wordstress 0.0.1 → 0.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9301fb80995974a668a7245491db622a632666ca
-  data.tar.gz: 7c5d509f3ccbc31daf5ce31530dc8c2c52fffe9d
+  metadata.gz: 95999506c82f7c592ba1519d3135c0e374bb7d7d
+  data.tar.gz: d98e8756e937c3ff926036ea34ab8111be6b030d
 SHA512:
-  metadata.gz: 3db58fd8f50d296511f44936ca1094f591914b100da227aba099ff3b904227ee4621a8b828c6b4e115efd6e71332d79f2263e0bda482464b59778bc47f898313
-  data.tar.gz: c09c73dec2c66493bde8b7a1499f2a52f2af34c45704e4c15f619555aadadcdc3055dbdf3197a8a7ed2a37b7ed94be88a04c6b6d688ad83429cbd83f9c6c9dbf
+  metadata.gz: d0e4d4519077f8a3beb10db5733d4ac98e68cc74a0eae589c4ae69fad7767233013f573d9ffdefeed2bd0b46b8a45d683aed1c5dc4b834ac6403702908e80d13
+  data.tar.gz: 189f863ab0ced45cef88ca6c87eed227d59d376db85a57d158cc88e2f428a774a7dc9040536169e687d1e64c622a8c787d69ef5069643911cb462b39f22c88c4

data/.gitignore

@@ -1,4 +1,5 @@
 *.sw?
+.rvmrc
 .DS_Store
 /.bundle/
 /.yardoc

data/README.md

@@ -30,6 +30,7 @@ I want a security tool that follows 'the ruby way'.
 * SQL and CSV output. Suitable for script integration
 * Massive websites scan from text file
 * SSL server rating using [Qualys SSL Labs rating guide](https://www.ssllabs.com/projects/rating-guide/)
+* Whitebox testing using existing wordpress user
 
 
 ## Installation

data/bin/wordstress

@@ -0,0 +1,51 @@
+#!/usr/bin/env ruby
+
+require 'getoptlong'
+require 'json'
+require 'codesake-commons'
+
+require 'wordstress'
+
+APPNAME = File.basename($0)
+
+$logger  = Codesake::Commons::Logging.instance
+
+opts    = GetoptLong.new(
+  [ '--version',                '-v',   GetoptLong::NO_ARGUMENT],
+  [ '--help',                   '-h',   GetoptLong::NO_ARGUMENT]
+)
+
+opts.quiet=true
+
+begin
+  opts.each do |opt, val|
+    case opt
+    when '--version'
+      puts "#{Wordstress::VERSION}"
+      Kernel.exit(0)
+    when '--help'
+      Kernel.exit(0)
+    end
+  end
+rescue GetoptLong::InvalidOption => e
+  $logger.helo APPNAME, Wordstress::VERSION
+  $logger.err e.message
+  Kernel.exit(-1)
+end
+
+target=ARGV.shift
+$logger.helo APPNAME, Wordstress::VERSION
+$logger.toggle_syslog
+
+trap("INT")   { $logger.die('[INTERRUPTED]') }
+$logger.die("missing target") if target.nil?
+
+$logger.log "scanning #{target}"
+site = Wordstress::Site.new(target)
+$logger.ok "wordpress version #{site.version[:version]} detected"
+wp_vuln_hash = JSON.parse(site.wp_vuln_json)
+$logger.ok "#{wp_vuln_hash["wordpress"]["vulnerabilities"].size} vulnerabilities found due wordpress version"
+wp_vuln_hash["wordpress"]["vulnerabilities"].each do |v|
+  $logger.log "#{v["id"]} - #{v["title"]}"
+
+end

