>Also delete the .pyc file, and no reinstall is needed. There was none.
> Yes, many. > You are missing some required methods, like setOptions, getOptions, > getLongDescription, etc. Please see other plugins for a complete list, They are already in the code: # W3af options and output def getOptions( self ): ''' @return: A list of option objects for this plugin. ''' ol = optionList() return ol def setOptions( self, OptionList ): ''' This method sets all the options that are configured using the user interface generated by the framework using the result of getOptions(). @parameter OptionList: A dictionary with the options for the plugin. @return: No value is returned. ''' pass def getPluginDeps( self ): ''' @return: A list with the names of the plugins that should be runned before the current one. ''' return [] def getLongDesc( self ): ''' @return: A DETAILED description of the plugin functions and features. ''' return ''' This plugin searches for client side differences between different versions of WordPress. ''' 2009/6/6 Andres Riancho <andres.rian...@gmail.com>: > Ryan, > > On Sat, Jun 6, 2009 at 1:57 PM, Ryan Dewhurst <ryandewhu...@gmail.com> wrote: >> I moved the wpvchecker.py file into the /plugin/discovery folder. When >> I try to launch w3af I get an error (screenshot attached), the prompt >> only lasts a few seconds so could not copy/paste the full error >> output. >> >> When I remove the wpvchecker.py file out of the dir the error persists >> and I have to un/re install w3af to get it working again. > > Also delete the .pyc file, and no reinstall is needed. > >> Any ideas? > > Yes, many. > You are missing some required methods, like setOptions, getOptions, > getLongDescription, etc. Please see other plugins for a complete list, > >> Thanks again, >> Ryan >> >> 2009/6/6 Andres Riancho <andres.rian...@gmail.com>: >>> Ryan, >>> >>> On Sat, Jun 6, 2009 at 10:59 AM, Ryan Dewhurst <ryandewhu...@gmail.com> >>> wrote: >>>> Hello, >>>> Sorry its been so long with the wrodpress version checker plugin, had >>>> some life problems. >>> >>> No problem man, I hope things are going better now. >>> >>>> Anyway... >>>> >>>> I have come to a logic problem which I cannot seem to solve and was >>>> wondering if any one could give me some pointers... >>>> >>>> Versions '2.5', '2.3.1, 2.3.2 or 2.3.3' and '2.2' are detected by a >>>> file/image being present i.e status 200 >>>> >>>> I cannot figure out how to check for this while using the >>>> self._wp_fingerprint array. >>> >>> The for loop that works with the array looks like this: >>> >>> for data in self._wp_fingerprint: >>> >>> # Complete URL to test, url+file >>> test_URL = urlParser.urlJoin( base_url, >>> self._wp_fingerprint[0] ) >>> >>> if self._wp_fingerprint[1] in response: >>> version = self._wp_fingerprint[2] >>> break >>> else: >>> version = 'Version lower than 2.2' >>> >>> But there are some parts missing, like actually requesting to the >>> server the test_URL. On the other part, the "200" logic could be >>> easily done like this: >>> >>> if self._wp_fingerprint[1] == 200 and not >>> is_404(response): >>> # it was found! >>> elif self._wp_fingerprint[1] in response: >>> version = self._wp_fingerprint[2] >>> break >>> else: >>> version = 'Version lower than 2.2' >>> >>> To make this work, you should change the '' in the fingerprint array >>> by a 200, and it should all work. >>> >>>> Here is the code so far, I have not yet