def start(id, url, ua, ga, source, ga_content): if id == "wp": # trust me more will be added soon import VersionDetect.wp as wpverdetect wpver = wpverdetect.start(id, url, ua, ga, source) return wpver elif id == 'joom': import VersionDetect.joom as joomverdetect joomver = joomverdetect.start(id, url, ua, ga, source) return joomver elif id == 'dru': import VersionDetect.dru as druverdetect druver = druverdetect.start(id, url, ua, ga, source) return druver elif id == 'xe': import VersionDetect.xe as xeverdetect xever = xeverdetect.start(ga_content) return xever elif id == 'wgui': import VersionDetect.wgui as wguiverdetect wguiver = wguiverdetect.start(ga_content) return wguiver elif id == 'umi': import VersionDetect.umi as umiverdetect umiver = umiverdetect.start(url, ua) return umiver
def start(id, url, ua, ga, source): if id == "wp": # trust me more will be added soon import VersionDetect.wp as wpverdetect wpver = wpverdetect.start(id, url, ua, ga, source): return wpver elif id == 'mg': import VersionDetect.mg as mgverdetect mgver = mgverdetect.start(url, ua) return mgver
def start(id, url, ua, ga, source): if id == "wp": # trust me more will be added soon import VersionDetect.wp as wpverdetect wpver = wpverdetect.start(id, url, ua, ga, source) return wpver elif id == 'joom': import VersionDetect.joom as joomverdetect joomver = joomverdetect.start(id, url, ua, ga, source) return joomver
def start(id, url, ua, ga, source, ga_content): if id == "wp": # trust me more will be added soon import VersionDetect.wp as wpverdetect wpver = wpverdetect.start(id, url, ua, ga, source) return wpver elif id == 'joom': import VersionDetect.joom as joomverdetect joomver = joomverdetect.start(id, url, ua, ga, source) return joomver elif id == 'dru': import VersionDetect.dru as druverdetect druver = druverdetect.start(id, url, ua, ga, source) return druver elif id == 'xe': import VersionDetect.xe as xeverdetect xever = xeverdetect.start(ga_content) return xever elif id == 'wgui': import VersionDetect.wgui as wguiverdetect wguiver = wguiverdetect.start(ga_content) return wguiver elif id == 'umi': import VersionDetect.umi as umiverdetect umiver = umiverdetect.start(url, ua) return umiver elif id == 'tidw': import VersionDetect.tidw as tidwverdetect tidwver = tidwverdetect.start(source) return tidwver elif id == 'sulu': import VersionDetect.sulu as suluverdetect suluver = suluverdetect.start(url, ua) return suluver elif id == 'subcms': import VersionDetect.subcms as subcmsverdetect subcmsver = subcmsverdetect.start(ga_content) return subcmsver elif id == 'snews': import VersionDetect.snews as snewsverdetect snewsver = snewsverdetect.start(ga_content, source) return snewsver
def start(id, url, ua, ga, source, detection_method): ''' id = ID of the cms url = URL of target ua = User Agent ga = [0/1] is GENERATOR meta tag available source = source code ''' ## Do shits later [update from later: i forgot what shit i had to do ;___;] if id == "wp": # referenced before assignment fix vulnss = version = wpvdbres = result = plugins_found = usernames = usernamesgen = '0' cmseek.statement('Starting WordPress DeepScan') # Check if site really is WordPress if detection_method == 'source': # well most of the wordpress false positives are from source detections. cmseek.statement('Checking if the detection is false positive') temp_domain = re.findall( '^(?:https?:\/\/)?(?:[^@\n]+@)?(?:www\.)?([^:\/\n\?\=]+)', url)[0] wp_match_pattern = temp_domain + '\/wp-(content|include|admin)\/' if not re.search(wp_match_pattern, source): cmseek.error( 'Detection was false positive! CMSeeK is quitting!') cmseek.success( 'Run CMSeeK with {0}{1}{2} argument next time'.format( cmseek.fgreen, '--ignore-cms wp', cmseek.cln)) #cmseek.handle_quit() return # Version detection version = wordpress_version_detect.start(id, url, ua, ga, source) ## Check for minor stuffs like licesnse readme and some open directory checks cmseek.statement("Initiating open directory and files check") ## Readme.html readmesrc = cmseek.getsource(url + '/readme.html', ua) if readmesrc[ 0] != '1': ## something went wrong while getting the source codes cmseek.statement( "Couldn't get readme file's source code most likely it's not present" ) readmefile = '0' # Error Getting Readme file elif 'Welcome. WordPress is a very special project to me.' in readmesrc[ 1]: readmefile = '1' # Readme file present else: readmefile = '2' # Readme file found but most likely it's not of wordpress ## license.txt licsrc = cmseek.getsource(url + '/license.txt', ua) if licsrc[0] != '1': cmseek.statement('license file not found') licfile = '0' elif 'WordPress - Web publishing software' in licsrc[1]: licfile = '1' else: