wmap 2.4.6 → 2.4.8

data/lib/wmap/host_tracker.rb

@@ -11,7 +11,7 @@ require "singleton"		# Implement singleton pattern to avoid race condition under
 
 # Class to handle the local host data repository file where lists of known hosts from discovery and past assessment efforts are stored
 class Wmap::HostTracker
-	#include Singleton
+	include Singleton
 	include Wmap::Utils
 
 	attr_accessor :hosts_file, :max_parallel, :verbose, :data_dir
@@ -33,8 +33,8 @@ class Wmap::HostTracker
 
 	# Setter to load the known hosts from the local hosts file into a class instance
 	def load_known_hosts_from_file (f_hosts=@file_hosts)
-		puts "Loading local hosts from file: #{f_hosts} ..." if @verbose
-		begin
+		#begin
+			puts "Loading local hosts from file: #{f_hosts} ..." if @verbose
 			known_hosts=Hash.new
 			@alias = Hash.new
 			f=File.open(f_hosts, 'r')
@@ -58,16 +58,16 @@ class Wmap::HostTracker
 			end
 			f.close
 			return known_hosts
-		rescue => ee
-			puts "Exception on method #{__method__}: #{ee}"
-			return known_hosts
-		end
+		#rescue => ee
+		#	puts "Exception on method #{__method__}: #{ee}"
+		#	return known_hosts
+		#end
 	end
 
 	# Save the current local hosts hash table into a (random) data repository file
 	def save_known_hosts_to_file!(f_hosts=@file_hosts)
-		puts "Saving the local host repository from memory to file: #{f_hosts} ..."
-		begin
+		#begin
+			puts "Saving the local host repository from memory to file: #{f_hosts} ..."
 			timestamp=Time.now
 			f=File.open(f_hosts, 'w')
 			f.write "# local hosts file created by the #{self.class} class #{__method__} method at: #{timestamp}"
@@ -76,11 +76,12 @@ class Wmap::HostTracker
 					f.write "\n#{key}\t#{@known_hosts[key]}"
 				end
 			end
+			f.write "\n"
 			f.close
 			puts "local host repository is successfully saved to: #{f_hosts}"
-		rescue => ee
-			puts "Exception on method #{__method__}: #{ee}"
-		end
+		#rescue => ee
+		#	puts "Exception on method #{__method__}: #{ee}"
+		#end
 	end
 	alias_method :save!, :save_known_hosts_to_file!
 
@@ -112,7 +113,11 @@ class Wmap::HostTracker
 				if is_ip?(ip)
 					# filter host to known domains only
 					root=get_domain_root(host)
-					if Wmap::DomainTracker.new(:data_dir=>@data_dir).domain_known?(root)
+					puts "Domain root: #{root}" if @verbose
+					domain_tracker=Wmap::DomainTracker.instance
+					domain_tracker.data_dir=@data_dir
+					if domain_tracker.instance.domain_known?(root)
+						domain_tracker=nil
 						record[host]=ip
 						record[ip]=host
 						puts "Host data repository entry loaded: #{host} <=> #{ip}"
@@ -120,7 +125,8 @@ class Wmap::HostTracker
 						# add additional logic to update the sub-domain table as well, 02/10/2014
 						sub=get_sub_domain(host)
 						if sub!=root
-							tracker=Wmap::DomainTracker::SubDomain.new(:data_dir=>@data_dir)
+							tracker=Wmap::DomainTracker::SubDomain.instance
+							tracker.data_dir=@data_dir
 							unless tracker.domain_known?(sub)
 								tracker.add(sub)
 								tracker.save!
@@ -130,6 +136,7 @@ class Wmap::HostTracker
 						@known_hosts.merge!(record)
 						return record
 					else
+						domain_tracker=nil
 						puts "Error - host #{host} has an untrusted internet root domain: #{root}\nPlease update the trusted domain seeds file first if necessary."
 					end
 				else
@@ -145,8 +152,8 @@ class Wmap::HostTracker
 
 	# Setter to add host entry to the local hosts in batch (from an array)
 	def bulk_add(list, num=@max_parallel)
-		puts "Add entries to the local host repository: #{list}"
-		begin
+		#begin
+			puts "Add entries to the local host repository: #{list}"
 			results=Hash.new
 			if list.size > 0
 				puts "Start parallel host update processing on:\n #{list}" if @verbose
@@ -168,9 +175,9 @@ class Wmap::HostTracker
 				puts "Error: empty list - no entry is loaded. Please check your input list and try again."
 			end
 			return results
-		rescue => ee
-			puts "Exception on method #{__method__}: #{ee}"
-		end
+#		rescue => ee
+#			puts "Exception on method #{__method__}: #{ee}"
+#		end
 	end
 	alias_method :adds, :bulk_add
 
