sensu-plugins-wordpress 0.0.1.alpha.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +2 -0
- data/CHANGELOG.md +3 -0
- data/LICENSE +22 -0
- data/README.md +53 -0
- data/bin/check-wpscan.rb +99 -0
- data/lib/sensu-plugins-wordpress.rb +15 -0
- data/lib/sensu-plugins-wordpress/version.rb +28 -0
- metadata +215 -0
- metadata.gz.sig +0 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 3d4ecf4904300b560b3408dc03f84c7bd136a5a9
|
4
|
+
data.tar.gz: 83888eda15b42b477c19c59ee4cca32a35d1264b
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: a651c5eb03f0c7ccadf2829ca6b9ad3a491f2f3e8f5ad0e9ba444fb282505fd327fa58f90f618a9215817a1448c7cbd956836e4d3671d88f16db72a0649495fd
|
7
|
+
data.tar.gz: 5810d6c7916b5ef54ce02e3f77c3e300ac64f2f2eadd8c9bb8b087f851658edde659aa4c21716a36883f4a407e46992df8393572c21020467ffcc0c62d40570e
|
checksums.yaml.gz.sig
ADDED
Binary file
|
data.tar.gz.sig
ADDED
data/CHANGELOG.md
ADDED
data/LICENSE
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2015 devops@yieldbot.com
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,53 @@
|
|
1
|
+
## Sensu-Plugins-wordpress
|
2
|
+
|
3
|
+
[![Build Status](https://travis-ci.org/sensu-plugins/sensu-plugins-wordpress.svg?branch=master)](https://travis-ci.org/sensu-plugins/sensu-plugins-wordpress)
|
4
|
+
[![Gem Version](https://badge.fury.io/rb/sensu-plugins-wordpress.svg)](http://badge.fury.io/rb/sensu-plugins-wordpress)
|
5
|
+
[![Code Climate](https://codeclimate.com/github/sensu-plugins/sensu-plugins-wordpress/badges/gpa.svg)](https://codeclimate.com/github/sensu-plugins/sensu-plugins-wordpress)
|
6
|
+
[![Test Coverage](https://codeclimate.com/github/sensu-plugins/sensu-plugins-wordpress/badges/coverage.svg)](https://codeclimate.com/github/sensu-plugins/sensu-plugins-wordpress)
|
7
|
+
[![Dependency Status](https://gemnasium.com/sensu-plugins/sensu-plugins-wordpress.svg)](https://gemnasium.com/sensu-plugins/sensu-plugins-wordpress)
|
8
|
+
|
9
|
+
## Functionality
|
10
|
+
|
11
|
+
## Files
|
12
|
+
* bin/check-wpscan.rb
|
13
|
+
|
14
|
+
## Usage
|
15
|
+
|
16
|
+
## Installation
|
17
|
+
|
18
|
+
Add the public key (if you haven’t already) as a trusted certificate
|
19
|
+
|
20
|
+
```
|
21
|
+
gem cert --add <(curl -Ls https://raw.githubusercontent.com/sensu-plugins/sensu-plugins.github.io/master/certs/sensu-plugins.pem)
|
22
|
+
gem install sensu-plugins-wordpress -P MediumSecurity
|
23
|
+
```
|
24
|
+
|
25
|
+
You can also download the key from /certs/ within each repository.