licfile = '2' ## wp-content/uploads/ folder wpupsrc = cmseek.getsource(url + '/wp-content/uploads/', ua) if wpupsrc[0] != '1': wpupdir = '0' elif 'Index of /wp-content/uploads' in wpupsrc[1]: wpupdir = '1' else: wpupdir = '2' ## xmlrpc xmlrpcsrc = cmseek.getsource(url + '/xmlrpc.php', ua) if xmlrpcsrc[0] != '1': cmseek.statement('XML-RPC interface not available') xmlrpc = '0' elif 'XML-RPC server accepts POST requests only.' in xmlrpcsrc[1]: xmlrpc = '1' else: xmlrpc = '2' ## Path disclosure cmseek.statement('Looking for potential path disclosure') path = path_disclosure.start(url, ua) if path != "": cmseek.success('Path disclosure detected, path: ' + cmseek.bold + path + cmseek.cln) ## Check for user registration usereg = check_reg.start(url, ua) reg_found = usereg[0] reg_url = usereg[1] ## Plugins Enumeration plug_enum = wp_plugins_enum.start(source) plugins_found = plug_enum[0] plugins = plug_enum[1] ## Themes Enumeration theme_enum = wp_theme_enum.start(source, url, ua) themes_found = theme_enum[0] themes = theme_enum[1] ## User enumeration uenum = wp_user_enum.start(id, url, ua, ga, source) usernamesgen = uenum[0] usernames = uenum[1] ## Version Vulnerability Detection if version != '0': version_vuln = wp_vuln_scan.start(version, ua) wpvdbres = version_vuln[0] result = version_vuln[1] if wpvdbres != '0' and version != '0': vulnss = len(result['vulnerabilities']) vfc = version_vuln[2] ### Deep Scan Results comes here comptime = round(time.time() - cmseek.cstart, 2) log_file = os.path.join(cmseek.log_dir, 'cms.json') cmseek.clearscreen() cmseek.banner("Deep Scan Results") sresult.target(url) sresult.cms('WordPress', version, 'https://wordpress.org') #cmseek.result("Detected CMS: ", 'WordPress') cmseek.update_log('cms_name', 'WordPress') # update log #cmseek.result("CMS URL: ", "https://wordpress.org") cmseek.update_log('cms_url', "https://wordpress.org") # update log sresult.menu('[WordPress Deepscan]') item_initiated = False item_ended = False if readmefile == '1': sresult.init_item("Readme file found: " + cmseek.fgreen + url + '/readme.html' + cmseek.cln) cmseek.update_log('wp_readme_file', url + '/readme.html') item_initiated = True if licfile == '1': cmseek.update_log('wp_license', url + '/license.txt') if item_initiated == False: sresult.init_item("License file: " + cmseek.fgreen + url + '/license.txt' + cmseek.cln) else: sresult.item("License file: " + cmseek.fgreen + url + '/license.txt' + cmseek.cln) if wpvdbres == '1': if item_initiated == False: sresult.init_item('Changelog: ' + cmseek.fgreen + str(result['changelog_url']) + cmseek.cln) else: sresult.item('Changelog: ' + cmseek.fgreen + str(result['changelog_url']) + cmseek.cln) cmseek.update_log('wp_changelog_file', str(result['changelog_url'])) if wpupdir == '1': cmseek.update_log('wp_uploads_directory', url + '/wp-content/uploads') if item_initiated == False: sresult.init_item("Uploads directory has listing enabled: " + cmseek.fgreen + url + '/wp-content/uploads' + cmseek.cln) else: sresult.item("Uploads directory has listing enabled: " + cmseek.fgreen + url + '/wp-content/uploads' + cmseek.cln) if xmlrpc == '1': cmseek.update_log('xmlrpc', url + '/xmlrpc.php') if item_initiated == False: sresult.init_item("XML-RPC interface: " + cmseek.fgreen + url + '/xmlrpc.php' + cmseek.cln) else: sresult.item("XML-RPC interface: " + cmseek.fgreen + url + '/xmlrpc.php' + cmseek.cln) if reg_found == '1': sresult.item('User registration enabled: ' + cmseek.bold + cmseek.fgreen + reg_url + cmseek.cln) cmseek.update_log('user_registration', reg_url) if path != "": sresult.item('Path disclosure: ' + cmseek.bold + cmseek.orange + path + cmseek.cln) cmseek.update_log('path', path) if plugins_found != 0: plugs_count = len(plugins) sresult.init_item("Plugins Enumerated: " + cmseek.bold + cmseek.fgreen + str(plugs_count) + cmseek.cln) wpplugs = "" for i, plugin in enumerate(plugins): plug = plugin.split(':') wpplugs = wpplugs + plug[0] + ' Version ' + plug[1] + ',' if i == 0 and i != plugs_count - 1: sresult.init_sub('Plugin: ' + cmseek.bold + cmseek.fgreen + plug[0] + cmseek.cln) sresult.init_subsub('Version: ' + cmseek.bold + cmseek.fgreen + plug[1] + cmseek.cln) sresult.end_subsub('URL: ' + cmseek.fgreen + url + '/wp-content/plugins/' + plug[0] + cmseek.cln) elif i == plugs_count - 1: sresult.empty_sub() sresult.end_sub('Plugin: ' + cmseek.bold + cmseek.fgreen + plug[0] + cmseek.cln) sresult.init_subsub( 'Version: ' + cmseek.bold + cmseek.fgreen + plug[1] + cmseek.cln, True, False) sresult.end_subsub( 'URL: ' + cmseek.fgreen + url + '/wp-content/plugins/' + plug[0] + cmseek.cln, True, False) else: sresult.empty_sub() sresult.sub_item('Plugin: ' + cmseek.bold + cmseek.fgreen + plug[0] + cmseek.cln) sresult.init_subsub('Version: ' + cmseek.bold + cmseek.fgreen + plug[1] + cmseek.cln) sresult.end_subsub('URL: ' + cmseek.fgreen + url + '/wp-content/plugins/' + plug[0] + cmseek.cln) cmseek.update_log('wp_plugins', wpplugs) sresult.empty_item() if themes_found != 0: thms_count = len(themes) sresult.init_item("Themes Enumerated: " + cmseek.bold + cmseek.fgreen + str(thms_count) + cmseek.cln) wpthms = "" for i, theme in enumerate(themes): thm = theme.split(':') thmz = thm[1].split('|') wpthms = wpthms + thm[0] + ' Version ' + thmz[0] + ',' if i == 0 and i != thms_count - 1: sresult.init_sub('Theme: ' + cmseek.bold + cmseek.fgreen + thm[0] + cmseek.cln) sresult.init_subsub('Version: ' + cmseek.bold + cmseek.fgreen + thmz[0] + cmseek.cln) if thmz[1] != '': sresult.subsub('Theme Zip: ' + cmseek.bold + cmseek.fgreen + url + thmz[1] + cmseek.cln) sresult.end_subsub('URL: ' + cmseek.fgreen + url + '/wp-content/themes/' + thm[0] + cmseek.cln) elif i == thms_count - 1: sresult.empty_sub(True) sresult.end_sub('Theme: ' + cmseek.bold + cmseek.fgreen + thm[0] + cmseek.cln) sresult.init_subsub( 'Version: ' + cmseek.bold + cmseek.fgreen + thmz[0] + cmseek.cln, True, False) if thmz[1] != '': sresult.subsub( 'Theme Zip: ' + cmseek.bold + cmseek.fgreen + url + thmz[1] + cmseek.cln, True, False) sresult.end_subsub( 'URL: ' + cmseek.fgreen + url + '/wp-content/themes/' + thm[0] + cmseek.cln, True, False) else: sresult.sub_item('Theme: ' + cmseek.bold + cmseek.fgreen + thm[0] + cmseek.cln) sresult.init_subsub('Version: ' + cmseek.bold + cmseek.fgreen + thmz[0] + cmseek.cln) if thmz[1] != '': sresult.subsub('Theme Zip: ' + cmseek.bold + cmseek.fgreen + url + thmz[1] + cmseek.cln) sresult.end_subsub('URL: ' + cmseek.fgreen + url + '/wp-content/themes/' + thm[0] + cmseek.cln) cmseek.update_log('wp_themes', wpthms) sresult.empty_item() if usernamesgen == '1': user_count = len(usernames) sresult.init_item("Usernames harvested: " + cmseek.bold + cmseek.fgreen + str(user_count) + cmseek.cln) wpunames = "" for i, u in enumerate(usernames): wpunames = wpunames + u + "," if i == 0 and i != user_count - 1: sresult.init_sub(cmseek.bold + cmseek.fgreen + u + cmseek.cln) elif i == user_count - 1: sresult.end_sub(cmseek.bold + cmseek.fgreen + u + cmseek.cln) else: sresult.sub_item(cmseek.bold + cmseek.fgreen + u + cmseek.cln) cmseek.update_log('wp_users', wpunames) sresult.empty_item() if version != '0': # cmseek.result("Version: ", version) cmseek.update_log('wp_version', version) if wpvdbres == '1': sresult.end_item('Version vulnerabilities: ' + cmseek.bold + cmseek.fgreen + str(vulnss) + cmseek.cln) cmseek.update_log('wp_vuln_count', str(vulnss)) if vulnss > 0: for i, vuln in enumerate(result['vulnerabilities']): if i == 0 and i != vulnss - 1: sresult.empty_sub(False) sresult.init_sub( cmseek.bold + cmseek.fgreen + str(vuln['title']) + cmseek.cln, False) sresult.init_subsub( "Type: " + cmseek.bold + cmseek.fgreen + str(vuln['vuln_type']) + cmseek.cln, False, True) sresult.subsub( "Link: " + cmseek.bold + cmseek.fgreen + "http://wpvulndb.com/vulnerabilities/" + str(vuln['id']) + cmseek.cln, False, True) strvuln = str(vuln) if 'cve' in strvuln: for ref in vuln['references']['cve']: sresult.subsub( "CVE: " + cmseek.fgreen + "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-" + str(ref) + cmseek.cln, False, True) if 'exploitdb' in strvuln: for ref in vuln['references']['exploitdb']: sresult.subsub( "ExploitDB Link: " + cmseek.fgreen + "http://www.exploit-db.com/exploits/" + str(ref) + cmseek.cln, False, True) if 'metasploit' in strvuln: for ref in vuln['references']['metasploit']: sresult.subsub( "Metasploit Module: " + cmseek.fgreen + "http://www.metasploit.com/modules/" + str(ref) + cmseek.cln, False, True) if 'osvdb' in strvuln: for ref in vuln['references']['osvdb']: sresult.subsub( "OSVDB Link: " + cmseek.fgreen + "http://osvdb.org/" + str(ref) + cmseek.cln, False, True) if 'secunia' in strvuln: for ref in vuln['references']['secunia']: sresult.subsub( "Secunia Advisory: " + cmseek.fgreen + "http://secunia.com/advisories/" + str(ref) + cmseek.cln, False, True) if 'url' in strvuln: for ref in vuln['references']['url']: sresult.subsub( "Reference: " + cmseek.fgreen + str(ref) + cmseek.cln, False, True) sresult.end_subsub( "Fixed In Version: " + cmseek.bold + cmseek.fgreen + str(vuln['fixed_in']) + cmseek.cln, False, True) elif i == vulnss - 1: sresult.empty_sub(False) sresult.end_sub( cmseek.bold + cmseek.fgreen + str(vuln['title']) + cmseek.cln, False) sresult.init_subsub( "Type: " + cmseek.bold + cmseek.fgreen + str(vuln['vuln_type']) + cmseek.cln, False, False) sresult.subsub( "Link: " + cmseek.bold + cmseek.fgreen + "http://wpvulndb.com/vulnerabilities/" + str(vuln['id']) + cmseek.cln, False, False) strvuln = str(vuln) if 'cve' in strvuln: for ref in vuln['references']['cve']: sresult.subsub( "CVE: " + cmseek.fgreen + "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-" + str(ref) + cmseek.cln, False, False) if 'exploitdb' in strvuln: for ref in vuln['references']['exploitdb']: sresult.subsub( "ExploitDB Link: " + cmseek.fgreen + "http://www.exploit-db.com/exploits/" + str(ref) + cmseek.cln, False, False) if 'metasploit' in strvuln: for ref in vuln['references']['metasploit']: sresult.subsub( "Metasploit Module: " + cmseek.fgreen + "http://www.metasploit.com/modules/" + str(ref) + cmseek.cln, False, False) if 'osvdb' in strvuln: for ref in vuln['references']['osvdb']: sresult.subsub( "OSVDB Link: " + cmseek.fgreen + "http://osvdb.org/" + str(ref) + cmseek.cln, False, False) if 'secunia' in strvuln: for ref in vuln['references']['secunia']: sresult.subsub( "Secunia Advisory: " + cmseek.fgreen + "http://secunia.com/advisories/" + str(ref) + cmseek.cln, False, False) if 'url' in strvuln: for ref in vuln['references']['url']: sresult.subsub( "Reference: " + cmseek.fgreen + str(ref) + cmseek.cln, False, False) sresult.end_subsub( "Fixed In Version: " + cmseek.bold + cmseek.fgreen + str(vuln['fixed_in']) + cmseek.cln, False, False) else: sresult.empty_sub(False) sresult.sub_item( cmseek.bold + cmseek.fgreen + str(vuln['title']) + cmseek.cln, False) sresult.init_subsub( "Type: " + cmseek.bold + cmseek.fgreen + str(vuln['vuln_type']) + cmseek.cln, False, True) sresult.subsub( "Link: " + cmseek.bold + cmseek.fgreen + "http://wpvulndb.com/vulnerabilities/" + str(vuln['id']) + cmseek.cln, False, True) strvuln = str(vuln) if 'cve' in strvuln: for ref in vuln['references']['cve']: sresult.subsub( "CVE: " + cmseek.fgreen + "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-" + str(ref) + cmseek.cln, False, True) if 'exploitdb' in strvuln: for ref in vuln['references']['exploitdb']: sresult.subsub( "ExploitDB Link: " + cmseek.fgreen + "http://www.exploit-db.com/exploits/" + str(ref) + cmseek.cln, False, True) if 'metasploit' in strvuln: for ref in vuln['references']['metasploit']: sresult.subsub( "Metasploit Module: " + cmseek.fgreen + "http://www.metasploit.com/modules/" + str(ref) + cmseek.cln, False, True) if 'osvdb' in strvuln: for ref in vuln['references']['osvdb']: sresult.subsub( "OSVDB Link: " + cmseek.fgreen + "http://osvdb.org/" + str(ref) + cmseek.cln, False, True) if 'secunia' in strvuln: for ref in vuln['references']['secunia']: sresult.subsub( "Secunia Advisory: " + cmseek.fgreen + "http://secunia.com/advisories/" + str(ref) + cmseek.cln, False, True) if 'url' in strvuln: for ref in vuln['references']['url']: sresult.subsub( "Reference: " + cmseek.fgreen + str(ref) + cmseek.cln, False, True) sresult.end_subsub( "Fixed In Version: " + cmseek.bold + cmseek.fgreen + str(vuln['fixed_in']) + cmseek.cln, False, True) sresult.end(str(cmseek.total_requests), str(comptime), log_file) return return
def start( id, url, ua, ga, source ): ## ({ID of the cms}, {url of target}, {User Agent}, {is Generator Meta tag available [0/1]}, {Source code}) ## Do shits later [update from later: i forgot what shit i had to do ;___;] if id == "wp": # referenced before assignment fix version = wpvdbres = result = plugins_found = usernames = usernamesgen = '0' cmseek.statement('Starting WordPress DeepScan') # Version detection version = wordpress_version_detect.start(id, url, ua, ga, source) ## Check for minor stuffs like licesnse readme and some open directory checks cmseek.statement("Initiating open directory and files check") ## Readme.html readmesrc = cmseek.getsource(url + '/readme.html', ua) if readmesrc[ 0] != '1': ## something went wrong while getting the source codes cmseek.statement( "Couldn't get readme file's source code most likely it's not present" ) readmefile = '0' # Error Getting Readme file elif 'Welcome. WordPress is a very special project to me.' in readmesrc[ 1]: readmefile = '1' # Readme file present else: readmefile = '2' # Readme file found but most likely it's not of wordpress ## license.txt licsrc = cmseek.getsource(url + '/license.txt', ua) if licsrc[0] != '1': cmseek.statement('license file not found') licfile = '0' elif 'WordPress - Web publishing software' in licsrc[1]: licfile = '1' else: licfile = '2' ## wp-content/uploads/ folder wpupsrc = cmseek.getsource(url + '/wp-content/uploads/', ua) if wpupsrc[0] != '1': wpupdir = '0' elif 'Index of /wp-content/uploads' in wpupsrc[1]: wpupdir = '1' else: wpupdir = '2' ## xmlrpc xmlrpcsrc = cmseek.getsource(url + '/xmlrpc.php', ua) if