[Enhancement+Bug] Latest theme checking support for http-wordpress-enum

[Gyanendra Mishra <anomaly.the () gmail com>]

Hi,

Recently http-wordpress-plugins was merged with http-wordpress-themes and a
few other features were added.[1]

I have added latest version checking  for themes. Currently for clarity I
have kept it as a separate function(get_latest_theme_version)  which can
easily be combined with the function that returns the latest plugin
version. Every theme seems to have the theme version stored here :

https://wordpress.org/themes/rss/topic/<themename>


In the <description> there is  an <img> that has the latest version in  src
attribute. I am essentially fetching the latest version of the theme from
there. As its rss its fast to fetch. I have attached the modified
http-wordpress-enum file.

After I was done with the script I tried running it. That is when I noticed
a bug. It seems that if  the search limit is X the script shows top X
themes/plugins in wp-themes.lst/wp-plugins.lst even if they aren't being
 used on the target. Could someone please confirm this? Its probably a
small error, will work on it tomorrow.

Gyanendra

[1]:http://nmap.org/nsedoc/scripts/http-wordpress-enum.html

Attachment: http-wordpress-enum.nse
Description:

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/