|
26
|
+
|
27
|
+
#### Rubygems
|
28
|
+
|
29
|
+
`gem install sensu-plugins-wordpress`
|
30
|
+
|
31
|
+
#### Bundler
|
32
|
+
|
33
|
+
Add *sensu-plugins-sensu-plugins-wordpress* to your Gemfile and run `bundle install` or `bundle update`
|
34
|
+
|
35
|
+
#### Chef
|
36
|
+
|
37
|
+
Using the Sensu **sensu_gem** LWRP
|
38
|
+
```
|
39
|
+
sensu_gem 'sensu-plugins-wordpress' do
|
40
|
+
options('--prerelease')
|
41
|
+
version '0.0.1'
|
42
|
+
end
|
43
|
+
```
|
44
|
+
|
45
|
+
Using the Chef **gem_package** resource
|
46
|
+
```
|
47
|
+
gem_package 'sensu-plugins-wordpress' do
|
48
|
+
options('--prerelease')
|
49
|
+
version '0.0.1'
|
50
|
+
end
|
51
|
+
```
|
52
|
+
|
53
|
+
## Notes
|
data/bin/check-wpscan.rb
ADDED
@@ -0,0 +1,99 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# wpscan check
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# Runs wpscan against a Wordpress site
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain-text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: sensu-plugin
|
16
|
+
#
|
17
|
+
# USAGE:
|
18
|
+
# check-wpscan.rb --url <url>
|
19
|
+
#
|
20
|
+
# NOTES:
|
21
|
+
# wpscan must be installed
|
22
|
+
#
|
23
|
+
# LICENSE:
|
24
|
+
# Copyright 2015 Eric Heydrick <eheydrick@gmail.com>
|
25
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
26
|
+
# for details.
|
27
|
+
#
|
28
|
+
|
29
|
+
require 'sensu-plugin/check/cli'
|
30
|
+
require 'open3'
|
31
|
+
|
32
|
+
#
|
33
|
+
# Check wpscan
|
34
|
+
#
|
35
|
+
class WPScan < Sensu::Plugin::Check::CLI
|
36
|
+
option :url,
|
37
|
+
description: 'Scan target URL',
|
38
|
+
short: '-u URL',
|
39
|
+
long: '--url URL',
|
40
|
+
required: true
|
41
|
+
|
42
|
+
option :wpscan,
|
43
|
+
description: 'Path to wpscan',
|
44
|
+
short: '-p PATH',
|
45
|
+
long: '--path PATH',
|
46
|
+
default: '/opt/wpscan/wpscan.rb'
|
47
|
+
|
48
|
+
option :crit,
|
49
|
+
description: 'Critical threshold',
|
50
|
+
short: '-c CRITICAL',
|
51
|
+
long: '--critical CRITICAL',
|
52
|
+
proc: proc(&:to_i),
|
53
|
+
default: 1
|
54
|
+
|
55
|
+
option :warn_only,
|
56
|
+
description: 'Warn instead of critical on finding vulnerabilities',
|
57
|
+
short: '-w',
|
58
|
+
long: '--warn-only',
|
59
|
+
default: false
|
60
|
+
|
61
|
+
def update_wpscan
|
62
|
+
`#{config[:wpscan]} --update`
|
63
|
+
end
|
64
|
+
|
65
|
+
def run_wpscan
|
66
|
+
vulnerabilities = []
|
67
|
+
|
68
|
+
stdout, result = Open3.capture2("echo Y | #{config[:wpscan]} --url #{config[:url]} --follow-redirection --no-color")
|
69
|
+
|
70
|
+
unknown stdout.split("\n").last unless result.success?
|
71
|
+
|
72
|
+
stdout.each_line do |line|
|
73
|
+
line.scan(/\[(.)\](.*)/).each do |match|
|
74
|
+
if match[0] == '!'
|
75
|
+
vulnerabilities << match[1].strip
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
79
|
+
vulnerabilities
|
80
|
+
end
|
81
|
+
|
82
|
+
def run
|
83
|
+
unknown "wpscan does not exist at #{config[:wpscan]}" unless File.exist?(config[:wpscan])
|
84
|
+
|
85
|
+
update_wpscan
|
86
|
+
|
87
|
+
vulnerabilities = run_wpscan
|
88
|
+
|
89
|
+
if vulnerabilities.size >= config[:crit]
|
90
|
+
if config[:warn_only]
|
91
|
+
warning vulnerabilities.join("\n")
|
92
|
+
else
|
93
|
+
critical vulnerabilities.join("\n")
|
94
|
+
end
|
95
|
+
elsif vulnerabilities.size.zero?