xmlrpcsrc[0] != '1': cmseek.statement('XML-RPC interface not available') xmlrpc = '0' elif 'XML-RPC server accepts POST requests only.' in xmlrpcsrc[1]: xmlrpc = '1' else: xmlrpc = '2' ## Plugins Enumeration plug_enum = wp_plugins_enum.start(source) plugins_found = plug_enum[0] plugins = plug_enum[1] ## Themes Enumeration theme_enum = wp_theme_enum.start(source) themes_found = theme_enum[0] themes = theme_enum[1] ## User enumeration uenum = wp_user_enum.start(id, url, ua, ga, source) usernamesgen = uenum[0] usernames = uenum[1] ## Version Vulnerability Detection version_vuln = wp_vuln_scan.start(version, ua) wpvdbres = version_vuln[0] result = version_vuln[1] vfc = version_vuln[2] ### Deep Scan Results comes here cmseek.clearscreen() cmseek.banner("Deep Scan Results") cmseek.result("Detected CMS: ", 'WordPress') cmseek.update_log('cms_name', 'WordPress') # update log cmseek.result("CMS URL: ", "https://wordpress.org") cmseek.update_log('cms_url', "https://wordpress.org") # update log if version != '0': cmseek.result("Version: ", version) cmseek.update_log('wp_version', version) if wpvdbres == '1': cmseek.result("Changelog URL: ", str(result['changelog_url'])) cmseek.update_log('wp_changelog_file', str(result['changelog_url'])) if readmefile == '1': cmseek.result("Readme file found: ", url + '/readme.html') cmseek.update_log('wp_readme_file', url + '/readme.html') if licfile == '1': cmseek.result("License file found: ", url + '/license.txt') if wpupdir == '1': cmseek.result("Uploads directory has listing enabled: ", url + '/wp-content/uploads') cmseek.update_log('wp_uploads_directory', url + '/wp-content/uploads') if xmlrpc == '1': cmseek.result("XML-RPC interface available: ", url + '/xmlrpc.php') cmseek.update_log('wp_uploads_directory', url + '/xmlrpc.php') if plugins_found != 0: print('\n') cmseek.result("Plugins Enumerated: ", '') print(" |") wpplugs = "" for plugin in plugins: plug = plugin.split(':') wpplugs = wpplugs + plug[0] + ' Version ' + plug[1] + ',' cmseek.success(cmseek.bold + plug[0] + ' Version ' + plug[1] + cmseek.cln) cmseek.update_log('wp_plugins', wpplugs) if themes_found != 0: print('\n') cmseek.result("themes Enumerated: ", '') print(" |") wpthms = "" for theme in themes: thm = theme.split(':') wpthms = wpthms + thm[0] + ' Version ' + thm[1] + ',' cmseek.success(cmseek.bold + thm[0] + ' Version ' + thm[1] + cmseek.cln) cmseek.result('Theme URL: ', url + '/wp-content/themes/' + thm[0] + '/') cmseek.update_log('wp_plugins', wpthms) if usernamesgen == '1': print('\n') cmseek.result("Usernames Harvested: ", '') print(" |") wpunames = "" for u in usernames: wpunames = wpunames + u + "," cmseek.success(cmseek.bold + u + cmseek.cln) print('\n') cmseek.update_log('wp_users', wpunames) if wpvdbres == '1': cmseek.result("Vulnerability Count: ", str(len(result['vulnerabilities']))) cmseek.update_log('wp_vuln_count', str(len(result['vulnerabilities']))) cmseek.update_log('wpvulndb_url', "https://wpvulndb.com/api/v2/wordpresses/" + vfc) if len(result['vulnerabilities']) > 0: cmseek.success("Displaying all the vulnerabilities") for vuln in result['vulnerabilities']: print("\n") cmseek.result("Title: ", str(vuln['title'])) cmseek.result("Type: ", str(vuln['vuln_type'])) cmseek.result("Fixed In Version: ", str(vuln['fixed_in'])) cmseek.result( "Link: ", "http://wpvulndb.com/vulnerabilities/" + str(vuln['id'])) strvuln = str(vuln) if 'cve' in strvuln: for ref in vuln['references']['cve']: cmseek.result( "CVE: ", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-" + str(ref)) if 'exploitdb' in strvuln: for ref in vuln['references']['exploitdb']: cmseek.result( "ExploitDB Link: ", "http://www.exploit-db.com/exploits/" + str(ref)) if 'metasploit' in strvuln: for ref in vuln['references']['metasploit']: cmseek.result( "Metasploit Module: ", "http://www.metasploit.com/modules/" + str(ref)) if 'osvdb' in strvuln: for ref in vuln['references']['osvdb']: cmseek.result("OSVDB Link: ", "http://osvdb.org/" + str(ref)) if 'secunia' in strvuln: for ref in vuln['references']['secunia']: cmseek.result( "Secunia Advisory: ", "http://secunia.com/advisories/" + str(ref)) if 'url' in strvuln: for ref in vuln['references']['url']: cmseek.result("Reference: ", str(ref)) else: cmseek.warning( 'No vulnerabilities discovered in this version yet!') return else: cmseek.error("Could not look up version vulnerabilities") return return