@@ -242,8 +249,8 @@ class Wmap::HostTracker
 
 	# Setter to refresh the entry from the cache one at a time
 	def refresh(host)
-		puts "Refresh the local host repository for host: #{host} "
-		begin
+		#begin
+			puts "Refresh the local host repository for host: #{host} "
 			host=host.strip.downcase
 			if @known_hosts.key?(host)
 				old_ip=@known_hosts[host]
@@ -266,15 +273,15 @@ class Wmap::HostTracker
 			else
 				puts "Error entry non exist: #{host}"
 			end
-		rescue => ee
-			puts "Exception on method #{__method__}: #{ee}"
-		end
+		#rescue => ee
+		#	puts "Exception on method #{__method__}: #{ee}"
+		#end
 	end
 
 	#	Refresh all the entries in the local hosts by querying the Internet
 	def refresh_all
 		puts "Refresh all the entries in the local host repository in one shot."
-		begin
+		#begin
 			changes=Hash.new
 			hosts=@known_hosts.keys
 			@known_hosts=Hash.new
@@ -290,9 +297,9 @@ class Wmap::HostTracker
 			#changes.map { |x| puts x }
 			puts "Done refreshing the local hosts."
 			return changes
-		rescue => ee
-			puts "Exception on method #{__method__}: #{ee}"
-		end
+		#rescue => ee
+		#	puts "Exception on method #{__method__}: #{ee}"
+		#end
 	end
 
 	# Extract known root domains from the local host repository @known_hosts
@@ -439,7 +446,7 @@ class Wmap::HostTracker
 				sub = get_subdomain(hostname)
 				subs.push(sub) unless sub.nil?
 			end
-			subs.uniq!.sort!
+			subs.uniq!.sort! unless subs.empty?
 			puts "Found sub domains: #{subs}" if @verbose
 			return subs
 		rescue Exception => ee

data/lib/wmap/site_tracker/deactivated_site.rb

@@ -5,7 +5,7 @@
 #
 # Copyright (c) 2012-2015 Yang Li <yang.li@owasp.org>
 #++
-#require "singleton"
+require "singleton"
 
 
 # Class to trace de-activated site. This is need for basic state tracking for our sites.
@@ -15,7 +15,7 @@ class SiteTracker
 
 class DeactivatedSite < Wmap::SiteTracker
 	include Wmap::Utils
-	#include Singleton
+	include Singleton
 
 	attr_accessor :sites_file, :known_sites, :verbose, :data_dir
 

data/lib/wmap/site_tracker.rb

@@ -6,14 +6,14 @@
 # Copyright (c) 2012-2015 Yang Li <yang.li@owasp.org>
 #++
 require "parallel"
-#require "singleton"
+require "singleton"
 require "nokogiri"
 
 
 # Main class to automatically track the site inventory
 class Wmap::SiteTracker
 	include Wmap::Utils
-	#include Singleton
+	include Singleton
 
