def reduce_uri(self, uri, default_port=True):
"""Accept authority or URI and extract only the authority and path."""
# note HTTP URLs do not have a userinfo component
parts = urllib2.urlparse.urlsplit(uri)
if parts[1]:
# URI
scheme = parts[0]
authority = parts[1]
path = parts[2] or '/'
else:
# host or host:port
scheme = None
authority = uri
path = '/'
host, port = urllib2.splitport(authority)
if default_port and port is None and scheme is not None:
dport = {"http": 80,
"https": 443,
}.get(scheme)
if dport is not None:
authority = "%s:%d" % (host, dport)
return authority, path
def __init__(self, Url, ApiVersion, Args={}):
self.ApiVersion = ApiVersion
self.Url = Url
spliturl = urlparse.urlparse(Url)
callType = spliturl[0]
if callType not in ['http', 'https']:
raise DbsConfigurationError(args="HttpError, BAD URL: %s" %Url, code="200")
hostport=urllib2.splitport(spliturl[1])
self.Host=hostport[0]
self.Port=hostport[1]
self.ipList = [self.Host]
try :
self.ipList = socket.gethostbyname_ex(self.Host)[2]
except:
raise DbsConnectionError(args="Could not locate the host " + self.Host, code=400)
if self.Port in [None, ""]:
self.Port = "80"
self.Servlet=spliturl[2]
if self.Servlet in ['None', '']:
raise DbsConfigurationError(args="HttpError, BAD URL: %s Missing Servlet Path" %Url, code="200")
if callType == 'https':
##Make a secure connection
self.Secure = True
else:
self.Secure = False
self.UserID = Args['userID']
self.retry_att = 0
if Args.has_key('retry'):
self.retry = Args['retry']
else:
self.retry = None
def download_file(self, url):
injectd_url = self.extract_url(urllib2.unquote(url))
try:
req = urllib2.Request(injectd_url)
# Set User-Agent to look more credible
req.add_unredirected_header('User-Agent', '-')
# FIXME: We need a timeout on read here
injected_file = urllib2.urlopen(req, timeout=4).read()
# If the file is hosted on a SSL enabled host get the certificate
if re.match('^https', injectd_url, re.IGNORECASE):
proto, rest = urllib2.splittype(injectd_url)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port is None:
port = 443
cert_file = ssl.get_server_certificate((host, int(port)))
cert_name = self.store_file(cert_file)
except IOError as e:
logger.exception(
"Failed to fetch injected file, I/O error: {0}".format(e))
# TODO: We want to handle the case where we can't download
# the injected file but pretend to be vulnerable.
file_name = None
else:
file_name, file_sha256 = self.store_file(injected_file)
return file_name, file_sha256
def download_file(self, url):
injectd_url = self.extract_url(urllib2.unquote(url))
try:
req = urllib2.Request(injectd_url)
# Set User-Agent to look more credible
req.add_unredirected_header('User-Agent', '-')
# FIXME: We need a timeout on read here
injected_file = urllib2.urlopen(req, timeout=4).read()
# If the file is hosted on a SSL enabled host get the certificate
if re.match('^https', injectd_url, re.IGNORECASE):
proto, rest = urllib2.splittype(injectd_url)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port is None:
port = 443
cert_file = ssl.get_server_certificate((host, int(port)))
cert_name = self.store_file(cert_file)
except IOError as e:
logger.exception("Failed to fetch injected file, I/O error: {0}".format(e))
# TODO: We want to handle the case where we can't download
# the injected file but pretend to be vulnerable.
file_name = None
else:
file_name, file_sha256 = self.store_file(injected_file)
return file_name, file_sha256
def get_proxy_info(proxystr=""):
"""
Get proxy config from string or environment variables.
If a proxy string is passed in, it overrides whatever might be in the
environment variables.
Returns dictionary of identified proxy information, or None if proxystr was
empty and no config was found fmor os.environ
Raises InvalidConfiguration on any configuration error.
"""
if proxystr == "":
# FIXME: We should be supporting http_proxy, HTTP_PROXY variables.
proxy_info = {
'host' : os.environ.get('PROXY_HOST', None),
'port' : _convert_port_value(os.environ.get('PROXY_PORT', None)),
'user' : os.environ.get('PROXY_USER', None),
'pass' : os.environ.get('PROXY_PASS', None)
}
if proxy_info.get("host") is None:
return None
else:
parts = urlparse.urlparse(proxystr)
if parts.netloc == "":
proxystr = "http://{0}".format(proxystr)
parts = urlparse.urlparse(proxystr)
_, hostport = urllib2.splituser(parts.netloc)
host, _ = urllib2.splitport(hostport)
host = urlparse.urlunparse((parts.scheme, host, "", "", "", ""))