def start(id, url, ua, ga, source, ga_content): if id == "wp": # trust me more will be added soon import VersionDetect.wp as wpverdetect wpver = wpverdetect.start(id, url, ua, ga, source) return wpver elif id == 'joom': import VersionDetect.joom as joomverdetect joomver = joomverdetect.start(id, url, ua, ga, source) return joomver elif id == 'dru': import VersionDetect.dru as druverdetect druver = druverdetect.start(id, url, ua, ga, source) return druver elif id == 'xe': import VersionDetect.xe as xeverdetect xever = xeverdetect.start(ga_content) return xever elif id == 'wgui': import VersionDetect.wgui as wguiverdetect wguiver = wguiverdetect.start(ga_content) return wguiver elif id == 'umi': import VersionDetect.umi as umiverdetect umiver = umiverdetect.start(url, ua) return umiver elif id == 'tidw': import VersionDetect.tidw as tidwverdetect tidwver = tidwverdetect.start(source) return tidwver elif id == 'sulu': import VersionDetect.sulu as suluverdetect suluver = suluverdetect.start(url, ua) return suluver elif id == 'subcms': import VersionDetect.subcms as subcmsverdetect subcmsver = subcmsverdetect.start(ga_content) return subcmsver elif id == 'snews': import VersionDetect.snews as snewsverdetect snewsver = snewsverdetect.start(ga_content, source) return snewsver elif id == 'spity': import VersionDetect.spity as spityverdetect spityver = spityverdetect.start(ga_content) return spityver elif id == 'slcms': import VersionDetect.slcms as slcmsverdetect slcmsver = slcmsverdetect.start(source) return slcmsver elif id == 'rock': import VersionDetect.rock as rockverdetect rockver = rockverdetect.start(ga_content) return rockver elif id == 'roadz': import VersionDetect.roadz as roadzverdetect roadzver = roadzverdetect.start(ga_content) return roadzver elif id == 'rite': import VersionDetect.rite as riteverdetect ritever = riteverdetect.start(ga_content) return ritever elif id == 'quick': import VersionDetect.quick as quickverdetect quickver = quickverdetect.start(ga_content) return quickver elif id == 'pwind': import VersionDetect.pwind as pwindverdetect pwindver = pwindverdetect.start(ga_content) return pwindver elif id == 'ophal': import VersionDetect.ophal as ophalverdetect ophalver = ophalverdetect.start(ga_content, url, ua) return ophalver elif id == 'sfy': import VersionDetect.sfy as sfyverdetect sfyver = sfyverdetect.start(ga_content) return sfyver elif id == 'otwsm': import VersionDetect.otwsm as otwsmverdetect otwsmver = otwsmverdetect.start(source) return otwsmver elif id == 'ocms': import VersionDetect.ocms as ocmsverdetect ocmsver = ocmsverdetect.start(url, ua) return ocmsver elif id == 'share': import VersionDetect.share as shareverdetect sharever = shareverdetect.start(url, ua) return sharever elif id == 'mura': import VersionDetect.mura as muraverdetect muraver = muraverdetect.start(ga_content) return muraver elif id == 'kbcms': import VersionDetect.kbcms as kbcmsverdetect kbcmsver = kbcmsverdetect.start(url, ua) return kbcmsver elif id == 'koken': import VersionDetect.koken as kokenverdetect kokenver = kokenverdetect.start(ga_content) return kokenver elif id == 'impage': import VersionDetect.impage as impageverdetect impagever = impageverdetect.start(ga_content) return impagever elif id == 'flex': import VersionDetect.flex as flexverdetect flexver = flexverdetect.start(source, url, ua) return flexver elif id == 'dncms': import VersionDetect.dncms as dncmsverdetect dncmsver = dncmsverdetect.start(url, ua) return dncmsver elif id == 'cntsis': import VersionDetect.cntsis as cntsisverdetect cntsisver = cntsisverdetect.start(ga_content) return cntsisver elif id == 'cnido': import VersionDetect.cnido as cnidoverdetect cnidover = cnidoverdetect.start(ga_content) return cnidover elif id == 'con5': import VersionDetect.con5 as con5verdetect con5ver = con5verdetect.start(ga_content) return con5ver elif id == 'csim': import VersionDetect.csim as csimverdetect csimver = csimverdetect.start(ga_content) return csimver elif id == 'brcms': import VersionDetect.brcms as brcmsverdetect brcmsver = brcmsverdetect.start(ga_content) return brcmsver elif id == 'bboard': import VersionDetect.bboard as bboardverdetect bboardver = bboardverdetect.start(source) return bboardver elif id == 'dscrs': import VersionDetect.dscrs as dscrsverdetect dscrsver = dscrsverdetect.start(ga_content) return dscrsver elif id == 'discuz': import VersionDetect.discuz as discuzverdetect discuzver = discuzverdetect.start(ga_content) return discuzver elif id == 'minibb': import VersionDetect.minibb as minibbverdetect minibbver = minibbverdetect.start(source) return minibbver elif id == 'mybb': import VersionDetect.mybb as mybbverdetect mybbver = mybbverdetect.start(source) return mybbver elif id == 'nodebb': import VersionDetect.nodebb as nodebbverdetect nodebbver = nodebbverdetect.start(source) return nodebbver elif id == 'punbb': import VersionDetect.punbb as punbbverdetect punbbver = punbbverdetect.start(source) return