Class: Snackhack2::WordPress

Inherits:

Object

• Object
• Snackhack2::WordPress

Defined in:

lib/snackhack2/wordpress.rb

Instance Attribute Summary

• #save_file ⇒ Object

  Returns the value of attribute save_file.

• #site ⇒ Object

  Returns the value of attribute site.

Instance Method Summary

• #all_in_one_seo ⇒ Object
• #file_site ⇒ Object
• #initialize(save_file: true) ⇒ WordPress constructor

  A new instance of WordPress.

• #run ⇒ Object
• #users ⇒ Object
• #wp_content_uploads ⇒ Object
• #wp_log ⇒ Object
• #wp_login ⇒ Object
• #wp_plugin ⇒ Object
• #yoast_seo ⇒ Object

Constructor Details

#initialize(save_file: true) ⇒ WordPress

Returns a new instance of WordPress.

# File 'lib/snackhack2/wordpress.rb', line 9

def initialize(save_file: true)
  @site = site
  @save_file = save_file
end

Instance Attribute Details

#save_file ⇒ Object

Returns the value of attribute save_file.

# File 'lib/snackhack2/wordpress.rb', line 7

def save_file
  @save_file
end

#site ⇒ Object

Returns the value of attribute site.

# File 'lib/snackhack2/wordpress.rb', line 7

def site
  @site
end

Instance Method Details

#all_in_one_seo ⇒ Object

# File 'lib/snackhack2/wordpress.rb', line 88

def all_in_one_seo
  alios = Snackhack2::get(@site)
  if alios.code == 200
    if alios.body.scan(/(All in One SEO Pro\s\d.\d.\d)/)
      puts "Site is using the plugin: #{alios.body.match(/(All in One SEO Pro\s\d.\d.\d)/)}"
    end
  end
end

#file_site ⇒ Object

# File 'lib/snackhack2/wordpress.rb', line 23

def file_site
  @site = @site.gsub('https://', '')
end

#run ⇒ Object

# File 'lib/snackhack2/wordpress.rb', line 14

def run
  wp_login
  yoast_seo
  users
  wp_content_uploads
  all_in_one_seo
  wp_log
end

#users ⇒ Object

# File 'lib/snackhack2/wordpress.rb', line 27

def users
  found_users = ''
  begin
    users = Snackhack2::get(File.join(@site, "wp-json", "wp", "v2", "users")).body
    json = JSON.parse(users)
    json.each do |k|
      found_users += "#{k['name']}\n"
    end
  rescue StandardError => e
    puts "[+] users not found\n\n\n"
  end

  if !found_users.empty?
    if @save_file
      Snackhack2::file_save(@site, "users", found_users)
    else
      puts found_users
    end
  end
end

#wp_content_uploads ⇒ Object

# File 'lib/snackhack2/wordpress.rb', line 48

def wp_content_uploads
  s = Snackhack2::get(File.join(@site, '/wp-content/uploads/'))
  if s.code == 200
    if s.body.include?('Index of')
      puts "[+] #{File.join(@site, '/wp-content/uploads/')} is valid...\n\n\n"
    end
  end
end

#wp_log ⇒ Object

# File 'lib/snackhack2/wordpress.rb', line 97

def wp_log
  wplog_score = 0
  wp = ['\wp-content\plugins', 'PHP Notice', 'wp-cron.php', '/var/www/html', 'Yoast\WP\SEO', 'wordpress-seo']
  log = Snackhack2::get(File.join(@site, "/wp-content/debug.log"))
  if log.code == 200
    puts "[+] #{File.join(@site, "/wp-content/debug.log")} is giving status 200. Now double checking...\n\n\n"
    wp.each do |e|
      if log.body.include?(e)
        wplog_score += 10
      end
    end
  end
  puts "WordPress Log score: #{wplog_score}...\n\n\n"
end

#wp_login ⇒ Object

# File 'lib/snackhack2/wordpress.rb', line 57

def wp_login
  percent = 0
  ## todo: maybe add Bayes Theorem to detect wp
  wp = ['wp-includes', 'wp-admin', 'Powered by WordPress', 'wp-login.php', 'yoast.com/wordpress/plugins/seo/',
        'wordpress-login-url.jpg', 'wp-content/themes/', 'wp-json']
  login = Snackhack2::get(File.join(@site, "wp-login.php"))
  if login.code == 200
    wp.each do |path|
      percent += 10 if login.body.include?(path)
    end
  end
  login2 = Snackhack2::get(@site.to_s)
  wp.each do |path|
    percent += 10 if login2.body.include?(path)
  end
  puts "Wordpress Points: #{percent}"
end

#wp_plugin ⇒ Object

# File 'lib/snackhack2/wordpress.rb', line 112

def wp_plugin
  wp_plugin_score = 0
  wp = ['Index of', 'Name', 'Last modified', 'Size', 'Parent Directory', '/wp-content/plugins']
  plug = Snackhack2::get(File.join(@site, '/wp-content/plugins/'))
  if plug.code == 200
    puts "[+] Looks like #{File.join(@site,
                                     '/wp-content/plugins/')} is giving status 200. Checking to make sure...\n\n\n"
    wp.each do |e|
      if plug.body.include?(e)
        wp_plugin_score += 10
      end
    end
  end
  puts "[+] WordPress Plugin Score: #{wp_plugin_score}"
end

#yoast_seo ⇒ Object

# File 'lib/snackhack2/wordpress.rb', line 75

def yoast_seo
  ys = Snackhack2::get(@site)
  if ys.code == 200
    yoast_version = ys.body.split("<!-- This site is optimized with the Yoast SEO Premium plugin")[1].split(" -->")[0]
    ["This site is optimized with the Yoast SEO plugin",
     "This site is optimized with the Yoast SEO Premium plugin"].each do |site|
      if !ys.body.scan(/#{site}/).shift.nil?
        puts "#{ys.body.scan(/#{site}/).shift.to_s} with version #{yoast_version}"
      end
    end
  end
end