proxy_info = {
'host' : host,
'port' : _convert_port_value(parts.port),
'user' : parts.username,
'pass' : parts.password,
}
# If a user was specified, but no password was, prompt for it now.
user = proxy_info.get('user', None)
if user is not None and len(user) > 0:
passwd = proxy_info.get('pass', None)
if passwd is None or len(passwd) < 1:
import getpass
proxy_info['pass'] = getpass.getpass()
if proxy_info["host"] is None or len(proxy_info["host"]) < 1:
error_msg = ("Invalid proxy configuration '{0}': "
"proxy string should be of the form "
"'http://host:port' or 'http://host'".format(proxystr))
raise InvalidConfiguration(error_msg)
return proxy_info
def parse_url(url):
# Determine the protocol, host, port, and path from the URL argument.
if '//' not in url:
url = '//' + url
scheme, netloc, path, query, fragment = urlparse.urlsplit(url)
host, port = urllib2.splitport(netloc)
port = int(port or (scheme == 'http' and 80 or 443)) # default to https
secure = (port == 443)
host = host or 'localhost'
path = path or '/remote_api'
return secure, host, port, path
def parse_url(url):
# Determine the protocol, host, port, and path from the URL argument.
if "//" not in url:
url = "//" + url
scheme, netloc, path, query, _ = urlparse.urlsplit(url)
host, port = urllib2.splitport(netloc)
port = int(port or (scheme == "http" and 80 or 443)) # default to https
secure = port == 443
host = host or "localhost"
path = path or "/_ah/remote_api"
return secure, host, port, path
def parse_url(url):
# Determine the protocol, host, port, and path from the URL argument.
if '//' not in url:
url = '//' + url
scheme, netloc, path, query, fragment = urlparse.urlsplit(url)
host, port = urllib2.splitport(netloc)
port = int(port or (scheme == 'http' and 80 or 443)) # default to https
secure = (port == 443)
host = host or 'localhost'
path = path or '/remote_api'
return secure, host, port, path
def __init__(self, url):
self.url = url
self.schema, url = urllib2.splittype(url)
host, path = urllib2.splithost(url)
userpass, host = urllib2.splituser(host)
if userpass:
self.user, self.password = urllib2.splitpasswd(userpass)
path, self.querystring = urllib.splitquery(path)
self.query = self.querystring and self.querystring.split('&') or []
#urllib.splitquery(url)
self.host, self.port = urllib2.splitport(host)
path, self.tag = urllib2.splittag(path)
self.path = path.strip('/')
def getHtmlByUrl(url):
global domains
try:
u = urllib2.urlopen(url, timeout=10.0)
content = u.read()
if content != "":
try:
proto, rest = urllib2.splittype(url)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
domains[host] = int(port)
except:
pass
return content
except:
pass
def getHtmlByUrl(url):
global domains
try:
u = urllib2.urlopen(url,timeout = 10.0)
content = u.read()
if content !="":
try:
proto, rest = urllib2.splittype(url)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
domains[host] = int(port)
except:
pass
return content
except:
pass
def get_proxy_info(proxystr=None):
"""
Get proxy config from string or environment variables.
If a proxy string is passed in, it overrides whatever might be in the
environment variables.
Returns dictionary of identified proxy information.
Raises ValueError on any configuration error.
"""
default_port = 80
# Only check for env variables if no explicit proxy string was provided.
if proxystr is None or len(proxystr) < 1:
# FIXME: We should be supporting http_proxy, HTTP_PROXY variables.
proxy_info = {
'host' : os.environ.get('PROXY_HOST', None),
'port' : os.environ.get('PROXY_PORT', default_port),
'user' : os.environ.get('PROXY_USER', None),
'pass' : os.environ.get('PROXY_PASS', None)
}
# Parse the passed proxy string
else:
# XXX Using proxy parsing function from urllib2 to parse proxystr
_, user, passwd, host_port = urllib2._parse_proxy(proxystr)
host, port = urllib2.splitport(host_port)
proxy_info = {
'host' : host,
'port' : port or default_port,
'user' : user,
'pass' : passwd,
}
# If a user was specified, but no password was, prompt for it now.
user = proxy_info.get('user', None)
if user is not None and len(user) > 0:
passwd = proxy_info.get('pass', None)
if passwd is None or len(passwd) < 1:
import getpass
proxy_info['pass'] = getpass.getpass()
return proxy_info
def get_domain(self):
info = self.driver.find_elements(By.XPATH, self.search_key)
for i in info:
link = i.text.split('/')[0]
try:
host, port = urllib2.splitport(link)
if port is None:
port = 80
if host not in domains:
if self.key == 'ip':
if check_ip_bind(host, self.value):
domains[host] = port
elif self.key == 'domain':
host = check_host_complete(host, self.value)
domains[host] = port
except:
pass
def set_proxy (self):
"""Set proxy information.
Initiate ftp connection to proxy server with login@host as username.
