debug view of the object description : display a debug view of the object
""" """
def to_string(self): def to_string(self):
print "--------WORDPRESS----------" print("--------WORDPRESS----------")
print "URL : %s" % self.url print("URL : %s" % self.url)
print "Version : %s" % self.version print("Version : %s" % self.version)
print "Plugins : %s" % self.plugins print("Plugins : %s" % self.plugins)
print "Themes : %s" % self.themes print("Themes : %s" % self.themes)
print "Agent : %s" % self.agent print("Agent : %s" % self.agent)
print "Users : %s" % self.users print("Users : %s" % self.users)
print "Files : %s" % self.files print("Files : %s" % self.files)
print "---------------------------" print("---------------------------")

2
plugins/_thank-you.py
View File

@ -11,5 +11,5 @@ name = "Thank You"
def __init__(wordpress): def __init__(wordpress):
# INSERT CODE HERE! # INSERT CODE HERE!
print "Thank you for using this software :)" print("Thank you for using this software :)")
return return

4
plugins/git-files.py
View File

@ -14,5 +14,5 @@ def __init__(wordpress):
r = requests.get(wordpress.url + payload, headers={"User-Agent":wordpress.agent}, verify=False) r = requests.get(wordpress.url + payload, headers={"User-Agent":wordpress.agent}, verify=False)
if "200" in str(r): if "200" in str(r):
print "[+] Wordpress configuration found from GIT !" print("[+] Wordpress configuration found from GIT !")
print "[!] {}".format(wordpress.url + payload) print("[!] {}".format(wordpress.url + payload))

4
plugins/svn-files.py
View File

@ -14,5 +14,5 @@ def __init__(wordpress):
r = requests.get(wordpress.url + payload, headers={"User-Agent":wordpress.agent}, verify=False) r = requests.get(wordpress.url + payload, headers={"User-Agent":wordpress.agent}, verify=False)
if "200" in str(r): if "200" in str(r):
print "[+] Wordpress configuration found from SVN !" print("[+] Wordpress configuration found from SVN !")
print "[!] {}".format(wordpress.url + payload) print("[!] {}".format(wordpress.url + payload))

22
wordpresscan.py
View File

@ -12,17 +12,17 @@ from engine.brute import *
if __name__ == "__main__": if __name__ == "__main__":
print "_______________________________________________________________ " print("_______________________________________________________________ ")
print " _ _ _ " print(" _ _ _ ")
print "| | | | | | " print("| | | | | | ")
print "| | | | ___ _ __ __| |_ __ _ __ ___ ___ ___ ___ __ _ _ __ " print("| | | | ___ _ __ __| |_ __ _ __ ___ ___ ___ ___ __ _ _ __ ")
print "| |/\| |/ _ \| '__/ _` | '_ \| '__/ _ \/ __/ __|/ __/ _` | '_ \ " print("| |/\| |/ _ \| '__/ _` | '_ \| '__/ _ \/ __/ __|/ __/ _` | '_ \ ")
print "\ /\ / (_) | | | (_| | |_) | | | __/\__ \__ \ (_| (_| | | | |" print("\ /\ / (_) | | | (_| | |_) | | | __/\__ \__ \ (_| (_| | | | |")
print " \/ \/ \___/|_| \__,_| .__/|_| \___||___/___/\___\__,_|_| |_|" print(" \/ \/ \___/|_| \__,_| .__/|_| \___||___/___/\___\__,_|_| |_|")
print " | | " print(" | | ")
print " |_| " print(" |_| ")
print " WordPress scanner based on wpscan work - @pentest_swissky " print(" WordPress scanner based on wpscan work - @pentest_swissky ")
print "_______________________________________________________________ " print("_______________________________________________________________ ")
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser()
parser.add_argument('-u', action ='store', dest='url', help="Wordpress URL") parser.add_argument('-u', action ='store', dest='url', help="Wordpress URL")