 	attr_accessor :sites_file, :max_parallel, :verbose, :data_dir
 	attr_reader :known_sites
@@ -116,7 +116,8 @@ class Wmap::SiteTracker
 			host=url_2_host(site)
 			ip=host_2_ip(host)
 			# Additional logic to refresh deactivated site, 02/12/2014
-			deact=Wmap::SiteTracker::DeactivatedSite.new(:data_dir=>@data_dir)
+			deact=Wmap::SiteTracker::DeactivatedSite.instance
+			deact.data_dir=@data_dir
 			# only trust either the domain or IP we know
 			if is_ip?(host)
 				trusted=Wmap::CidrTracker.new(:data_dir=>@data_dir).ip_trusted?(ip)
@@ -125,7 +126,10 @@ class Wmap::SiteTracker
 				if root.nil?
 					raise "Invalid web site format. Please check your record again."
 				else
-					trusted=Wmap::DomainTracker.new(:data_dir=>@data_dir).domain_known?(root)
+					domain_tracker=Wmap::DomainTracker.instance
+					domain_tracker.data_dir=@data_dir
+					trusted=domain_tracker.domain_known?(root)
+					domain_tracker=nil
 				end
 			end
 			# add record only if trusted
@@ -140,7 +144,8 @@ class Wmap::SiteTracker
 					raise "Site is currently down. Skip #{site}" if checker['code']==10000
 				end
 				raise "Exception on add method - Fail to resolve the host-name: Host - #{host}, IP - #{ip}. Skip #{site}" unless is_ip?(ip)
-				my_tracker = Wmap::HostTracker.new(:data_dir=>@data_dir)
+				my_tracker = Wmap::HostTracker.instance
+				my_tracker.data_dir=@data_dir
 				# Update the local host table when necessary
 				if is_ip?(host)
 					# Case #1: Trusted site contains IP
@@ -156,12 +161,15 @@ class Wmap::SiteTracker
 						host1=ip_2_host(host)
 						puts "host1: #{host1}" if @verbose
 						if is_fqdn?(host1)
-							if Wmap::HostTracker.new(:data_dir=>@data_dir).domain_known?(host1)
+							host_tracker=Wmap::HostTracker.instance
+							host_tracker.data_dir=@data_dir
+							if host_tracker.domain_known?(host1)
 								# replace IP with host-name only if domain root is known
 								puts "Host found from the Internet reverse DNS lookup for #{ip}: #{host1}" if @verbose
 								host=host1
 								site.sub!(/\d+\.\d+\.\d+\.\d+/,host)
 							end
+							host_tracker=nil
 						end
 					end
 					# Adding site for Case #1
@@ -288,7 +296,8 @@ class Wmap::SiteTracker
 		puts "Remove entry from the site store: #{site} " if @verbose
 		begin
 			# Additional logic to deactivate the site properly, by moving it to the DeactivatedSite list, 02/07/2014
-			deact=Wmap::SiteTracker::DeactivatedSite.new(:data_dir=>@data_dir)
+			deact=Wmap::SiteTracker::DeactivatedSite.instance
+			deact.data_dir=@data_dir
 			site=site.strip.downcase
 			site=url_2_site(site)
 			if @known_sites.key?(site)
@@ -574,10 +583,11 @@ class Wmap::SiteTracker
 	def get_uniq_sites
 		puts "Getter to retrieve unique sites containing unique IP:PORT key identifier." if @verbose
 		begin
-			#primary_host_tracker=Wmap::HostTracker::PrimaryHost.new
+			#primary_host_tracker=Wmap::HostTracker::PrimaryHost.instance
 			sites=Hash.new
 			#uniqueness=Hash.new
-			my_tracker=Wmap::HostTracker.new(:data_dir=>@data_dir)
+			my_tracker=Wmap::HostTracker.instance
+			my_tracker.data_dir=@data_dir
 			@known_sites.keys.map do |key|
 				port=url_2_port(key).to_s
 				host=url_2_host(key)
@@ -677,7 +687,8 @@ class Wmap::SiteTracker
 		begin
 			updates=Array.new
 			sites=get_ip_sites
-			my_tracker=Wmap::HostTracker.new(:data_dir=>@data_dir)
+			my_tracker=Wmap::HostTracker.instance
+			my_tracker.data_dir=@data_dir
 			sites.map do |site|
 				puts "Work on resolve the IP site: #{site}" if @verbose
 				ip=url_2_host(site)
@@ -837,8 +848,10 @@ class Wmap::SiteTracker
 	def get_prim_uniq_sites
 		puts "Retrieve and prime unique sites in the site store. " if @verbose
 		#begin
-			host_tracker=Wmap::HostTracker.new(:data_dir=>@data_dir)
-			primary_host_tracker=Wmap::HostTracker::PrimaryHost.new(:data_dir=>@data_dir)
+			host_tracker=Wmap::HostTracker.instance
+			host_tracker.data_dir=@data_dir
+			primary_host_tracker=Wmap::HostTracker::PrimaryHost.instance
+			primary_host_tracker.data_dir=@data_dir
 			# Step 1. Retrieve the unique site list first
 			sites=get_uniq_sites
 			prim_uniq_sites=Array.new

data/lib/wmap/url_checker.rb

@@ -176,9 +176,9 @@ class Wmap::UrlChecker
 
 	# Test the URL / site and return the redirection location (3xx response code only)
 	def redirect_location (url)
-		puts "Test the redirection location for the url: #{url}" if @verbose
-		location=""
 		begin
+			puts "Test the redirection location for the url: #{url}" if @verbose
+			location=""
 			raise "Invalid url: #{url}" unless is_url?(url)
 			url=url.strip.downcase
 			timeo = @http_timeout/1000.0
@@ -196,6 +196,7 @@ class Wmap::UrlChecker
 				end
 				request = Net::HTTP::Get.new(uri.request_uri)
 				response = http.request(request)
+				puts "Response: #{response}" if @verbose
 				case response
 				when Net::HTTPRedirection then
 					location = response['location']
@@ -213,9 +214,9 @@ class Wmap::UrlChecker
 