tested it out, but should give >>>> you a basic idea of how it will run. >>> >>> Yes, and it makes much more sense to me this way. The older version >>> was "ugly" :) >>> >>>> I was also thinking of >>>> implementing a plugin version checker as there are many plugins with >>>> vulns. >>> >>> Sure, but lets go step by step, lets finish this plugin, test it a >>> little bit, and then we can go for the next one. >>> >>>> Thank you, >>>> Ryan >>>> >>>> P.S. To test it through w3af, do I just pop the py file into the >>>> plugin folder or is there any other code to be changed? >>> >>> Yes, you have to move this file to the discovery directory and that's it. >>> >>>> 2009/5/31 Ryan Dewhurst <ryandewhu...@gmail.com>: >>>>> Just to let everyone know where I am with the plugin. >>>>> >>>>> I'm a complete n00b at re and couldnt get backbone's code to work, so >>>>> I read a couple of manuals and finally got it working with: >>>>> <meta name="generator" content="[Ww]ord[Pp]ress (\d\.\d\.?\d?)" /> >>>>> >>>>> An explanation of what the plugin will do: >>>>> ----------------------------------------------------------- >>>>> >>>>> It will first check to see if the server has the following file >>>>> "/wp-admin/index.php". >>>>> >>>>> If it does >>>>> >>>>> It will check to see whether or not the version is in the index header. >>>>> >>>>> If it finds the version it will store it in a variable. >>>>> >>>>> It will then run through the checks from my original code to try and >>>>> guess the version. >>>>> >>>>> >>>>> The output will be as follows: >>>>> ------------------------------------------ >>>>> >>>>> If the version is not in the index and not found with the data = >>>>> "version under 2.2" >>>>> If the version is in the index and in the data are the same = >>>>> "whatever version was found" >>>>> If the version is in the index and in the data are different = >>>>> ""Version shows as $version in index header however the data shows >>>>> $version" >>>>> >>>>> I still need to implement the data checks however my girlfriend has >>>>> fallen ill and has been admitted to hospital for an emergency >>>>> operation. I don't think I will be able to finish the plugin this >>>>> weekend as promised earlier however will still be working on it next >>>>> week. >>>>> >>>>> I was also thinking on listing the vulnerabilitys for each version (if >>>>> any) on the output. >>>>> >>>>> Ryan >>>>> >>>>> >>>>> 2009/5/29 Andres Riancho <andres.rian...@gmail.com>: >>>>>> Ryan, >>>>>> >>>>>> On Thu, May 28, 2009 at 10:11 PM, Ryan Dewhurst <ryandewhu...@gmail.com> >>>>>> wrote: >>>>>>> Im loooking into searching the response html of the index page for the >>>>>>> following string: >>>>>>> <meta name="generator" content="WordPress $version" /> >>>>>>> >>>>>>> Ive tried with regular expressions and am unable to get it to work, >>>>>> >>>>>> backbone sent you a solution, >>>>>> >>>>>>> Ive read that re is bad for parsing HTML and that BeautifulSoup >>>>>>> should be used. >>>>>>> >>>>>>> Does w3af already have BeautifulSoup in its dependency list? >>>>>> >>>>>> Yes, it's in the dependency list, but we aren't using it "for that". >>>>>> Long story short, please use the re =) >>>>>> >>>>>>> Ryan >>>>>>> >>>>>>> P.S. Thanks for the advice backbone46, I'll have a look into that once >>>>>>> Ive sorted this out. >>>>>>> >>>>>>> >>>>>>> 2009/5/28 <backbon...