|
96
|
+
ok 'No vulnerabilities found'
|
97
|
+
end
|
98
|
+
end
|
99
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
require 'json'
|
2
|
+
|
3
|
+
# encoding: utf-8
|
4
|
+
module SensuPluginsWordpress
|
5
|
+
# This defines the version of the gem
|
6
|
+
module Version
|
7
|
+
MAJOR = 0
|
8
|
+
MINOR = 0
|
9
|
+
PATCH = 1
|
10
|
+
|
11
|
+
VER_STRING = [MAJOR, MINOR, PATCH, 'alpha.2'].compact.join('.')
|
12
|
+
|
13
|
+
NAME = 'sensu-plugins-wordpress'
|
14
|
+
BANNER = "#{NAME} v%s"
|
15
|
+
|
16
|
+
module_function
|
17
|
+
|
18
|
+
def version
|
19
|
+
format(BANNER, VER_STRING)
|
20
|
+
end
|
21
|
+
|
22
|
+
def json_version
|
23
|
+
{
|
24
|
+
'version' => VER_STRING
|
25
|
+
}.to_json
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
metadata
ADDED
@@ -0,0 +1,215 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: sensu-plugins-wordpress
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1.alpha.2
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Yieldbot, Inc. and contributors
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain:
|
11
|
+
- |
|
12
|
+
-----BEGIN CERTIFICATE-----
|
13
|
+
MIIDgDCCAmigAwIBAgIBATANBgkqhkiG9w0BAQUFADBDMRIwEAYDVQQDDAltYXR0
|
14
|
+
am9uZXMxGDAWBgoJkiaJk/IsZAEZFgh5aWVsZGJvdDETMBEGCgmSJomT8ixkARkW
|
15
|
+
A2NvbTAeFw0xNTAxMjgyMTAyNTFaFw0xNjAxMjgyMTAyNTFaMEMxEjAQBgNVBAMM
|
16
|
+
CW1hdHRqb25lczEYMBYGCgmSJomT8ixkARkWCHlpZWxkYm90MRMwEQYKCZImiZPy
|
17
|
+
LGQBGRYDY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTSzVYnO
|
18
|
+
CLgyrIyT1mBQakArQyW8xhi6MlDqyzXHJGeERT790U6EgoBVeS4XoK0ptFZNR8Tf
|
19
|
+
zko0w+Nv47TarSCgkPOaxY+mxWnAVR10dOmfeLr7huiMyps+YD56/EF2FqQ3jf/+
|
20
|
+
qohENfKD91qy1ieEy+Fn7Pf74ltbNKUdkb9a9eFXQ0DQ4ip5vik7DzjQkUTj4lca
|
21
|
+
k6ArwnmHX4YDhZoYtrQJ8jVktN0/+NtA40M5qkCYHNe5tUW25b/tKVYuioxG6b2Z
|
22
|
+
oIzaZxRLxf6HVAWpCVRT/F5+/yjigkX4u++eYacfLGleXQzoK7BL65vHGMJygWEE
|
23
|
+
0TKGqFOrl/L0AQIDAQABo38wfTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNV
|
24
|
+
HQ4EFgQUEf6a8Td7MrSZc8ImbLFZAENPbz0wIQYDVR0RBBowGIEWbWF0dGpvbmVz
|
25
|
+
QHlpZWxkYm90LmNvbTAhBgNVHRIEGjAYgRZtYXR0am9uZXNAeWllbGRib3QuY29t
|
26
|
+
MA0GCSqGSIb3DQEBBQUAA4IBAQBbzXAYA3BVGw8DZ0YYoY1VHPNEcH5qPIApmHO8
|
27
|
+
rvSmuUT0yMEi7u00H/5uHRFf4LleGT/+sTdyXKsNPGT9kdRuQEgwi+vf7Zfvd8aX
|
28
|
+
UF/+4VkEYf/8rV8Ere6u2QaWPgApdMV6JjKr1fAwCTd8AuGXNaWItiPPMseSQzLJ
|
29
|
+
JKP4hVvbc1d+oS925B1lcBiqn2aYvElbyNAVmQPywNNqkWmvtlqj9ZVJfV5HQLdu
|
30
|
+
8sHuVruarogxxKPBzlL2is4EUb6oN/RdpGx2l4254+nyR+abg//Ed27Ym0PkB4lk
|
31
|
+
HP0m8WSjZmFr109pE/sVsM5jtOCvogyujQOjNVGN4gz1wwPr
|
32
|
+
-----END CERTIFICATE-----
|
33
|
+
date: 2015-04-07 00:00:00.000000000 Z
|
34
|
+
dependencies:
|
35
|
+
- !ruby/object:Gem::Dependency
|
36
|
+
name: sensu-plugin
|
37
|
+
requirement: !ruby/object:Gem::Requirement
|
38
|
+
requirements:
|
39
|
+
- - '='
|
40
|
+
- !ruby/object:Gem::Version
|
41
|
+
version: 1.1.0
|
42
|
+
type: :runtime
|
43
|
+
prerelease: false
|
44
|
+
version_requirements: !ruby/object:Gem::Requirement
|
45
|
+
requirements:
|
46
|
+
- - '='
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: 1.1.0
|
49
|
+
- !ruby/object:Gem::Dependency
|
50
|
+
name: codeclimate-test-reporter
|
51
|
+
requirement: !ruby/object:Gem::Requirement
|
52
|
+
requirements:
|
53
|
+
- - "~>"
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: '0.4'
|
56
|
+
type: :development
|
57
|
+
prerelease: false
|
58
|
+
version_requirements: !ruby/object:Gem::Requirement
|
59
|
+
requirements:
|
60
|
+
- - "~>"
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: '0.4'
|
63
|
+
- !ruby/object:Gem::Dependency
|
64
|
+
name: rubocop
|
65
|
+
requirement: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - '='
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: 0.17.0
|
70
|
+
type: :development
|
71
|
+
prerelease: false
|
72
|
+
version_requirements: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - '='
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: 0.17.0
|
77
|
+
- !ruby/object:Gem::Dependency
|
78
|
+
name: rspec
|
79
|
+
requirement: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - "~>"
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '3.1'
|
84
|
+
type: :development
|
85
|
+
prerelease: false
|
86
|
+
version_requirements: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - "~>"
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '3.1'
|
91
|
+
- !ruby/object:Gem::Dependency
|
92
|
+
name: bundler
|
93
|
+
requirement: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - "~>"
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '1.7'
|
98
|
+
type: :development
|
99
|
+
prerelease: false
|
100
|
+
version_requirements: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - "~>"
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '1.7'
|
105
|
+
- !ruby/object:Gem::Dependency
|
106
|
+
name: rake
|
107
|
+
requirement: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - "~>"
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '10.0'
|
112
|
+
type: :development
|
113
|
+
prerelease: false
|
114
|
+
version_requirements: !ruby/object:Gem::Requirement
|
115
|
+
requirements:
|
116
|
+
- - "~>"
|
117
|
+
- !ruby/object:Gem::Version
|
118
|
+
version: '10.0'
|
119
|
+
- !ruby/object:Gem::Dependency
|
120
|
+
name: github-markup
|
121
|
+
requirement: !ruby/object:Gem::Requirement
|
122
|
+
requirements:
|
123
|
+
- - "~>"
|
124
|
+
- !ruby/object:Gem::Version
|
125
|
+
version: '1.3'
|
126
|
+
type: :development
|
127
|
+
prerelease: false
|
128
|
+
version_requirements: !ruby/object:Gem::Requirement
|
129
|
+
requirements:
|
130
|
+
- - "~>"
