Re: WordPress Plugins and Themes NSE tweaks

[Paulino Calderon Pale <paulino () calderonpale com>]

Hey,

I have updated the script and committed it in rev 33988 (*). I did the following changes to your version:

-Replaced stdnse,print_debug() (deprecated) with stdnse.debug() calls.
-Added support for XML output
-Added sanity checks
-Fixed output when no results are found.

I renamed the original script http-wordpress-enum to http-wordpress-users and commited this script as the new 
http-wordpress-enum. The new names describe better the script tasks. I also removed the script http-wordpress-plugins 
in favor of the new version of http-wordpress-enum.

Thank you for this contribution Gyanendra and Peter. The script works great and is very effective to detect outdated 
plugins (hopefully soon we will detect outdated themes too).

Cheers.

(*) https://svn.nmap.org/nmap/scripts/http-wordpress-enum.nse

> On Jan 29, 2015, at 3:06 PM, Gyanendra Mishra <anomaly.the () gmail com> wrote:
>
> Hi ,
> I changed the name.Renamed some functions and variables and  also added some content in the 'Description'.
> I hope it is in tune with Nmaps coding style.Rest of the functionality is the same.
> I changed the 'search amongst the 10  plugin or keys' to 'search amongst the 10 most popular resulted : ' as 
> suggested by you.
> Earlier the #result > 0 check wasn't working properly as it would never throw the 'nothing found message' as it would 
> always have a table inside it.
> Now the number of themes/plugins are checked and accordingly the output is given.
> Please check if its working fine for you.
>  
> Regards,
>
> Gyanendra  
>
> On Thu, Jan 29, 2015 at 3:22 PM, peter () hackertarget com <mailto:peter () hackertarget com> <peter () hackertarget 
> com <mailto:peter () hackertarget com>> wrote:
> Hi,
>
> The "combo" script appears to work well I have tested it against a number of sites with various script-args and it 
> works as expected.
>
> I suggest changing the name to http-wordpress-resources.nse as mentioned by Paulino in a previous email, as this 
> gives a better indication of the scripts purpose.
>
> In addition "search amongst the 100 plugins or keys resulted :" could be changed to "search amongst the 100 most 
> popular resources:" or even "search amongst the 100 top themes and plugins" <-- depending on the 
> "http-wordpress-resources.type=" selection (themes or plugins or themes and plugins).
>
>
> Cheers,
>
> Peter
>
> On Thu, Jan 29, 2015 at 6:54 AM, Gyanendra Mishra <anomaly.the () gmail com <mailto:anomaly.the () gmail com>> wrote:
> Hi Peter,
> I have merged the two.
> It doesn't check for the latest plugin by default you have to add http-wordpress-combo.apicheck="true" for the same.
> The script is working fine for me.
> Please check if it is  working properly for you too. 
> Regards,
> Gyanendra
>
> On Wed, Jan 28, 2015 at 6:21 PM, Gyanendra Mishra <anomaly.the () gmail com <mailto:anomaly.the () gmail com>> wrote:
> Hi Peter,
> I'll try implementing these changes in the combined script.Hope to post an update soon.
> Regards,
> Gyanendra Mishra
>
> Hello,
>
> I have another update to the http-wordpress-plugins.nse that now not
> only gets the version of the currently installed plugin but will also
> query the wordpress.org <http://wordpress.org/> API to get the latest version. Here is a
> sample of the output (the API call can be disabled with a
> --script-arg).
>
> Interesting ports on my.woot.blog (123.123.123.123):
> PORT   STATE SERVICE REASON
> 80/tcp open  http    syn-ack
> | http-wordpress-plugins:
> | search amongst the 500 most popular plugins
> |   akismet 3.0.4 (latest version: 3.0.4)
> |   wordpress-seo 1.7 (latest version: 1.7.1)
> |   disqus-comment-system 2.83 (latest version: 2.84)
> |_  wp-to-twitter 1.2 (latest version: 1.45)
>
>
> Hopefully someone will find this helpful, this is an easy way to find
> WordPress installs that are not being maintained and likely
> vulnerable.
>
> My latest updates to the scripts can be found here ->
> https://github.com/peter-hackertarget/nmap-nse-scripts <https://github.com/peter-hackertarget/nmap-nse-scripts>
>
>
> On Thu, Jan 15, 2015 at 10:59 PM, peter () hackertarget com <mailto:peter () hackertarget com>
> <peter () hackertarget com <mailto:peter () hackertarget com>> wrote:
> > Hello,
> >
> > I have implemented a tweak to the http-wordpress-plugins.nse script that now
> > outputs the version of the discovered plugins. Installed WordPress plugins
> > contain a readme.txt that is in a standard form and contains the version
> > information. This file is simply parsed (only for discovered plugins) and
> > included in the results.
> >
> > Further to the previously mentioned http-wordpress-themes.nse detection
> > script (http://seclists.org/nmap-dev/2014/q4/156 <http://seclists.org/nmap-dev/2014/q4/156>), I have also included a
> > similar version check against discovered themes using the theme style.css
> > file that also contains a version string in standard form.
> >
> >
> >
> > Cheers,
> >
> > Peter
>
>
>
> --
> Regards,
>
> Peter
> --------------------------------------------------
> Hosted Vulnerability Scanners
> Web: https://hackertarget.com/ <https://hackertarget.com/>
> --------------------------------------------------
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev <https://nmap.org/mailman/listinfo/dev>
> Archived at http://seclists.org/nmap-dev/ <http://seclists.org/nmap-dev/>
>
>
>
> -- 
> Gyanendra Mishra 
> CS Sophomore
> BITS PILANI, Pilani Campus
> email-anomaly.the () gmail com <mailto:email-anomaly.the () gmail com> 
>
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev <https://nmap.org/mailman/listinfo/dev>
> Archived at http://seclists.org/nmap-dev/ <http://seclists.org/nmap-dev/>
>
>
>
>
> -- 
> Gyanendra Mishra 
> CS Sophomore
> BITS PILANI, Pilani Campus
> email-anomaly.the () gmail com <mailto:email-anomaly.the () gmail com> 
> <http-wordpress-resources.nse>_______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev <https://nmap.org/mailman/listinfo/dev>
> Archived at http://seclists.org/nmap-dev/ <http://seclists.org/nmap-dev/>
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/