@gmail.com>: >>>>>>>> Sorry to bump in just like that in the discussion, about the meta tag >>>>>>>> that >>>>>>>> displays >>>>>>>> the WordPress version. >>>>>>>> >>>>>>>> Only since version 2.7 the generator function is in the core of >>>>>>>> WordPress, >>>>>>>> on >>>>>>>> earlier versions it was only in the theme. >>>>>>>> >>>>>>>> Just wanted to mention that. :) >>>>>>>> >>>>>>>> --- >>>>>>>> http://insanesecurity.info >>>>>>>> >>>>>>>> >>>>>>>> On Thu, May 28, 2009 at 10:53 PM, Ryan Dewhurst >>>>>>>> <ryandewhu...@gmail.com> >>>>>>>> wrote: >>>>>>>>> >>>>>>>>> Yes, I dont see why not. Should be easy enough tro implement. >>>>>>>>> >>>>>>>>> You mentioned during our email conversation that wordpress echos its >>>>>>>>> version number in the page head. I managed to find an example of it. >>>>>>>>> Your right I do have a security plugin installed which must have >>>>>>>>> removed it from my blog. >>>>>>>>> >>>>>>>>> Here is an example: >>>>>>>>> <meta name="generator" content="WordPress 2.7.1" /> >>>>>>>>> >>>>>>>>> >>>>>>>>> 2009/5/28 Andres Riancho <andres.rian...@gmail.com>: >>>>>>>>> > Ryan, >>>>>>>>> > >>>>>>>>> > On Wed, May 27, 2009 at 10:18 PM, Andres Riancho >>>>>>>>> > <andres.rian...@gmail.com> wrote: >>>>>>>>> >> Ryan, >>>>>>>>> >> >>>>>>>>> >> On Wed, May 27, 2009 at 9:58 PM, Ryan Dewhurst >>>>>>>>> >> <ryandewhu...@gmail.com> >>>>>>>>> >> wrote: >>>>>>>>> >>> Hello, >>>>>>>>> >>> Im new to mailing lists so im not sure if this will be sent there. >>>>>>>>> >> >>>>>>>>> >> It depends on the mailing list. This one is configured to accept >>>>>>>>> >> attachments, >>>>>>>>> >> >>>>>>>>> >>> I'll have a look into intergrating the script into w3af over the >>>>>>>>> >>> next >>>>>>>>> >>> couple of days and hopefully have a working version by the >>>>>>>>> >>> weekend. >>>>>>>>> >> >>>>>>>>> >> Excellent, if you need ANY help, just let us know. >>>>>>>>> >> >>>>>>>>> >>> The script is quite simple once you have the gathered the nesesary >>>>>>>>> >>> data. I went through versions 2.2 to 2.7.1 and manually found >>>>>>>>> >>> client >>>>>>>>> >>> side differences in most of them, I also used the official >>>>>>>>> >>> changelogs >>>>>>>>> >>> to help identify them. >>>>>>>>> >> >>>>>>>>> >> Ohhh, you are the guy that wrote that blog post with the "diffs" of >>>>>>>>> >> different wordpress release packages? >>>>>>>>> >> >>>>>>>>> >>> The client side differences are in files such as CSS, javascript >>>>>>>>> >>> and >>>>>>>>> >>> HTML. Some versions did not have any differences apart from having >>>>>>>>> >>> extra files, which can easliy be identified with HTTP response >>>>>>>>> >>> codes. >>>>>>>>> >>> >>>>>>>>> >>> It works as such... >>>>>>>>> >>> >>>>>>>>> >>> Starting from version 2.7.1 (latest), the script tries to find >>>>>>>>> >>> something that 2.7 doesnt have, if it finds that something then >>>>>>>>> >>> the >>>>>>>>> >>> script stops and echos the version number. >>>>>>>>> >>> >>>>>>>>> >>> If the script doesnt find the difference it moves onto >>>>>>>>> >>> identifying the >>>>>>>>> >>> next version, i.e. does 2.7 have something the earlier version >>>>>>>>> >>> doesnt >>>>>>>>> >>> have. and so on and so forth. >>>>>>>>> >> >>>>>>>>> >> Ok, makes sense. >>>>>>>>> >> >>>>>>>>> >> Some comments regarding your code: >>>>>>>>> >> >>>>>>>>> >> - w3af uses PEP-8, with among other things says 4-spaces for >>>>>>>>> >> indentations. Your code has 1-space (?) indentations. Please >>>>>>>>> >> correct >>>>>>>>> >> that. >>>>>>>>> >> >>>>>>>>> >> - The code is pretty simple, but i think it could be done in a >>>>>>>>> >> better >>>>>>>>> >> way. Having that many functions (wp22 to wp271) doesn't seem to be >>>>>>>>> >> a >>>>>>>>> >> good option. Do you think that the code could be changed a little >>>>>>>>> >> bit, >>>>>>>>> >> and create a database (which can be easily updated) and then use >>>>>>>>> >> that >>>>>>>>> >> database to store the information? Example of the databse >>>>>>>>> >> >>>>>>>>> >> self._wp_fingerprint = >>>>>>>>> >> >>>>>>>>> >> [('/wp-includes/js/thickbox/thickbox.css','-ms-filter:'),('/wp-admin/css/farbtastic.css', >>>>>>>>> >> 'farbtastic')] >>>>>>>>> >> >>>>>>>>> >> - Also, by default wordpress publishes the version number in every >>>>>>>>> >> page head. Maybe it would be a good idea to parse that, and >>>>>>>>> >> compare it >>>>>>>>> >> with the result of the fingerprinting. What do you think? >>>>>>>>> > >>>>>>>>> > A good idea would be to have a first step, before all the version >>>>>>>>> > specific checks, that verifies something that's true for all >>>>>>>>> > wordpress >>>>>>>>> > installations (some X file has to be present) before even starting >>>>>>>>> > the >>>>>>>>> > fingerprinting. Could this be done? >>>>>>>>> > >>>>>>>>> >> Cheers, >>>>>>>>> >> >>>>>>>>> >>> Ryan >>>>>>>>> >>> >>>>>>>>> >>> >>>>>>>>> >>> 2009/5/28 Andres Riancho <andres.rian...@gmail.com>: >>>>>>>>> >>>> Ryan, >>>>>>>>> >>>> >>>>>>>>> >>>> On Wed, May 27, 2009 at 5:07 PM, Ryan Dewhurst >>>>>>>>> >>>> <ryandewhu...@gmail.com> wrote: >>>>>>>>> >>>>> Hello, >>>>>>>>> >>>>> I have developed a python script that can detect the version of >>>>>>>>> >>>>> a >>>>>>>>> >>>>> wordpress installation. I think it would fit well within w3af, >>>>>>>>> >>>> >>>>>>>>> >>>> Yes, it seems that it's something good to have in the framework. >>>>>>>>> >>>> >>>>>>>>> >>>> I have like a ton of questions about how it works, could you >>>>>>>>> >>>> please >>>>>>>>> >>>> send the script (as it is) to this mailing list for us to read >>>>>>>>> >>>> it? >>>>>>>>> >>>> >>>>>>>>> >>>>> the >>>>>>>>> >>>>> only problem being is that I have been unable to find a plugin >>>>>>>>> >>>>> development manual to be able to implement my script. >>>>>>>>> >>>> >>>>>>>>> >>>> There is no development manual :( >>>>>>>>> >>>> >>>>>>>>> >>>> For the type of feature that you want to add, the correct thing >>>>>>>>> >>>> is to >>>>>>>>> >>>> use a discovery plugin. discovery plugins are simple, they follow >>>>>>>>> >>>> these rules: >>>>>>>>> >>>> >>>>>>>>> >>>> - the entry point is the discover method >>>>>>>>> >>>> >>>>>>>>> >>>> - the discover method takes a fuzzable request object as a >>>>>>>>> >>>> parameter, >>>>>>>>> >>>> and returns a list of fuzzable requests >>>>>>>>> >>>> (fuzzable requests are representations of GET/POST requests, >>>>>>>>> >>>> which >>>>>>>>> >>>> represent links, and forms) >>>>>>>>> >>>> >>>>>>>>> >>>> - the discover method is called several times in the same scan, >>>>>>>>> >>>> with >>>>>>>>> >>>> the different links that (for example) the webSpider finds. >>>>>>>>> >>>> >>>>>>>>> >>>> I think that the best thing you can do is to read one or two >>>>>>>>> >>>> discovery >>>>>>>>> >>>> plugins (my recommendations are discovery.crossDomain and >>>>>>>>> >>>> discovery.userDir), and start building your own plugin based on >>>>>>>>> >>>> one >>>>>>>>> >>>> of >>>>>>>>> >>>> those. >>>>>>>>> >>>> >>>>>>>>> >>>>> Is there a dev manual out there? >>>>>>>>> >>>> >>>>>>>>> >>>> No >>>>>>>>> >>>> >>>>>>>>> >>>>> Does any one have some tips/advice on writting a plugin? >>>>>>>>> >>>> >>>>>>>>> >>>> Yes, see above, >>>>>>>>> >>>> >>>>>>>>> >>>>> Does any one want me to send them the script for them to >>>>>>>>> >>>>> develop the >>>>>>>>> >>>>> plugin? >>>>>>>>> >>>> >>>>>>>>> >>>> You should develop the plugin yourself, is fun and good for the >>>>>>>>> >>>> project =) >>>>>>>>> >>>> >>>>>>>>> >>>> Cheers, >>>>>>>>> >>>> >>>>>>>>> >>>>> Thank you, >>>>>>>>> >>>>> Ryan >>>>>>>>> >>>>> >>>>>>>>> >>>>> >>>>>>>>> >>>>> ------------------------------------------------------------------------------ >>>>>>>>> >>>>> Register Now for Creativity and Technology (CaT), June 3rd, >>>>>>>>> >>>>> NYC. CaT >>>>>>>>> >>>>> is a gathering of tech-side developers & brand creativity >>>>>>>>> >>>>> professionals. Meet >>>>>>>>> >>>>> the minds behind Google Creative Lab, Visual Complexity, >>>>>>>>> >>>>> Processing, >>>>>>>>> >>>>> & >>>>>>>>> >>>>> iPhoneDevCamp as they present alongside digital heavyweights >>>>>>>>> >>>>> like >>>>>>>>> >>>>> Barbarian >>>>>>>>> >>>>> Group, R/GA, & Big Spaceship. >>>>>>>>> >>>>> http://p.sf.net/sfu/creativitycat-com >>>>>>>>> >>>>> _______________________________________________ >>>>>>>>> >>>>> W3af-develop mailing list >>>>>>>>> >>>>> W3af-develop@lists.sourceforge.net >>>>>>>>> >>>>> https://lists.sourceforge.net/lists/listinfo/w3af-develop >>>>>>>>> >>>>> >>>>>>>>> >>>> >>>>>>>>> >>>> >>>>>>>>> >>>> >>>>>>>>> >>>> -- >>>>>>>>> >>>> Andrés Riancho >>>>>>>>> >>>> Founder, Bonsai - Information Security >>>>>>>>> >>>> http://www.bonsai-sec.com/ >>>>>>>>> >>>> http://w3af.sf.net/ >>>>>>>>> >>>> >>>>>>>>> >>> >>>>>>>>> >> >>>>>>>>> >> >>>>>>>>> >> >>>>>>>>> >> -- >>>>>>>>> >> Andrés Riancho >>>>>>>>> >> Founder, Bonsai - Information Security >>>>>>>>> >> http://www.bonsai-sec.com/ >>>>>>>>> >> http://w3af.sf.net/ >>>>>>>>> >> >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > -- >>>>>>>>> > Andrés Riancho >>>>>>>>> > Founder, Bonsai - Information Security >>>>>>>>> > http://www.bonsai-sec.com/ >>>>>>>>> > http://w3af.sf.net/ >>>>>>>>> > >>>>>>>>> >>>>>>>>> >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT >>>>>>>>> is a gathering of tech-side developers & brand creativity >>>>>>>>> professionals. >>>>>>>>> Meet >>>>>>>>> the minds behind Google Creative Lab, Visual Complexity, Processing, & >>>>>>>>> iPhoneDevCamp as they present alongside digital heavyweights like >>>>>>>>> Barbarian >>>>>>>>> Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com >>>>>>>>> _______________________________________________ >>>>>>>>> W3af-develop mailing list >>>>>>>>> W3af-develop@lists.sourceforge.net >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/w3af-develop >>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Andrés Riancho >>>>>> Founder, Bonsai - Information Security >>>>>> http://www.bonsai-sec.com/ >>>>>> http://w3af.sf.net/ >>>>>> >>>>> >>>> >>> >>> >>> >>> -- >>> Andrés Riancho >>> Founder, Bonsai - Information Security >>> http://www.bonsai-sec.com/ >>> http://w3af.sf.net/ >>> >> > > > > -- > Andrés Riancho > Founder, Bonsai - Information Security > http://www.bonsai-sec.com/ > http://w3af.sf.net/ > ------------------------------------------------------------------------------ OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop