class WPwner(object):
def __init__(self,method,url=False,target=False,config=False):
log.info('Preparing WPwner.......')
self.c = Convention()
self.method = method
if target:
self.target = Target()
self.target.parseTup(target)
if config:
self.target.parseTup(self.load_config(config))
self.done()
else:
self.target = Target(url)
if config:
self.target.parseTup(self.load_config(config))
if self.hostUp():
self.info()
self.done()
else:
print "The host looks down"
# Load a local wp-config.php to parse
def load_config(self,config):
f = open(config)
content = f.read()
f.close()
return Core.parse_config_file(content)
# Looks if the host is online
def hostUp(self):
status,home = Core.get_web_page(self.target.url)
return status
# Thread worker for the information modules execution
#
# The tupple list returned from the module execution is sent to the target
# to get parsed and added to the object's properties
def info_worker(self,module):
if hasattr(module, self.method):
(attribute,value) = ("",False)
if self.method == "passive":
tupList = module.passive(self.target)
elif self.method == "active":
tupList = module.active(self.target)
dispo = False
while not dispo:
dispo = self.lock.acquire()
self.target.parseTup(tupList)
else:
log.failure('Problem with Module '+module_name)
self.lock.release()
# Starts a thread for every information modules
def info(self):
log.info('Starting information gathering on '+self.target.url)
self.threads = []
self.lock = threading.Lock()
for module_name in modules.info.__all__:
module = __import__ ("modules.info."+module_name, fromlist=[module_name])
t = threading.Thread(target=self.info_worker, args=(module,))
self.threads.append(t)
t.start()
for single in self.threads:
single.join()
# Called after the information modules' execution.
# Calls the attack modules
def done(self):
global autoCross
options = []
log.info('Execution of modules over.')
options.append(("Show what we have",describe))
for folder in modules.attack.__all__:
module_folder = __import__ ("modules.attack."+folder, fromlist=[folder])
for module_name in module_folder.__all__:
module = __import__ ("modules.attack."+folder+"."+module_name, fromlist=[module_name])
if hasattr(module,"prerequisite"):
tupList = module.prerequisite(self.target)
for description,address in tupList:
options.append((description,address))
if autoCross:
foundAuto = False
for description,address in options:
if description == "Password reuse detection":
foundAuto = True
autoAddress = address
if foundAuto:
tupList = autoAddress(self.target)
self.target.parseTup(tupList)
autoCross = False
self.done()
i = 1
choice = []
choice.append(self.quit)
print "\n\x1B[31mWhat do you want to do?\x1B[0m"
print "\x1B[92m0) \x1B[0mQuit"
for description,address in options:
choice.append(address)
print "\x1B[92m"+str(i)+') \x1B[0m'+description
i += 1
x = input('\x1B[35mChoice: \x1B[0m')
x = int(x)
tupList = choice[x](self.target)
self.target.parseTup(tupList)
self.done()
# Save and leave
def quit(self,target=None):
Core.save_target(target)
exit(0)