 	# Test the URL / site and return the web server type from the HTTP header "server" field
 	def get_server_header (url)
-		puts "Retrieve the server header field from the url: #{url}" if @verbose
-		server=String.new
 		begin
+			puts "Retrieve the server header field from the url: #{url}" if @verbose
+			server=String.new
 			raise "Invalid url: #{url}" unless is_url?(url)
 			url=url.strip.downcase
 			timeo = @http_timeout/1000.0

data/lib/wmap/utils/utils.rb

@@ -11,12 +11,12 @@ require "netaddr"
 
 # Main utility module to provide the common functions across different classes
 module Wmap
-  module Utils	
+  module Utils
 	include Wmap::Utils::DomainRoot
 	include Wmap::Utils::UrlMagic
 	include Wmap::Utils::Logger
 	extend self
-	
+
 	# Load entries from a text file and return an array
 	def file_2_list(f,lc=true)
 		puts "Loading records from file: #{f}" if @verbose
@@ -27,7 +27,7 @@ module Wmap
 				line=line.chomp.strip
 				next if line.nil?
 				next if line.empty?
-				next if line =~ /^\s*#/ 
+				next if line =~ /^\s*#/
 				line=line.downcase if lc==true
 				list.push(line.chomp.strip)
 			end
@@ -55,7 +55,7 @@ module Wmap
 			return nil
 		end
 	end
-	
+
 	# Load entries from a text file and return a hash
 	def file_2_hash(f,lc=true)
 		puts "Loading records from file: #{f}" if @verbose
@@ -67,7 +67,7 @@ module Wmap
 				next if line.nil?
 				next if line.empty?
 				line=line.downcase if lc==true
-				next if line =~ /^\s*#/ 
+				next if line =~ /^\s*#/
 				hs[line]=true unless hs.key?(line)
 			end
 			file.close
@@ -77,7 +77,7 @@ module Wmap
 			return nil
 		end
 	end
-	
+
 	# Query the name-server to see if the dns record is still valid
 	def valid_dns_record? (hostname)
 		puts "Validate the hostname record: #{hostname}" if @verbose
@@ -99,7 +99,7 @@ module Wmap
 
 	# Test the DNS server if zone transfer is allowed. If allowed, save the found hosts into the class variable.
 	def zone_transferable?(domain)
-		puts "Check if the domain allows free zone transfer: #{domain}" 
+		puts "Check if the domain allows free zone transfer: #{domain}"
 		begin
 			transferable=false
 			domain=domain.downcase
@@ -108,32 +108,32 @@ module Wmap
 			puts "Retrieved name servers: #{nameservers}" if @verbose
 			nameservers.each do |nssrv|
 				begin
-					puts "Attempt zone transfer on name server: #{nssrv}" 
+					puts "Attempt zone transfer on name server: #{nssrv}"
 					if nssrv.nil?
 						abort "Method input variable error: no name server found!" if @verbose
 						next
-					end		
+					end
 					zt = Dnsruby::ZoneTransfer.new
-					zt.server=(nssrv) if nssrv!=""			
+					zt.server=(nssrv) if nssrv!=""
 					records = zt.transfer(domain)
 					if records==nil
-						puts "#{domain} zone transfer is not allowed on name server: #{nssrv}" 
+						puts "#{domain} zone transfer is not allowed on name server: #{nssrv}"
 						next
 					else
 						puts "#{domain} zone transfer is allowed!"
 						transferable=true
 					end
 				rescue Exception=>ee
-					puts "Exception on method zone_transferable? for domain #{domain}: #{ee}" 
+					puts "Exception on method zone_transferable? for domain #{domain}: #{ee}"
 				end
 			end
 			return transferable
 		rescue Exception => ee
 			puts "Exception on method #{__method__}: #{ee}" if @verbose
-			return nil
-		end	
-	end	
-	
+			return false
+		end
+	end
+
 	# Test if it's a legitimate IP4 address
 	def is_ip? (ip)
 		puts "Validate the IP format is valid: #{ip}" if @verbose
@@ -155,8 +155,8 @@ module Wmap
 		end
 	end
 	alias_method :is_valid_ip?, :is_ip?
-	
-	# Simple test a host string format. Return true if it contains a valid internet domain sub-string. Note: Don't be confused with another method 'valid_dns_record?', which is a stricter and time-consuming test on the DNS server for a resolvable internet host. 
+
+	# Simple test a host string format. Return true if it contains a valid internet domain sub-string. Note: Don't be confused with another method 'valid_dns_record?', which is a stricter and time-consuming test on the DNS server for a resolvable internet host.
 	def is_fqdn? (host)
 		puts "Validate the host-name format is valid: #{host}" if @verbose
 		begin
@@ -202,17 +202,17 @@ module Wmap
 			return false
 		end
 	end
-	
+
 	# Sort an array of IPs in the ascendant order
 	def sort_ips (ips)
 		begin
 			"Sort the list of IP address in the ascendant order: #{ips}" if @verbose
 			return NetAddr.sort(ips)
-		rescue => ee			
+		rescue => ee
 			puts "Exception on method sort_ips for IPs #{ips}: #{ee}" # if @verbose
-		end		
+		end
 	end
-	
+
 	# Perform the DNS query on a hostname over the Internet. Return the resolved IP(s) in an array
 	def host_2_ips (hostname)
 		begin
@@ -233,7 +233,7 @@ module Wmap
 			puts "Exception on method host_2_ips for host #{hostname}: #{ee}" if @verbose
 			return nil
 		end
-	end	
+	end
 	alias_method :ns_lookup, :host_2_ips
 
