| Filename | [PHP]Wordpress Vulnerability Scanner by Ahlspiess |
| Permission | rw-r--r-- |
| Author | 0b0xed |
| Date and Time | 4:15 AM |
| Label | |
| Action |
How It Work ?
= Scan Wordpress Plugins from /wp-plugins/ ,and find the vuln plugins.
Code : -
- <?php
- /*
- http://127.0.0.1/wp.php?url=
- Beach Please ~fts
- Paan Hensem ~fap
- Credit To : Ahlspiess
- Original Code : http://rempah-proj.googlecode.com/svn/trunk/PHP/wpdetect.php
- */
- $url = $_GET['url'];
- $jMe = new WordpressScanner($url);
- class WordpressScanner {
- public $url;
- function __construct($url){
- $this->url = $url;
- $this->init();
- }
- function init() {
- $content = $this->cURL($this->url);
- if(!preg_match("/200 OK/", $content)) {
- $this->msg("[-] Error! 404 Not Found");
- exit;
- } else {
- print $this->wpscan($content);
- }
- }
- function wpscan($content) {
- $dupe = array();
- $nstack = array();
- preg_match_all("/wp-content\/themes\/(.*?)\/style\.css/", $content, $ret_1);
- preg_match_all("/Theme URI: (.+)/", $this->cURL($this->argv[1]."/".$ret_1[0][0]), $ret_2);
- preg_match_all("/\<meta name=\"generator\" content=\"WordPress (.*?)\" \/\>/", $content, $ret_3);
- $this->msg("[+] Using Wordpress Version: ".trim($ret_3[1][0]));
- $this->msg("[+] Using ".trim($ret_1[1][0])." Theme. Url --> ".trim($ret_2[1][0]));
- preg_match_all("/wp-content\/plugins\/(.*?)\//", $content, $stack);
- foreach($stack[1] as $unstack) {
- if(!isset($dupe[$unstack]) and !is_null($unstack) and !empty($unstack)) {
- if(preg_match("/200 OK/", $this->cURL("http://svn.wp-plugins.org/".trim($unstack)."/"))) {
- $this->msg("[+] Founded {$unstack} Plugins");
- $this->msg(" --> Plugin URL --> http://svn.wp-plugins.org/".trim($unstack)."/");
- } else {
- $this->msg("[+] Founded {$unstack} Plugins.");
- }
- $nstack[] = $unstack;
- $dupe[$unstack] = true;
- }
- }
- //echo "[Debug]".__fVULN__."\n";
- $this->fVuln($nstack);
- }
- function fVuln($c = array()) {
- $content = "";
- foreach($c as $com) {
- $content .= $this->cURL("http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description={$com}&filter_exploit_text=&filter_author=&filter_platform=31&filter_type=6&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=");
- }
- preg_match_all("/\<a href=\"http\:\/\/www\.exploit\-db\.com\/exploits\/(.*?)\"\>(.*?)\n/", $content,$me);
- for($i=0;$i<count($me[1]);$i++) {
- $this->msg("[+] ".trim(str_replace("</a>", "", $me[2][$i]))."\n --> http://www.exploit-db.com/exploits/".trim($me[1][$i]));
- }
- }
- function cURL($url) {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_TIMEOUT, 15);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_USERAGENT, "~fap~fap");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- $data = curl_exec($ch);
- if($data) {
- return $data;
- } else {
- return 0;
- }
- }
- function msg($x) {
- printf("%s<br />", $x);
- }
- }
- ?>
Tutorial :
1. Save as wordpress.php or etc .
2. Run the file at localhost / website .Example 127.0.0.1/wordpress.php?url=(www.target.com)
3. Search Plugins At 1337day.org | exploit-db.com .
14 comments:
Hey, I must say you have gathered really a good stuff about scanning tools for all the readers. I really appreciate it. Thanks!
Wordpress Vulnerability Scanner
Live on line casino.edu.kg casino is also be|can be} available for cellular gaming right here at Betiton™ UK. A land-basedcasino, typically known as a brick-and-mortar on line casino has a physical venue with real recreation tables and a required costume code. Sometimes they'll additionally embrace other services such as a bar or chill out area. Additionally, land-based betting homes have a social component to them—as you play UK on line casino gamesyou are likely to|are inclined to} share a table with other individuals. Social interactions at virtual casinos are restricted compared.