data/lib/wordstress/site.rb

@@ -0,0 +1,91 @@
+require 'net/http'
+
+module Wordstress
+  class Site
+
+    attr_reader :version, :wp_vuln_json
+    def initialize(name="")
+      begin
+        @uri      = URI(name)
+        @raw_name = name
+        @valid    = true
+      rescue
+        @valid = false
+      end
+
+      @robots_txt   = get(@raw_name + "/robots.txt")
+      @readme_html  = get(@raw_name + "/readme.html")
+      @homepage     = get(@raw_name)
+      @version      = detect_version
+
+      @wp_vuln_json = get_wp_vulnerabilities
+
+    end
+
+    def get_wp_vulnerabilities
+      get_https("https://wpvulndb.com/api/v1/wordpresses/#{version_pad(@version[:version])}").body
+    end
+
+    def version_pad(version)
+      # 3.2.1 => 321
+      # 4.0 => 400
+      return version.gsub('.', '')      if version.split('.').count == 3
+      return version.gsub('.', '')+'0'  if version.split('.').count == 2
+    end
+
+    def detect_version
+
+      #
+      # 1. trying to detect wordpress version from homepage body meta generator
+      # tag
+
+      v_meta = ""
+      doc = Nokogiri::HTML(@homepage.body)
+      doc.xpath("//meta[@name='generator']/@content").each do |attr|
+        v_meta = attr.value.split(' ')[1]
+      end
+
+      #
+      # 2. trying to detect wordpress version from readme.html in the root
+      # directory
+
+      v_readme = ""
+      doc = Nokogiri::HTML(@readme_html.body)
+      v_readme = doc.at_css('h1').children.last.text.chop.lstrip.split(' ')[1]
+
+      v_rss = ""
+      rss_doc = Nokogiri::HTML(@homepage.body)
+      rss = Nokogiri::HTML(get(rss_doc.css('link[type="application/rss+xml"]').first.attr('href')).body)
+
+      v_rss= rss.css('generator').text.split('=')[1]
+
+      return {:version => v_meta, :accuracy => 1.0} if v_meta == v_readme && v_meta == v_rss
+      return {:version => v_meta, :accuracy => 0.8} if v_meta == v_readme || v_meta == v_rss
+    end
+
+    def get(page)
+      return get_http(page)   if @uri.scheme == "http"
+      return get_https(page)  if @uri.scheme == "https"
+    end
+
+    def is_valid?
+      return @valid
+    end
+
+    private
+    def get_http(page)
+      uri = URI.parse(page)
+      http = Net::HTTP.new(uri.host, uri.port)
+      request = Net::HTTP::Get.new(uri.request_uri)
+      return http.request(request)
+    end
+    def get_https(page)
+      uri = URI.parse(page)
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+      request = Net::HTTP::Get.new(uri.request_uri)
+      return http.request(request)
+
+    end
+  end
+end

data/lib/wordstress/version.rb

@@ -1,3 +1,3 @@
 module Wordstress
-  VERSION = "0.0.1"
+  VERSION = "0.10.0"
 end

data/lib/wordstress.rb

@@ -1,5 +1,2 @@
+require "wordstress/site"
 require "wordstress/version"
-
-module Wordstress
-  # Your code goes here...
-end

data/wordstress.gemspec

@@ -20,4 +20,7 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency "bundler", "~> 1.7"
   spec.add_development_dependency "rake", "~> 10.0"
+
+  spec.add_dependency 'codesake-commons'
+  spec.add_dependency 'json'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: wordstress
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.10.0
 platform: ruby
 authors:
 - Paolo Perego
@@ -38,10 +38,39 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: codesake-commons
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: wordstress is a security scanner for wordpress powered websites
 email:
 - thesp0nge@gmail.com
-executables: []
+executables:
+- wordstress
 extensions: []
 extra_rdoc_files: []
 files:
@@ -50,7 +79,9 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- bin/wordstress
 - lib/wordstress.rb
+- lib/wordstress/site.rb
 - lib/wordstress/version.rb
 - wordstress.gemspec
 homepage: https://github.com/thesp0nge/wordstress