punbbver elif id == 'smf': import VersionDetect.smf as smfverdetect smfver = smfverdetect.start(source) return smfver elif id == 'vanilla': import VersionDetect.vanilla as vanillaverdetect vanillaver = vanillaverdetect.start(url, ua) return vanillaver elif id == 'uknva': import VersionDetect.uknva as uknvaverdetect uknvaver = uknvaverdetect.start(ga_content) return uknvaver elif id == 'xmb': import VersionDetect.xmb as xmbverdetect xmbver = xmbverdetect.start(source) return xmbver elif id == 'yabb': import VersionDetect.yabb as yabbverdetect yabbver = yabbverdetect.start(source) return yabbver elif id == 'aef': import VersionDetect.aef as aefverdetect aefver = aefverdetect.start(source) return aefver elif id == 'bhf': import VersionDetect.bhf as bhfverdetect bhfver = bhfverdetect.start(ga_content) return bhfver elif id == 'fudf': import VersionDetect.fudf as fudfverdetect fudfver = fudfverdetect.start(source) return fudfver elif id == 'yaf': import VersionDetect.yaf as yafverdetect yafver = yafverdetect.start(source) return yafver elif id == 'ubbt': import VersionDetect.ubbt as ubbtverdetect ubbtver = ubbtverdetect.start(source, ga_content) return ubbtver elif id == 'myupb': import VersionDetect.myupb as myupbverdetect myupbver = myupbverdetect.start(source) return myupbver elif id == 'mvnf': import VersionDetect.mvnf as mvnfverdetect mvnfver = mvnfverdetect.start(source) return mvnfver elif id == 'mcb': import VersionDetect.mcb as mcbverdetect mcbver = mcbverdetect.start(source) return mcbver elif id == 'aspf': import VersionDetect.aspf as aspfverdetect aspfver = aspfverdetect.start(source) return aspfver elif id == 'jf': import VersionDetect.jf as jfverdetect jfver = jfverdetect.start(source) return jfver elif id == 'mg': import VersionDetect.mg as mgverdetect mgver = mgverdetect.start(url, ua) return mgver elif id == 'coms': import VersionDetect.coms as comsverdetect comsver = comsverdetect.start(url, ua) return comsver elif id == 'abda': import VersionDetect.abda as abdaverdetect abdaver = abdaverdetect.start(source) return abdaver elif id == 'dweb': import VersionDetect.dweb as dwebverdetect dwebver = dwebverdetect.start(ga_content) return dwebver
def start(id, url, ua, ga, source, ga_content): if id == "wp": # trust me more will be added soon import VersionDetect.wp as wpverdetect wpver = wpverdetect.start(id, url, ua, ga, source) return wpver elif id == 'joom': import VersionDetect.joom as joomverdetect joomver = joomverdetect.start(id, url, ua, ga, source) return joomver elif id == 'dru': import VersionDetect.dru as druverdetect druver = druverdetect.start(id, url, ua, ga, source) return druver elif id == 'xe': import VersionDetect.xe as xeverdetect xever = xeverdetect.start(ga_content) return xever elif id == 'wgui': import VersionDetect.wgui as wguiverdetect wguiver = wguiverdetect.start(ga_content) return wguiver elif id == 'umi': import VersionDetect.umi as umiverdetect umiver = umiverdetect.start(url, ua) return umiver elif id == 'tidw': import VersionDetect.tidw as tidwverdetect tidwver = tidwverdetect.start(source) return tidwver elif id == 'sulu': import VersionDetect.sulu as suluverdetect suluver = suluverdetect.start(url, ua) return suluver elif id == 'subcms': import VersionDetect.subcms as subcmsverdetect subcmsver = subcmsverdetect.start(ga_content) return subcmsver elif id == 'snews': import VersionDetect.snews as snewsverdetect snewsver = snewsverdetect.start(ga_content, source) return snewsver elif id == 'spity': import VersionDetect.spity as spityverdetect spityver = spityverdetect.start(ga_content) return spityver elif id == 'slcms': import VersionDetect.slcms as slcmsverdetect slcmsver = slcmsverdetect.start(source) return slcmsver elif id == 'rock': import VersionDetect.rock as rockverdetect rockver = rockverdetect.start(ga_content) return rockver elif id == 'roadz': import VersionDetect.roadz as roadzverdetect roadzver = roadzverdetect.start(ga_content) return roadzver elif id == 'rite': import VersionDetect.rite as riteverdetect ritever = riteverdetect.start(ga_content) return ritever elif id == 'quick': import VersionDetect.quick as quickverdetect quickver = quickverdetect.start(ga_content) return quickver elif id == 'pwind': import VersionDetect.pwind as pwindverdetect pwindver = pwindverdetect.start(ga_content) return pwindver elif id == 'ophal': import VersionDetect.ophal as ophalverdetect ophalver = ophalverdetect.start(ga_content, url, ua) return ophalver elif id == 'sfy': import VersionDetect.sfy as sfyverdetect sfyver = sfyverdetect.start(ga_content) return sfyver elif id == 'otwsm': import VersionDetect.otwsm as otwsmverdetect otwsmver = otwsmverdetect.start(source) return