"""
if not self.proxy.host:
return
if self.auth.login:
self.auth.login = self.auth.login + '@' + self.host + ':' + \
str (self.port)
else:
self.auth.login = '******' + self.host + ':' + str (self.port)
proxytuple = urllib2.splitport (self.proxy.host)
[self.host, self.port] = (proxytuple[0], int (proxytuple[1] or 21))
def get_domain(self):
info = self.driver.find_elements(By.XPATH, self.search_key)
for i in info:
link = i.get_attribute('href')
if link is None:
continue
try:
proto, rest = urllib2.splittype(link)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port is None:
port = 80
if host not in domains:
if check_ip_bind(host, self.value):
domains[host] = port
except:
pass
def lsdns(basedomain=None):
"""
Get the required DNS settings.
"""
from urllib2 import splitport
from inyoka.core.api import ctx
_old = ctx.cfg['base_domain_name']
if basedomain is not None:
ctx.cfg['base_domain_name'] = basedomain
print u' '.join(((sub +'.' if sub else sub) +
splitport(ctx.dispatcher.get_url_adapter().server_name)[0])
for sub in sorted(set(rule.subdomain
for rule in ctx.dispatcher.url_map.iter_rules()))
)
ctx.cfg['base_domain_name'] = _old
def getDomains(info):
global domains
if info != "":
match = re.search(r'<ol[^>]*id="b_results">([\s\S]*?)</ol>', info)
if match:
info = match.group(1)
match = re.findall('<a[^>]*href="([^"]*)"[^>]*>', info)
if len(match) > 0:
for a in match:
try:
proto, rest = urllib2.splittype(a)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port == None:
port = 80
if not domains.has_key(host):
domains[host] = port
except:
pass
def lsdns(basedomain=None):
"""
Get the required DNS settings.
"""
from urllib2 import splitport
from inyoka.core.api import ctx
_old = ctx.cfg['base_domain_name']
if basedomain is not None:
ctx.cfg['base_domain_name'] = basedomain
print u' '.join(
((sub + '.' if sub else sub) +
splitport(ctx.dispatcher.get_url_adapter().server_name)[0])
for sub in sorted(
set(rule.subdomain
for rule in ctx.dispatcher.url_map.iter_rules())))
ctx.cfg['base_domain_name'] = _old
def getDomains(info):
global domains
if info != "":
match = re.search(r'<ol[^>]*id="b_results">([\s\S]*?)</ol>', info)
if match :
info = match.group(1)
match = re.findall('<a[^>]*href="([^"]*)"[^>]*>', info)
if len(match) > 0:
for a in match:
try:
proto, rest = urllib2.splittype(a)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port == None:
port = 80
if not domains.has_key(host):
domains[host] = port
except:
pass
def bing_get(domain):
trytime = 0
f = 1
domainsbing = []
#bing里面获取的数据不是很完全
while True:
try:
req = urllib2.Request(
'http://cn.bing.com/search?count=50&q=site:' + domain +
'&first=' + str(f))
req.add_header('User-Agent', random_useragent())
res = urllib2.urlopen(req, timeout=30)
src = res.read()
TempD = re.findall('<cite>(.*?)<\/cite>', src)
for item in TempD:
item = item.split('<strong>')[0]
item += domain
try:
if not (item.startswith('http://')
or item.startswith('https://')):
item = "http://" + item
proto, rest = urllib2.splittype(item)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port == None:
item = host
else:
item = host + ":" + port
except:
print traceback.format_exc()
pass
domainsbing.append(item)
if f < 500 and re.search('class="sb_pagN"', src) is not None:
f = int(f) + 50
else:
subdomainbing = {}.fromkeys(domainsbing).keys()
return subdomainbing
break
except Exception, e:
pass
trytime += 1
if trytime > 3:
return domainsbing
def getDomains(ip, page):
global domains
trytime = 0
while True:
try:
request = urllib2.Request(
"http://dns.aizhan.com/index.php?r=index/domains&ip=" + ip +
"&page=" + str(page))
request.add_header(
'User-Agent',
'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0'
)
request.add_header('Accept-encoding', 'gzip')
request.add_header('X-FORWARDED-FOR', ip)
request.add_header('Referer', request.get_full_url())
u = urllib2.urlopen(request, timeout=30)
content = ''
if u.info().get('Content-Encoding') == 'gzip':
buf = StringIO(u.read())
f = gzip.GzipFile(fileobj=buf)
content = f.read()
else:
content = u.read()
type = sys.getfilesystemencoding()
content = content.decode("UTF-8").encode(type)
domaintemp = json.loads(content, encoding="utf-8")
for d in domaintemp["domains"]:
try:
proto, rest = urllib2.splittype("http://" + str(d))
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port == None:
port = 80
if not domains.has_key(host):
domains[host] = port
except:
pass
return
except:
trytime += 1
if trytime > 0:
return
def socket_client(url, data):
"""
GET /kuoaidebb/p/4703015.html HTTP/1.1\r\n
Host: www.cnblogs.com\r\n
