-
-
Notifications
You must be signed in to change notification settings - Fork 6
/
remote_version.py
57 lines (50 loc) · 1.81 KB
/
remote_version.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
"""Plugin to find the used wordpress version of a remote installation"""
import re
import hashlib
from prototype import Prototype
HASH_MD5 = 0
CONTAINS = 1
# Identifiers for wordpress versions can either be specific file hashes, or
# regex patterns that have to be contained in a file.
VERSIONS = {
"3.2.1": [
("/wp-content/themes/twentyeleven/style.css", HASH_MD5,
"3e63c08553696a1dedb24b22ef6783c3"),
],
"3.2": [
("/wp-content/themes/twentyeleven/style.css", HASH_MD5,
"e29eb31a625e50da2458e6f2aa10a3e2"),
],
"3.1": [
("/wp-includes/css/admin-bar.css", HASH_MD5,
"181250fab3a7e2549a7e7fa21c2e6079"),
],
"3.0": [
("/wp-content/themes/twentyten/style.css", HASH_MD5,
"6211e2ac1463bf99e98f28ab63e47c54"),
],
}
class Plugin(Prototype):
runlevel = 0
remote = True
def start(self):
self.log("Trying to find the exact wordpress version...")
self.info["version"] = self.find_version()
self.log("- Wordpress version: %s" % self.info["version"] or "unknown")
def find_version(self):
versions = VERSIONS.keys()
versions.sort(reverse=True)
for v in versions:
for identifyer in VERSIONS[v]:
self.logv("- Checking for %s..." % v)
url, id_type, token = identifyer
r = self.request(url)
if r.status_code in [200, 403]:
if id_type == HASH_MD5:
md5 = hashlib.md5(r.content).hexdigest()
if md5 == token:
return v
elif id_type == CONTAINS:
pattern = re.compile(token)
if pattern.search(r.content):
return v