def addon_analysis(self, addon_type: str) -> List[Addon]:
temp_directory = uCMS.TempDir.create()
addons = []
addons_path = ""
LOGGER.print_cms(
"info",
"#######################################################" +
"\n\t\t" + addon_type + " analysis" +
"\n#######################################################",
"",
0,
)
# Get the list of addon to work with
if addon_type == "plugins":
addons_path = self.plugins_dir
elif addon_type == "themes":
addons_path = self.themes_dir
addons_name = uCMS.fetch_addons(
os.path.join(self.dir_path, addons_path), "standard")
for addon_name in addons_name:
addon = Addon()
addon.type = addon_type
addon.name = addon_name
addon.filename = addon_name + self.addon_extension
LOGGER.print_cms("info", "[+] " + addon_name, "", 0)
addon_path = os.path.join(self.dir_path, addons_path, addon_name)
try:
# Get addon version
self.get_addon_version(addon, addon_path,
self.regex_version_addon, '"')
# Check addon last version
self.get_addon_last_version(addon)
# Check if there are known CVE
self.check_vulns_addon(addon)
# Check if the addon have been altered
self.check_addon_alteration(addon, addon_path, temp_directory)
addons.append(addon)
except Exception as e:
LOGGER.debug(str(e))
addons.append(addon)
pass
if addon_type == "plugins":
self.plugins = addons
elif addon_type == "themes":
self.themes = addons
return addons
def addon_analysis(self, dir_path, addon_type):
temp_directory = uCMS.TempDir.create()
addons = []
log.print_cms(
"info", "#######################################################" +
"\n\t\t" + addon_type + " analysis" +
"\n#######################################################", "", 0)
# Get the list of addon to work with
if addon_type == "plugins":
addons_path = self.plugins_path
elif addon_type == "themes":
addons_path = self.themes_path
addons_name = uCMS.fetch_addons(os.path.join(dir_path, addons_path),
"standard")
for addon_name in addons_name:
addon = {
"status": "todo",
"name": "",
"version": "",
"last_version": "",
"last_release_date": "",
"link": "",
"edited": "",
"cve": "",
"vulns_details": "",
"notes": "",
"alterations": []
}
log.print_cms("info", "[+] " + addon_name, "", 0)
addon["name"] = addon_name
addon["type"] = addon_type
addon["filename"] = addon["name"] + ".info"
addon_path = os.path.join(dir_path, addons_path, addon_name)
# Get addon version
_, err = self.get_addon_version(addon, addon_path,
re.compile("version = (.*)"))
if err is not None:
addons.append(addon)
continue
# Check addon last version
_, err = self.get_addon_last_version(addon)
if err is not None:
addons.append(addon)
continue
# Check if there are known CVE
_, err = self.check_vulns_addon(addon)
if err is not None:
addons.append(addon)
continue
# Check if the addon have been altered
_, err = self.check_addon_alteration(addon, addon_path,
temp_directory)
if err is not None:
addons.append(addon)
continue
addons.append(addon)
if addon_type == "plugins":
self.plugins = addons
elif addon_type == "themes":
self.themes = addons
return addons
def addon_analysis(self, dir_path, addon_type):
temp_directory = uCMS.TempDir.create()
addons = []
log.print_cms("info",
"#######################################################" \
+ "\n\t\t" + addon_type + " analysis" \
+ "\n#######################################################" \
, "", 0)
# Get the list of addon to work with
self.wp_content = self.get_wp_content(dir_path)[0]
addons_paths = {"standard": os.path.join(self.wp_content, addon_type)}
if addon_type == "plugins":
addons_paths["mu"] = os.path.join(self.wp_content, "mu-plugins")
for key, addons_path in addons_paths.items():
addons_name = uCMS.fetch_addons(
os.path.join(dir_path, addons_path), key)
for addon_name in addons_name:
addon = {
"type": addon_type,
"status": "todo",
"name": addon_name,
"version": "",
"last_version": "",
"last_release_date": "",
"link": "",
"edited": "",
"cve": "",
"vulns": [],
"notes": "",
"alterations": [],
"filename": "",
"path": ""
}
addon_path = os.path.join(dir_path, addons_path, addon_name)
if addon_type == "plugins":
if key == "mu":
addon["mu"] = "YES"
addon_path = os.path.join(dir_path, addons_path)
else:
addon["mu"] = "NO"
log.print_cms("info", "[+] " + addon_name, "", 0)
# Check addon main file
_, err = self.get_addon_main_file(addon, addon_path)
if err is not None:
addons.append(addon)
continue
# Get addon version
_, err = self.get_addon_version(
addon, addon_path, re.compile("(?i)Version: (.*)"))
if err is not None:
addons.append(addon)
continue
# Check addon last version
_, err = self.get_addon_last_version(addon)
if err is not None:
addons.append(addon)
continue
# Check known CVE in wpvulndb
_, err = self.check_vulns_addon(addon)
if err is not None:
addons.append(addon)
continue
# Check if the addon have been altered
_, err = self.check_addon_alteration(addon, dir_path,
temp_directory)
if err is not None:
addons.append(addon)
continue
addons.append(addon)
if addon_type == "plugins":
self.plugins = addons
elif addon_type == "themes":
self.themes = addons
return addons