Connection: keep-alive\r\n
Pragma: no-cache\r\n
Cache-Control: no-cache\r\n
Upgrade-Insecure-Requests: 1\r\n
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\n
Accept-Encoding: gzip, deflate\r\n
Accept-Language: zh-CN,zh;q=0.8\r\n\r\n
'GET /kuoaidebb/p/4703015.html HTTP/1.1\r\nHost: www.cnblogs.com\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade-Insecure-Requests: 1\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: zh-CN,zh;q=0.8\r\n\r\n'
"""
ParseResult = urlparse.urlparse(url)
# stuck in favicon.ico
#if ParseResult.path == 'favicon.ico':
##HTTP/1.1 404 Not Found
##Server: nginx/1.10.1
##Date: Thu, 22 Jun 2017 11:36:00 GMT
##Content-Type: text/html
##Connection: keep-alive
#data = '\r\n'.join(['HTTP/1.1 404 Not Found', 'Server: nginx/1.10.1', 'Date: Thu, 22 Jun 2017 11:36:00 GMT', 'Content-Type: text/html', 'Connection: keep-alive']) + '\r\n\r\n'
if ParseResult.scheme not in ["https", 'http']:
data = 'HTTP/1.1 404 Not Found\r\n'
host, port = urllib2.splitport(ParseResult.netloc)
if port:
port = int(port)
else:
if ParseResult.scheme == 'https':
port = 443
else:
port = 80
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, port))
s.sendall(data)
ret = parse_request(s)
s.close()
return ret
def test_blueflood_ingest(self, collectd):
try:
blueflood_socket = socket.socket()
blueflood_socket.connect(*urllib2.splitport(self.URL))
except:
pytest.skip()
server = BluefloodEndpoint()
server.tenant = self.tenantid
resp = server.retrieve_resolution(collectdconf.test_metric_name, 0, int(time.time()*1000))
count_before = len(resp['values'])
# wait for some time for collectd to write data to Blueflood
time.sleep(15)
resp = server.retrieve_resolution(collectdconf.test_metric_name, 0, int(time.time()*1000))
count_after = len(resp['values'][0])
assert count_after > count_before, resp
assert count_after != 0
def __init__(self, Url, ApiVersion, Args={}):
self.ApiVersion = ApiVersion
self.Url = Url
spliturl = urlparse.urlparse(Url)
callType = spliturl[0]
if callType not in ['http', 'https']:
raise DbsConfigurationError(args="HttpError, BAD URL: %s" % Url,
code="200")
hostport = urllib2.splitport(spliturl[1])
self.Host = hostport[0]
self.Port = hostport[1]
self.ipList = [self.Host]
try:
self.ipList = socket.gethostbyname_ex(self.Host)[2]
except:
raise DbsConnectionError(args="Could not locate the host " +
self.Host,
code=400)
if self.Port in [None, ""]:
self.Port = "80"
self.Servlet = spliturl[2]
if self.Servlet in ['None', '']:
raise DbsConfigurationError(
args="HttpError, BAD URL: %s Missing Servlet Path" % Url,
code="200")
if callType == 'https':
##Make a secure connection
self.Secure = True
else:
self.Secure = False
self.UserID = Args['userID']
self.retry_att = 0
if Args.has_key('retry'):
self.retry = int(Args['retry'])
else:
self.retry = None
def bing_get(domain):
trytime = 0
f = 1
domainsbing = []
#bing里面获取的数据不是很完全
while True:
try:
req=urllib2.Request('http://cn.bing.com/search?count=50&q=site:'+domain+'&first='+str(f))
req.add_header('User-Agent',random_useragent())
res=urllib2.urlopen(req, timeout = 30)
src=res.read()
TempD=re.findall('<cite>(.*?)<\/cite>',src)
for item in TempD:
item=item.split('<strong>')[0]
item += domain
try:
if not (item.startswith('http://') or item.startswith('https://')):
item = "http://" + item
proto, rest = urllib2.splittype(item)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port == None:
item = host
else:
item = host + ":" + port
except:
print traceback.format_exc()
pass
domainsbing.append(item)
if f<500 and re.search('class="sb_pagN"',src) is not None:
f = int(f)+50
else:
subdomainbing={}.fromkeys(domainsbing).keys()
return subdomainbing
break
except Exception, e:
pass
trytime+=1
if trytime>3:
return domainsbing
def test_blueflood_ingest(self, collectd):
try:
blueflood_socket = socket.socket()
blueflood_socket.connect(*urllib2.splitport(self.URL))
except:
pytest.skip()
server = BluefloodEndpoint()
server.tenant = self.tenantid
resp = server.retrieve_resolution(collectdconf.test_metric_name, 0,
int(time.time() * 1000))
count_before = len(resp['values'])
# wait for some time for collectd to write data to Blueflood
time.sleep(15)
resp = server.retrieve_resolution(collectdconf.test_metric_name, 0,
int(time.time() * 1000))
count_after = len(resp['values'][0])
assert count_after > count_before, resp
assert count_after != 0
def __init__(self, Url, ApiVersion, Args={}):
self.ApiVersion = ApiVersion
self.Url = Url
spliturl = urlparse.urlparse(Url)
callType = spliturl[0]
if callType not in ['http', 'https']:
raise NvsException("HttpError, BAD URL: %s" %Url, "200")
hostport=urllib2.splitport(spliturl[1])
self.Host=hostport[0]
self.Port=hostport[1]
if self.Port in [None, ""]:
self.Port = "80"
self.Servlet=spliturl[2]
if self.Servlet in ['None', '']:
raise NvsException ("HttpError, BAD URL: %s Missing Servlet Path" %Url, "200")
if callType == 'https':
##Make a secure connection
self.Secure = True
else:
self.Secure = False
def getDomains(ip,page):
global domains
trytime = 0
while True:
try:
request = urllib2.Request("http://dns.aizhan.com/index.php?r=index/domains&ip="+ ip +"&page="+ str(page) )
request.add_header('User-Agent', 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0')
request.add_header('Accept-encoding', 'gzip')
request.add_header('X-FORWARDED-FOR', ip)
request.add_header('Referer', request.get_full_url())
u = urllib2.urlopen(request , timeout = 30)
content = ''
if u.info().get('Content-Encoding') == 'gzip':
buf = StringIO(u.read())
f = gzip.GzipFile(fileobj=buf)
content = f.read()
else:
content = u.read()
type = sys.getfilesystemencoding()
content = content.decode("UTF-8").encode(type)
domaintemp = json.loads(content,encoding="utf-8")
for d in domaintemp["domains"]:
try:
proto, rest = urllib2.splittype("http://"+ str(d))
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port == None:
port = 80
if not domains.has_key(host):
domains[host] = port
except:
pass
return
except:
trytime+=1
if trytime>0:
return
# -*- coding: utf-8 -*-
"""
gen_hosts_string
~~~~~~~~~~~~~~~~
This script generates the string that must be added to a /etc/hosts file
to finally setup inyoka development.
:copyright: 2010-2011 by the Inyoka Team, see AUTHORS for more details.
:license: GNU GPL, see LICENSE for more details.
"""
from urllib2 import splitport
from inyoka.core.api import ctx
print u' '.join((sub +'.' if sub else sub) + splitport(ctx.dispatcher.get_url_adapter().server_name)[0] for sub in sorted(set(rule.subdomain for rule in ctx.dispatcher.url_map.iter_rules())))
# -*- coding: utf-8 -*-
"""
gen_hosts_string
~~~~~~~~~~~~~~~~
This script generates the string that must be added to a /etc/hosts file
to finally setup inyoka development.
:copyright: 2010-2011 by the Inyoka Team, see AUTHORS for more details.
:license: GNU GPL, see LICENSE for more details.
"""
from urllib2 import splitport
from inyoka.core.api import ctx
print u' '.join(
(sub + '.' if sub else sub) +
splitport(ctx.dispatcher.get_url_adapter().server_name)[0]
for sub in sorted(
set(rule.subdomain for rule in ctx.dispatcher.url_map.iter_rules())))
def cmdLineParser():
"""Implementation to WPHardening."""
usage = "usage: python %prog [options]"
version = colored('WPHardening', 'green') + ' version' + \
colored(' 1.5', 'yellow') + '\n'
parser = OptionParser(usage, version=version)
parser.add_option("-v", "--verbose", action="store_true",
dest="verbose", default=False,
help="Active verbose mode output results")
parser.add_option("--update", action="store_true", dest="update",
default=False,
help="Check for WPHardening latest stable version")
target = OptionGroup(parser, "Target", "This option must be "
"specified to modify the package WordPress.")
target.add_option("-d", "--dir", dest="path", help="**REQUIRED** -"
" Working Directory.", metavar="DIRECTORY")
target.add_option("--load-conf", dest="loadconf", metavar="FILE",
help="Load file configuration.")
hardening = OptionGroup(parser, "Hardening", "Different tools to"
" hardening WordPress.")
hardening.add_option("-c", "--chmod", action="store_true", dest="chmod",
help="Chmod 755 in directory and 644 in files.")
hardening.add_option("-r", "--remove", action="store_true",
dest="remove", help="Remove files and directory.")
hardening.add_option("-b", "--robots", action="store_true", dest="robots",
help="Create file robots.txt")
hardening.add_option("-f", "--fingerprinting", action="store_true",
dest="finger", help="Deleted fingerprinting "
"WordPress.")
hardening.add_option("-t", "--timthumb", action="store_true",
dest="timthumb", help="Find the library TimThumb.")
hardening.add_option("--chown", action="store", type="string",
dest="chown", metavar="user:group", help="Changing "
"file and directory owner.")
hardening.add_option("--wp-config", action="store_true", dest="wpconfig",
help="Wizard generated wp-config.php")
hardening.add_option("--plugins", action="store_true", dest="plugins",
help="Download Plugins Security.")
hardening.add_option("--proxy", action="store", type="string",
dest="proxy", help="Use a HTTP proxy to connect to "
"the target url for --plugins and --wp-config.")