 	# Perform DNS query on a hostname.  Return the first resolved IP as a string
@@ -258,8 +258,8 @@ module Wmap
 			puts "Exception on method host_2_ip for host #{hostname}: #{ee}" if @verbose
 			return nil
 		end
-	end	
-	
+	end
+
 	# Retrieve a list of the authoritative name servers from the Internet whois data repository for the host / subdomain / domain
 	def get_nameservers (host)
 		puts "Retrieve a list of authoritative name server for: #{host}" if @verbose
@@ -269,7 +269,7 @@ module Wmap
 			ns = w.query(domain).nameservers.map! { |x| x.name }
 			if ns.empty?
 				puts "No name server found for domain root: #{domain}" if @verbose
-				return nil			
+				return nil
 			else
 				return ns
 			end
@@ -288,7 +288,7 @@ module Wmap
 			ns = w.query(domain).nameservers.map! { |x| x.name }
 			if ns.empty?
 				puts "No name server found for domain root: #{domain}" if @verbose
-				return nil			
+				return nil
 			else
 				return ns.first
 			end
@@ -298,21 +298,21 @@ module Wmap
 		end
 	end
 	alias_method :get_ns, :get_nameserver
-	
+
 	# Perform reverse dns lookup for an IP. Return the found 'hostname' if found, or the original IP if not
 	def reverse_dns_lookup (ip)
 		puts "Retrieve the hostname by the reverse DNS lookup on IP: #{ip}"
 		hostname = ip
-		begin 
+		begin
 			hostname = Socket.gethostbyaddr(ip.split('.').collect{ |x| x.to_i}.pack("CCCC"))[0]
 			return hostname.downcase
 		rescue => ee
 			puts "Exception on method reverse_dns_lookup: #{ee}" if @verbose
 			return hostname
-		end		
+		end
 	end
 	alias_method :ip_2_host, :reverse_dns_lookup
-	
+
 	# Convert a CIDR to a list of IPs:  Input is a CIDR expression such as '192.168.1.1/30', output is an array of IPs
 	def cidr_2_ips (cidr)
 		puts "Method to convert a CIDR block into a list of IPs: #{cidr}" if @verbose
@@ -324,10 +324,10 @@ module Wmap
 		rescue => ee
 			puts "Exception on method #{__method__}: #{ee}" if @verbose
 			return nil
-		end	
+		end
 	end
 
 
-	 
+
   end
 end

data/lib/wmap/wp_tracker.rb

@@ -87,7 +87,7 @@ class Wmap::WpTracker
 				end
 			end
 			f.close
-			puts "Domain cache table is successfully saved: #{file_wps}"
+			puts "WordPress site cache table is successfully saved: #{file_wps}"
 		rescue => ee
 			puts "Exception on method #{__method__}: #{ee}" if @verbose
 		end
@@ -127,6 +127,10 @@ class Wmap::WpTracker
 				found=true
 			elsif wp_meta?(site)
 				found=true
+			elsif wp_login?(site)
+				found=true
+			elsif wp_rpc?(site)
+				found=true
 			else
 				found=false
 			end
@@ -141,7 +145,7 @@ class Wmap::WpTracker
     #begin
 		  puts "Add entries to the local cache table from site tracker: " if @verbose
 			results=Hash.new
-			wps=Wmap::SiteTracker.new.known_sites.keys
+			wps=Wmap::SiteTracker.instance.known_sites.keys
 			if wps.size > 0
 				Parallel.map(wps, :in_processes => num) { |target|
 					add(target)
@@ -197,7 +201,7 @@ class Wmap::WpTracker
 