otwsmver elif id == 'ocms': import VersionDetect.ocms as ocmsverdetect ocmsver = ocmsverdetect.start(url, ua) return ocmsver elif id == 'share': import VersionDetect.share as shareverdetect sharever = shareverdetect.start(url, ua) return sharever elif id == 'mura': import VersionDetect.mura as muraverdetect muraver = muraverdetect.start(ga_content) return muraver elif id == 'kbcms': import VersionDetect.kbcms as kbcmsverdetect kbcmsver = kbcmsverdetect.start(url, ua) return kbcmsver elif id == 'koken': import VersionDetect.koken as kokenverdetect kokenver = kokenverdetect.start(ga_content) return kokenver elif id == 'impage': import VersionDetect.impage as impageverdetect impagever = impageverdetect.start(ga_content) return impagever elif id == 'flex': import VersionDetect.flex as flexverdetect flexver = flexverdetect.start(source, url, ua) return flexver elif id == 'dncms': import VersionDetect.dncms as dncmsverdetect dncmsver = dncmsverdetect.start(url, ua) return dncmsver elif id == 'cntsis': import VersionDetect.cntsis as cntsisverdetect cntsisver = cntsisverdetect.start(ga_content) return cntsisver elif id == 'cnido': import VersionDetect.cnido as cnidoverdetect cnidover = cnidoverdetect.start(ga_content) return cnidover elif id == 'con5': import VersionDetect.con5 as con5verdetect con5ver = con5verdetect.start(ga_content) return con5ver elif id == 'csim': import VersionDetect.csim as csimverdetect csimver = csimverdetect.start(ga_content) return csimver elif id == 'brcms': import VersionDetect.brcms as brcmsverdetect brcmsver = brcmsverdetect.start(ga_content) return brcmsver
def start(id, url, ua, ga, source, ga_content): if id == "wp": # trust me more will be added soon import VersionDetect.wp as wpverdetect wpver = wpverdetect.start(id, url, ua, ga, source) return wpver elif id == 'joom': import VersionDetect.joom as joomverdetect joomver = joomverdetect.start(id, url, ua, ga, source) return joomver elif id == 'dru': import VersionDetect.dru as druverdetect druver = druverdetect.start(id, url, ua, ga, source) return druver elif id == 'xe': import VersionDetect.xe as xeverdetect xever = xeverdetect.start(ga_content) return xever elif id == 'wgui': import VersionDetect.wgui as wguiverdetect wguiver = wguiverdetect.start(ga_content) return wguiver elif id == 'umi': import VersionDetect.umi as umiverdetect umiver = umiverdetect.start(url, ua) return umiver elif id == 'tidw': import VersionDetect.tidw as tidwverdetect tidwver = tidwverdetect.start(source) return tidwver elif id == 'sulu': import VersionDetect.sulu as suluverdetect suluver = suluverdetect.start(url, ua) return suluver elif id == 'subcms': import VersionDetect.subcms as subcmsverdetect subcmsver = subcmsverdetect.start(ga_content) return subcmsver elif id == 'snews': import VersionDetect.snews as snewsverdetect snewsver = snewsverdetect.start(ga_content, source) return snewsver elif id == 'spity': import VersionDetect.spity as spityverdetect spityver = spityverdetect.start(ga_content) return spityver elif id == 'slcms': import VersionDetect.slcms as slcmsverdetect slcmsver = slcmsverdetect.start(source) return slcmsver elif id == 'rock': import VersionDetect.rock as rockverdetect rockver = rockverdetect.start(ga_content) return rockver elif id == 'roadz': import VersionDetect.roadz as roadzverdetect roadzver = roadzverdetect.start(ga_content) return roadzver elif id == 'rite': import VersionDetect.rite as riteverdetect ritever = riteverdetect.start(ga_content) return ritever elif id == 'quick': import VersionDetect.quick as quickverdetect quickver = quickverdetect.start(ga_content) return quickver elif id == 'pwind': import VersionDetect.pwind as pwindverdetect pwindver = pwindverdetect.start(ga_content) return pwindver elif id == 'ophal': import VersionDetect.ophal as ophalverdetect ophalver = ophalverdetect.start(ga_content, url, ua) return ophalver elif id == 'sfy': import VersionDetect.sfy as sfyverdetect sfyver = sfyverdetect.start(ga_content) return sfyver elif id == 'otwsm': import VersionDetect.otwsm as otwsmverdetect otwsmver = otwsmverdetect.start(source) return otwsmver elif id == 'ocms': import VersionDetect.ocms as ocmsverdetect ocmsver = ocmsverdetect.start(url, ua) return ocmsver elif id == 'share': import VersionDetect.share as shareverdetect sharever = shareverdetect.start(url, ua) return sharever elif id == 'mura': import VersionDetect.mura as muraverdetect muraver = muraverdetect.start(ga_content) return muraver
def start(id, url, ua, ga, source): if id == "wp": # trust me more will be added soon import VersionDetect.wp as wpverdetect wpver = wpverdetect.start(id, url, ua, ga, source): return wpver