def start(source,url,ua): cmseek.info('Starting passive theme enumeration') ## plug_file = open('database/themes.json', 'r') ## plug_data = plug_file.read() ## plug_json = json.loads(plug_data) plug_regex = re.compile('wp-content/themes/(.*?)/.*?[css|js].*?ver=([0-9\.]*)') results = plug_regex.findall(source) themes = [] found = 0 for result in results: # found += 1 name = result[0].replace('-master','').replace('.min','') nc = name + ":" if nc not in str(themes): version = result[1] each_theme = name + ":" + version + "|" # look if theme zip available cmseek.statement('Looking for theme zip file!') theme_zip = url + '/wp-content/themes/' + name + '.zip' zip_status = cmseek.check_url(theme_zip, ua) if zip_status == '1': cmseek.success('Current theme can be downloaded, URL: ' + cmseek.bold + theme_zip + cmseek.cln) each_theme += '/wp-content/themes/' + name + '.zip' themes.append(each_theme) themes = set(themes) found = len(themes) if found > 0: if found == 1: cmseek.success(cmseek.bold + cmseek.fgreen + str(found) + " theme detected!") else: cmseek.success(cmseek.bold + cmseek.fgreen + str(found) + " themes detected!") else: cmseek.error('Could not detect theme!') return [found, themes]
def check_config(url,file,ua): global joom_conf_found, joom_confs file_check = cmseek.check_url(url + '/' + file, ua) if file_check == '1': cmseek.success('Potential configuration file found: ' + cmseek.bold + cmseek.fgreen + file + cmseek.cln) joom_conf_found += 1 joom_confs.append(file)
def check_backup(url, file, ua): global joom_bak_found, joom_backups file_check = cmseek.check_url(url + '/' + file, ua) if file_check == '1': cmseek.success('Potential backup file found: ' + cmseek.bold + cmseek.fgreen + file + cmseek.cln) joom_bak_found += 1 joom_backups.append(file)
def check_admin(url, file, ua): global joom_admin_found, joom_admins file_check = cmseek.check_url(url + '/' + file, ua) if file_check == '1': cmseek.success('Admin login page found: ' + cmseek.bold + cmseek.fgreen + url + '/' + file + cmseek.cln) joom_admin_found += 1 joom_admins.append(file)