   # Wordpress detection checkpoint - readme.html
   def wp_readme?(site)
-    readme_url=site + "/readme.html"
+    readme_url=site + "readme.html"
     k=Wmap::UrlChecker.new
     if k.response_code(readme_url) == 200
       k=nil
@@ -216,7 +220,7 @@ class Wmap::WpTracker
 
   # Wordpress detection checkpoint - install.css
   def wp_css?(site)
-    css_url=site + "/wp-admin/css/install.css"
+    css_url=site + "wp-admin/css/install.css"
     k=Wmap::UrlChecker.new
     if k.response_code(css_url) == 200
       k=nil
@@ -252,17 +256,79 @@ class Wmap::WpTracker
 		return false
   end
 
+	# Wordpress detection checkpoint - wp-login
+  def wp_login?(url)
+		site=url_2_site(url)
+		login_url=site + "wp-login.php"
+    k=Wmap::UrlChecker.new
+    if k.response_code(login_url) == 200
+      k=nil
+      doc=read_url(login_url)
+      links=doc.css('link')
+      if links.to_s =~ /login.min.css/i
+        return true
+      else
+        return false
+      end
+    end
+		return false
+  end
+
+	# Wordpress detection checkpoint - xml-rpc
+  def wp_rpc?(url)
+		site=url_2_site(url)
+		rpc_url=site + "xmlrpc.php"
+    k=Wmap::UrlChecker.new
+		#puts "res code", k.response_code(rpc_url)
+    if k.response_code(rpc_url) == 405 # method not allowed
+      k=nil
+      return true
+    end
+		return false
+  end
+
+	# Extract the WordPress version
 	def wp_ver(url)
 		if !wp_ver_readme(url).nil?
 			return wp_ver_readme(url)
 		elsif !wp_ver_meta(url).nil?
 			return wp_ver_meta(url)
+		elsif !wp_ver_login(url,"login.min.css").nil?
+			return wp_ver_login(url,"login.min.css")
+		elsif !wp_ver_login(url,"buttons.min.css").nil?
+			return wp_ver_login(url,"buttons.min.css")
+		elsif !wp_ver_login(url,"wp-admin.min.css").nil?
+			return wp_ver_login(url,"wp-admin.min.css")
 		else
 			return nil
 		end
 	end
 
-	# Identify wordpress version through the meta tag
+	# Identify wordpress version through the login page
+  def wp_ver_login(url,pattern)
+		puts "Check for #{pattern}" if @verbose
+		site=url_2_site(url)
+		login_url=site + "wp-login.php"
+    k=Wmap::UrlChecker.new
+		#puts "Res code: #{k.response_code(login_url)}" if @verbose
+    if k.response_code(login_url) == 200
+      doc=read_url(login_url)
+			#puts doc.inspect
+      links=doc.css('link')
+			#puts links.inspect if @verbose
+			links.each do |tag|
+	      if tag.to_s.include?(pattern)
+					puts tag.to_s if @verbose
+					k=nil
+	        return tag.to_s.scan(/[\d+\.]+\d+/).first
+	      end
+			end
+    end
+    k=nil
+    return nil
+  end
+
+	# Identify wordpress version through the meta link
   def wp_ver_meta(url)
 		site=url_2_site(url)
     k=Wmap::UrlChecker.new
@@ -286,13 +352,15 @@ class Wmap::WpTracker
 	# Wordpress version detection via - readme.html
   def wp_ver_readme(url)
 		site=url_2_site(url)
-    readme_url=site + "/readme.html"
+    readme_url=site + "readme.html"
     k=Wmap::UrlChecker.new
+		puts "Res code: #{k.response_code(readme_url)}" if @verbose
     if k.response_code(readme_url) == 200
       k=nil
       doc=read_url(readme_url)
+			puts doc if @verbose
       logo=doc.css('h1#logo')[0]
-      #puts logo.inspect
+      puts logo.inspect if @verbose
 			return logo.to_s.scan(/[\d+\.]+\d+/).first
     end
     k=nil