hardening.add_option("--indexes", action="store_true", dest="indexes",
help="It allows you to display the contents of "
"directories.")
hardening.add_option("--minify", action="store_true", dest="minify",
help="Compressing static file .css and .js")
hardening.add_option("--malware-scan", action="store_true",
dest="malwares", help="Malware Scan in WordPress "
"project.")
miscellaneous = OptionGroup(parser, "Miscellaneous")
miscellaneous.add_option("-o", "--output", help="Write log report to "
"FILE.log", metavar="FILE", dest="output")
parser.add_option_group(target)
parser.add_option_group(hardening)
parser.add_option_group(miscellaneous)
cmdBanner()
(options, args) = parser.parse_args()
if options.loadconf is not None:
options.path = loadConfWordPress(options.loadconf).getDirectory()
options.chmod = loadConfWordPress(options.loadconf).getChmod()
options.robots = loadConfWordPress(options.loadconf).getRobots()
options.finger = loadConfWordPress(
options.loadconf
).getFingerprinting()
options.wpconfig = loadConfWordPress(options.loadconf).getWpConfig()
options.indexes = loadConfWordPress(options.loadconf).getIndexes()
options.timthumb = loadConfWordPress(options.loadconf).getTimthumb()
options.malwares = loadConfWordPress(options.loadconf).getMalwareScan()
options.output = loadConfWordPress(options.loadconf).getOutput()
if options.output is None:
filename = 'wphardening.log'
else:
filename = options.output
log = registerLog(filename)
log.setConfigure()
if options.update:
log.add("Check for WPHardening latest stable version")
updateWPHardening(os.path.abspath(".")).update()
sys.exit()
if options.path is None:
log.add("Did not specify a working directory.")
parser.print_help()
sys.exit()
options.path = os.path.abspath(options.path)
if os.path.exists(options.path):
if checkWordpress(options.path, options.verbose).isWordPress():
if options.chown is not None:
changeOwner = chownWordPress(
options.path, options.chown, options.verbose
)
if changeOwner.isValid():
changeOwner.changeOwner()
if options.chmod is not None:
chmodWordPress(
options.path, options.verbose
).changePermisions()
if options.robots is not None:
robotsWordPress(options.path).createRobots()
if options.finger is not None:
deleteVersionWordPress(options.path).delete()
fingerprintingWordPress(
options.path, options.verbose
).searchStaticFile()
if options.wpconfig is not None:
if options.proxy is not None:
protocolo, rest = urllib2.splittype(options.proxy)
if protocolo is None:
raise ValueError("unknown URL type: %s") % \
(options.proxy)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port is None:
raise ValueError("unknown protocol for %s") % \
(options.proxy)
puerto = int(port)
asdf = wpconfigWordPress(options.path, options.proxy)
else:
asdf = wpconfigWordPress(options.path, options.proxy)
asdf.createConfig()
if options.indexes is not None:
indexesWordPress(options.path, options.verbose).createIndexes()
if options.timthumb is not None:
timthumbWordPress(options.path).checkTimbthumb()
if options.plugins is not None:
if options.proxy is not None:
protocolo, rest = urllib2.splittype(options.proxy)
if protocolo is None:
raise ValueError("unknown URL type: %s") % \
(options.proxy)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port is None:
raise ValueError("unknown protocol for %s") % \
(options.proxy)
puerto = int(port)
asdf = pluginsWordPress(options.path, options.proxy)
else:
asdf = pluginsWordPress(options.path, options.proxy)
asdf.questions()
if options.malwares is not None:
malwareScanWordPress(options.path).scan()
if options.remove is not None:
removeWordPress(options.path).delete()
if options.minify is not None:
minifyWordPress(options.path, options.verbose).minify()
else:
log.add("Could not find the specified directory.")
print colored('\nCould not find the specified directory.\n', 'red')
def cmdLineParser():
"""Implementation to WPHardening."""
version_wph = "1.6"
usage = "usage: python %prog [options]"
version = colored('WPHardening', 'green') + ' version ' + \
colored(version_wph, 'yellow') + '\n'
parser = OptionParser(usage, version=version)
parser.add_option("-v", "--verbose", action="store_true",
dest="verbose", default=False,
help="Active verbose mode output results")
parser.add_option("--update", action="store_true", dest="update",
default=False,
help="Check for WPHardening latest stable version")
target = OptionGroup(parser, "Target", "This option must be "
"specified to modify the package WordPress.")
target.add_option("-d", "--dir", dest="path", help="**REQUIRED** -"
" Working Directory.", metavar="DIRECTORY")
target.add_option("--load-conf", dest="loadconf", metavar="FILE",
help="Load file configuration.")
hardening = OptionGroup(parser, "Hardening", "Different tools to"
" hardening WordPress.")
hardening.add_option("-c", "--chmod", action="store_true", dest="chmod",
help="Chmod 755 in directory and 644 in files.")
hardening.add_option("-r", "--remove", action="store_true",
dest="remove", help="Remove files and directory.")