|
131
|
+
- !ruby/object:Gem::Version
|
132
|
+
version: '1.3'
|
133
|
+
- !ruby/object:Gem::Dependency
|
134
|
+
name: redcarpet
|
135
|
+
requirement: !ruby/object:Gem::Requirement
|
136
|
+
requirements:
|
137
|
+
- - "~>"
|
138
|
+
- !ruby/object:Gem::Version
|
139
|
+
version: '3.2'
|
140
|
+
type: :development
|
141
|
+
prerelease: false
|
142
|
+
version_requirements: !ruby/object:Gem::Requirement
|
143
|
+
requirements:
|
144
|
+
- - "~>"
|
145
|
+
- !ruby/object:Gem::Version
|
146
|
+
version: '3.2'
|
147
|
+
- !ruby/object:Gem::Dependency
|
148
|
+
name: yard
|
149
|
+
requirement: !ruby/object:Gem::Requirement
|
150
|
+
requirements:
|
151
|
+
- - "~>"
|
152
|
+
- !ruby/object:Gem::Version
|
153
|
+
version: '0.8'
|
154
|
+
type: :development
|
155
|
+
prerelease: false
|
156
|
+
version_requirements: !ruby/object:Gem::Requirement
|
157
|
+
requirements:
|
158
|
+
- - "~>"
|
159
|
+
- !ruby/object:Gem::Version
|
160
|
+
version: '0.8'
|
161
|
+
- !ruby/object:Gem::Dependency
|
162
|
+
name: pry
|
163
|
+
requirement: !ruby/object:Gem::Requirement
|
164
|
+
requirements:
|
165
|
+
- - "~>"
|
166
|
+
- !ruby/object:Gem::Version
|
167
|
+
version: '0.10'
|
168
|
+
type: :development
|
169
|
+
prerelease: false
|
170
|
+
version_requirements: !ruby/object:Gem::Requirement
|
171
|
+
requirements:
|
172
|
+
- - "~>"
|
173
|
+
- !ruby/object:Gem::Version
|
174
|
+
version: '0.10'
|
175
|
+
description: Sensu plugins for working with wordpress
|
176
|
+
email: "<sensu-users@googlegroups.com>"
|
177
|
+
executables: []
|
178
|
+
extensions: []
|
179
|
+
extra_rdoc_files: []
|
180
|
+
files:
|
181
|
+
- CHANGELOG.md
|
182
|
+
- LICENSE
|
183
|
+
- README.md
|
184
|
+
- bin/check-wpscan.rb
|
185
|
+
- lib/sensu-plugins-wordpress.rb
|
186
|
+
- lib/sensu-plugins-wordpress/version.rb
|
187
|
+
homepage: https://github.com/sensu-plugins/sensu-plugins-wordpress
|
188
|
+
licenses:
|
189
|
+
- MIT
|
190
|
+
metadata:
|
191
|
+
maintainer: ''
|
192
|
+
development_status: active
|
193
|
+
production_status: unstable - testing recommended
|
194
|
+
post_install_message:
|
195
|
+
rdoc_options: []
|
196
|
+
require_paths:
|
197
|
+
- lib
|
198
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
199
|
+
requirements:
|
200
|
+
- - ">="
|
201
|
+
- !ruby/object:Gem::Version
|
202
|
+
version: 1.9.3
|
203
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
204
|
+
requirements:
|
205
|
+
- - ">"
|
206
|
+
- !ruby/object:Gem::Version
|
207
|
+
version: 1.3.1
|
208
|
+
requirements: []
|
209
|
+
rubyforge_project:
|
210
|
+
rubygems_version: 2.2.2
|
211
|
+
signing_key:
|
212
|
+
specification_version: 4
|
213
|
+
summary: Sensu plugins for working with wordpress
|
214
|
+
test_files: []
|
215
|
+
has_rdoc:
|
metadata.gz.sig
ADDED
Binary file
|