Furthermore, on line casino bonuses have expiration dates, which might vary from a few of} hours to a couple of months. Short validity intervals drive players to extend their bets, which results in|which finally ends up 1xbet in} a larger variance and greater possibilities of dropping. Some casinos have wagering requirements of 50X or extra, while some require lower than 30X. Some additionally restrict the amount of money have the ability to|you presumably can} win from Casino bonuses, so it's crucial you do your analysis and shop round.
To be 1xbet taught more about putting bets, check out at|try} our roulette guess types information. The fitness values applied to the roulette wheel usually require modification, end result of} attainable close proximity of some fitness values. This operate is used in conjunction with of} the deviation in fitness, thus providing larger decision to the choice roulette wheel. It has turned out to be expensive and a proven hazard to people and the surroundings on the occasions when the roulette wheel stops within the wrong place.
This eliminates want to|the necessity to} download any recreation outcome of|as a outcome of} these are already current in 메리트카지노 the cloud for avid gamers to entry. You can start enjoying in} your favourite on-line casino games inside a number of} clicks. The technologies leveraged by the cell gaming casino trade have provided customers with immense ease and comfort. It provides a live casino, cell gaming, extensive variety|all kinds} of your favourite games, and a lot extra to its customers.
Worse yet, the identical recreation could also be} on a 1xbet korea number of} machines in a casino and programmed to pay out a unique way|in one other way} on every. Thus, even when a participant knew price of|the price of} play on one machine, that knowledge would not essentially transfer to the identical recreation elsewhere in the identical casino. Players start to incorrectly guess how slots work and guess at the chance of making money by taking part in} the machines. Obviously, there's be} randomness concerned in how a lot a participant loses at any given session, but slot machine gamers can not even predict how expensive a session could be. With every pull of the deal with, or push of the button, a slot machine begins the method of randomly deciding on the subsequent alignment of symbols. If a slot machine malfunctions it can not full the random choice process, and subsequently reverts to a "tilt" mode.
What’s more, it’s not all the time the size of a poker welcome bonus that 메리트카지노 issues, but in addition means it} works. Even if the supply is just $100 and not $1,000, you'll be able to|you possibly can} still use that to get your on-line poker journey off to an superior start. Also, all playing sites and our guides are rated 18+ solely.
The table provides loads of different betting opportunities. For example, you can to|you possibly can} wager on the colour or certain 1xbet korea sections of the board. The payout will be much less, but your odds of winning are much higher.
We focus on 1xbet providing you with insider knowledge regarding stay supplier on line casino gaming and past. In fact, the Ministry of Culture and Tourism takes this law enforcement very significantly. On the opposite hand, on-line playing websites within South Korea are illegal and are closely targeted by the federal government.
Playtech is one other firm with a few a long time price of expertise. It is known for casino.edu.kg churning out slots games an everyday basis|regularly|frequently}. It has a relationship with many well-known franchises and you at all times know that you are in for a quality quality|a high quality} expertise with Playtech games. Some of the preferred Playtech slots include Superman II and Age of the Gods. Make certain that you know what the necessities are for the welcome bonus supply so you will get get} in on the motion.
Having testing accomplished by iTech Labs ensures that games and gaming methods comply with all related standards, and that they are fair, reliable and resilient. They are like gamblers who're drunk on the roulette wheel. Perhaps the roulette wheel at 1xbet korea a night membership, put in those terms, isn't a great example. For this function, the roulette wheel technique, which is sized based on health, is used to generate the offspring.
BitFiring presents one of 1xbet the beneficiant welcome bonus programs round. Players get a deposit bonus and bonus spins not just for their first deposits but also for his or her subsequent 5. When invited to turn into OJO A-listers, gamers get a refund on all bets with unlimited payouts.
So want to|you should|you have to} learn and perceive this earlier than you use the bonus and withdraw the money you earn from it. But the preferred one is the bitcoin on line casino with no deposit bonus . This 메리트카지노 type of bonus is just obtainable to new players signing up for the first time at an online on line casino.
Immerse yourself in refined comforts as you play your favourite games. Think plush seating, personal washrooms, water views, crystal chandeliers, a rest lounge, and impeccable service crafted to 카지노 your wants. Our poker room options high stakes, live-action poker from Texas Hold'em to Omaha Hi-Lo and Seven-Card Stud. The room has forty two television screens, a Sports Bar, Snack Bar, and dedicated parking for straightforward entry. Enjoy Double Deck and Six Deck Shoe Blackjack video games in our high-limit space with player-friendly guidelines. We've received all of it – every little thing from the high-stakes type of blackjack, the fast-paced pleasure of craps, to the joys and strategy of Pai Gow poker.
Post a Comment