-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathwp-plugin-scan.py
executable file
·86 lines (77 loc) · 2.67 KB
/
wp-plugin-scan.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#!/usr/bin/env python
import argparse
import sys
import re
import urllib
import lxml.html
import os
def _main():
argParser = argparse.ArgumentParser(description='Scan any wordpress powered website and identify plugins installed')
argParser.add_argument('-s', '--scan', metavar='<website url>', dest='url', help='scan website at <website url>')
argParser.add_argument('-u', '--update', type=int, metavar='<page number>', dest='pageN', help='update the list of plugins from wordpress.org up to <page number>')
args = argParser.parse_args()
try:
if args.url == args.pageN == None:
argParser.print_help()
elif args.url != None:
scan(args.url)
else:
update(args.pageN)
except IOError as e:
print e
def _isUrl(url):
pattern = re.compile('^https?://[\w\d\-\.]+/(([\w\d\-]+/)+)?$')
if pattern.match(url):
return True
else:
return False
def _isWebsiteAlive(url):
if urllib.urlopen(url).getcode() == 200:
return True
else:
return False
def _parseHrefs(html):
doc = lxml.html.document_fromstring(html)
pattern = re.compile('/plugins/([\w\d\-]+)/')
pluginsList = []
links = doc.cssselect('div.plugin-block h3 a')
for link in links:
plugin = pattern.search(link.get('href')).group(1)
pluginsList.append(plugin)
print plugin + '[+]'
return pluginsList
def _writePlugins(pluginsList):
currentDir = os.path.dirname(os.path.realpath(__file__)) + os.path.sep
pluginsFile = open(currentDir + 'plugins.txt', 'w')
pluginsFile.write('\n'.join(pluginsList))
pluginsFile.close()
def scan(url):
if _isUrl(url) != True:
print 'The url you entered should match this pattern ^https?://[\w\d\-\.]+/(([\w\d\-]+/)+)?$'
return
elif _isWebsiteAlive(url) != True:
return
print 'Scanning...'
currentDir = os.path.dirname(os.path.realpath(__file__)) + os.path.sep
pluginsFile = open(currentDir + 'plugins.txt', 'r')
for line in pluginsFile.read().split('\n'):
if line:
code = urllib.urlopen(url + 'wp-content/plugins/' + line + '/').getcode()
if code != 404:
print line + '[+]'
def update(pageN):
pluginsList = []
if pageN == 1:
html = urllib.urlopen('http://wordpress.org/extend/plugins/browse/popular/').read()
pluginsList = _parseHrefs(html)
elif pageN == 2:
html = urllib.urlopen('http://wordpress.org/extend/plugins/browse/popular/').read()
pluginsList = _parseHrefs(html)
html = urllib.urlopen('http://wordpress.org/extend/plugins/browse/popular/page/2/').read()
pluginsList = pluginsList + _parseHrefs(html)
else:
for page in range(2, pageN):
html = urllib.urlopen('http://wordpress.org/extend/plugins/browse/popular/page/' + str(page) + '/').read()
pluginsList = pluginsList + _parseHrefs(html)
_writePlugins(pluginsList)
if __name__ == "__main__": _main()