hardening.add_option("-b", "--robots", action="store_true", dest="robots",
help="Create file robots.txt")
hardening.add_option("-f", "--fingerprinting", action="store_true",
dest="finger", help="Deleted fingerprinting "
"WordPress.")
hardening.add_option("-t", "--timthumb", action="store_true",
dest="timthumb", help="Find the library TimThumb.")
hardening.add_option("--chown", action="store", type="string",
dest="chown", metavar="user:group", help="Changing "
"file and directory owner.")
hardening.add_option("--wp-config", action="store_true", dest="wpconfig",
help="Wizard generated wp-config.php")
hardening.add_option("--plugins", action="store_true", dest="plugins",
help="Download Plugins Security.")
hardening.add_option("--proxy", action="store", type="string",
dest="proxy", help="Use a HTTP proxy to connect to "
"the target url for --plugins and --wp-config.")
hardening.add_option("--indexes", action="store_true", dest="indexes",
help="It deny you to display the contents of "
"directories.")
hardening.add_option("--minify", action="store_true", dest="minify",
help="Compressing static file .css and .js")
hardening.add_option("--malware-scan", action="store_true",
dest="malwares", help="Malware Scan in WordPress "
"project.")
hardening.add_option("--6g-firewall", action="store_true",
dest="sixg", help="6G Firewall.")
hardening.add_option("--rest-api", action="store_true",
dest="api", help="Disable REST API.")
miscellaneous = OptionGroup(parser, "Miscellaneous")
miscellaneous.add_option("-o", "--output", help="Write log report to "
"FILE.log", metavar="FILE", dest="output")
parser.add_option_group(target)
parser.add_option_group(hardening)
parser.add_option_group(miscellaneous)
cmdBanner()
(options, args) = parser.parse_args()
if options.loadconf is not None:
options.path = loadConfWordPress(options.loadconf).getDirectory()
options.chmod = loadConfWordPress(options.loadconf).getChmod()
options.robots = loadConfWordPress(options.loadconf).getRobots()
options.finger = loadConfWordPress(
options.loadconf
).getFingerprinting()
options.wpconfig = loadConfWordPress(options.loadconf).getWpConfig()
options.indexes = loadConfWordPress(options.loadconf).getIndexes()
options.timthumb = loadConfWordPress(options.loadconf).getTimthumb()
options.malwares = loadConfWordPress(options.loadconf).getMalwareScan()
options.output = loadConfWordPress(options.loadconf).getOutput()
if options.output is None:
filename = 'wphardening.log'
else:
filename = options.output
log = registerLog(filename)
log.setConfigure()
if options.update:
log.add("Check for WPHardening latest stable version")
updateWPHardening(os.path.abspath(".")).update()
sys.exit()
if options.path is None:
log.add("Did not specify a working directory.")
parser.print_help()
sys.exit()
options.path = os.path.abspath(options.path)
if os.path.exists(options.path):
fname = "output.html"
context = {
'directory': options.path,
'version': version_wph
}
if checkWordpress(options.path, options.verbose).isWordPress():
if options.chown is not None:
changeOwner = chownWordPress(
options.path, options.chown, options.verbose
)
if changeOwner.isValid():
changeOwner.changeOwner()
context['chown'] = options.chown
if options.chmod is not None:
chmodWordPress(
options.path, options.verbose
).changePermisions()
context['chmod'] = True
if options.robots is not None:
robotsWordPress(options.path).createRobots()
context['robots'] = True
if options.finger is not None:
deleteVersionWordPress(options.path).delete()
fingerprintingWordPress(
options.path, options.verbose
).searchStaticFile()
context['finger'] = True
if options.wpconfig is not None:
if options.proxy is not None:
protocolo, rest = urllib2.splittype(options.proxy)
if protocolo is None:
raise ValueError("unknown URL type: %s") % \
(options.proxy)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port is None:
raise ValueError("unknown protocol for %s") % \
(options.proxy)
puerto = int(port)
asdf = wpconfigWordPress(options.path, options.proxy)
else:
asdf = wpconfigWordPress(options.path, options.proxy)
asdf.createConfig()
if options.indexes is not None:
indexesWordPress(options.path, options.verbose).createIndexes()
context['indexes'] = True
if options.timthumb is not None:
timthumbWordPress(options.path).checkTimbthumb()
if options.plugins is not None:
if options.proxy is not None:
protocolo, rest = urllib2.splittype(options.proxy)
if protocolo is None:
raise ValueError("unknown URL type: %s") % \
(options.proxy)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port is None:
raise ValueError("unknown protocol for %s") % \
(options.proxy)
puerto = int(port)
asdf = pluginsWordPress(options.path, options.proxy)
else:
asdf = pluginsWordPress(options.path, options.proxy)
asdf.questions()
if options.malwares is not None:
malwareScanWordPress(options.path).scan()
if options.remove is not None:
removeWordPress(options.path).delete()
context['remove'] = True
if options.minify is not None:
minifyWordPress(options.path, options.verbose).minify()
if options.sixg is not None:
sixgWordPress(options.path, options.verbose).createFirewall()
context['sixg'] = True
if options.api is not None:
restApiWordPress(options.path).disableRestApi()
context['api'] = True
# output jinja2
with open(fname, 'w') as f:
html = render_template('index.html.tmpl', context)
f.write(html)
else:
log.add("Could not find the specified directory.")
print colored('\nCould not find the specified directory.\n', 'red')
def main():
usage = "usage: %prog [options] arg"
version = colored('WP Hardening', 'green') + ' version' + \
colored(' 1.1', 'yellow')
parser = OptionParser(usage, version=version)
parser.add_option(
"-v", "--verbose", action="store_true", dest="verbose",
help="active verbose mode output results",
)
group1 = OptionGroup(
parser, "Target",
"This option must be specified to modify the package WordPress."
)
group1.add_option(
"-d", "--dir", dest="path",
help="**REQUIRED** - Working Directory.", metavar="DIRECTORY"
)
parser.add_option_group(group1)
group2 = OptionGroup(
parser, "Hardening", "Different tools to hardening WordPress."
)
group2.add_option(
"-c", "--chmod", action="store_true", dest="chmod",
help="Chmod 755 in directory and 644 in files."
)
group2.add_option(
"-r", "--remove", action="store_true", dest="remove",
help="Remove files and directory."
)
group2.add_option(
"-b", "--robots", action="store_true", dest="robots",
help="Create file robots.txt"
)
group2.add_option(
"-f", "--fingerprinting", action="store_true",
dest="finger", help="Deleted fingerprinting WordPress."
)
group2.add_option(
"--wp-config", action="store_true", dest="wpconfig",
help="Generated wp-config.php"
)
group2.add_option(
"--delete-version", action="store_true",
dest="delete_version", help="Deleted version WordPress."
)
group2.add_option(
"--plugins", action="store_true", dest="plugins",
help="Download Plugins Security."
)
group2.add_option(
"--proxy", action="store", type="string", dest="proxy",
help="Use a HTTP proxy to connect to the target url for --plugins and \
--wp-config."
)
group2.add_option(
"--indexes", action="store_true", dest="indexes",
help="It allows you to display the contents of directories."
)
parser.add_option_group(group2)
group3 = OptionGroup(
parser, "Miscellaneous",
)
group3.add_option(
"-o", "--output", help="Write log report to FILE.log", metavar="FILE",
dest="output"
)
parser.add_option_group(group3)
(options, args) = parser.parse_args()
if options.output is None:
filename = 'wphardening.log'
else:
filename = options.output
log = registerLog(filename)
log.setConfigure()
if options.path is None:
log.add("Did not specify a working directory.")
parser.print_help()
sys.exit()
options.path = os.path.abspath(options.path)
if os.path.exists(options.path):
wordpress = checkWordpress(options.path)
if wordpress.isWordPress():
log.add(options.path + " This project directory is a WordPress.")
print colored(options.path, 'yellow') + ' -', \
colored('\nThis project directory is a WordPress.', 'green')
if options.delete_version is not None:
asdf = deleteVersionWordPress(options.path)
asdf.delete()
if options.chmod is not None:
asdf = chmodWordPress(options.path)
asdf.changePermisions()
if options.remove is not None:
qwer = removeWordPress(options.path)
qwer.delete()
if options.robots is not None:
zxcv = robotsWordPress(options.path)
zxcv.createRobots()
if options.finger is not None:
asdf = fingerprintingWordPress(options.path)
asdf.searchStaticFile()
if options.wpconfig is not None:
if options.proxy is not None:
protocolo, rest = urllib2.splittype(options.proxy)
if protocolo is None:
raise ValueError("unknown URL type: %s") % \
(options.proxy)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port is None:
raise ValueError("unknown protocol for %s") % \
(options.proxy)
puerto = int(port)
asdf = wpconfigWordPress(options.path, options.proxy)
else:
asdf = wpconfigWordPress(options.path, options.proxy)
asdf.createConfig()
if options.indexes is not None:
asdf = indexesWordPress(options.path)
asdf.createIndexes()
if options.plugins is not None:
if options.proxy is not None:
protocolo, rest = urllib2.splittype(options.proxy)
if protocolo is None:
raise ValueError("unknown URL type: %s") % \
(options.proxy)
host, rest = urllib2.splithost(rest)
host, port = urllib2.splitport(host)
if port is None:
raise ValueError("unknown protocol for %s") % \
(options.proxy)
puerto = int(port)
asdf = pluginsWordPress(options.path, options.proxy)
else:
asdf = pluginsWordPress(options.path, options.proxy)
asdf.questions()
else:
log.add(
options.path + " This Project directory is not a WordPress."
)
print colored(options.path, 'yellow') + ' -', \
colored('This Project directory is not a WordPress.\n', 'red')
else:
log.add("Could not find the specified directory.")
print colored('\nCould not find the specified directory.\n', 'red')