-
Notifications
You must be signed in to change notification settings - Fork 4
/
infocollector.py
executable file
·112 lines (106 loc) · 4.03 KB
/
infocollector.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
#!/usr/bin/env python
# OWASP ODZ Muti CMS Scanner 2013
# Author : Mennouchi Islam Azeddine [email protected]
# This Tool is published Under the GNU public license (for more information license.txt)
# InfoCollector Class :
import re,urllib2,mechanize,xml.etree.ElementTree
from fingerprint import FingerPrint
class InfoCollector:
def __init__(self):
self.fprint = FingerPrint()
def get_admin(self,url):
""" Brute Force the admin link """
f = open("doc/admin.txt")
cont = f.read()
list = cont.split("\n")
for elem in list:
if (self.fprint.check_if_exist(url+"/"+elem)):
print "[!] Found this directory "+elem+"\n"
def get_info_passive(self,url,type):
""" Passive templates and Plugins enumeration """
if (type == "joomla"):
content = self.fprint.get_cont(self,url)
linex1 = re.compile("option,(.*?)/")
linex2 = re.compile('option=(.*?)(&|&|")')
linex3 = re.compile('/component/(.*?)/')
linex4 = re.compile('/templates/(.*?)/')
dir1 = self.fprint.copy(linex1.findall(content))
dir2 = self.fprint.copy(linex2.findall(content))
dir3 = self.fprint.copy(linex3.findall(content))
dir4 = self.fprint.copy(linex4.findall(content))
print "[!] Plugins Found From passive detection: \n"
for elem in dir1:
print elem
for elem in dir2:
print elem
for elem in dir3:
print elem
print "[!] Templates Found from passive detection:\n"
for elem in dir4:
print elem
if (type == "wordpress"):
content = self.fprint.get_cont(url)
linex = re.compile("/plugins/(.*?)/")
linex2 = re.compile("/themes/(.*?)/")
dir = self.fprint.copy(linex.findall(content))
dir2 = self.fprint.copy(linex2.findall(content))
print "[!] Plugins Found From passive detection: \n"
for elem in dir:
print elem
print "[!] Themes Found From passive detection: \n"
for elem in dir2:
print elem
def get_info_aggressive(self,url,mode,item):
""" Agressive Templates and PLugins enumeration """
if (item == "plugins"):
if (mode == "full"):
print "[!] Enumerating All installed Plugins in "+url+"\n"
full = open("doc/plugins_full.txt","r")
cont = full.read()
list = cont.split("\n")
for elem in list:
#print "Test"
#print "[!] Testing"+elem
if (self.fprint.check_if_exist(url+"/wp-content/plugins/"+elem)):
content = self.fprint.get_cont(url+"/wp-content/plugins/"+elem+"/"+"readme.txt")
regex = re.compile('Stable tag: (.+)')
version = regex.findall(content)
if (len(version)!=0):
print "[!] Found "+elem+" Version "+version[0]
else:
print "[!] Found "+elem+" Version ?"
if (mode == "top"):
print "[!] Enumerating Most Downloaded installed Plugins in "+url+"\n"
top = open("doc/plugins.txt","r")
cont = top.read()
list = cont.split("\n")
for elem in list:
#print "[x] Testing : "+elem
if (self.fprint.check_if_exist(url+"/wp-content/plugins/"+elem)):
content = self.fprint.get_cont(url+"/wp-content/plugins/"+elem+"/"+"readme.txt")
regex = re.compile('Stable tag: (.+)')
version = regex.findall(content)
if (len(version)!=0):
print "[!] Found "+elem+" Version "+version[0]
else:
print "[!] Found "+elem+" Version ?"
if (item == "themes"):
if (mode == "full"):
print "[!] Enumerating All installed Themes in "+url+"\n"
full = open("doc/themes_full.txt","r")
cont = full.read()
list = cont.split("\n")
for elem in list:
#print "Test"
#print "[!] Testing"+elem
if (self.fprint.check_if_exist(url+"/wp-content/themes/"+elem)):
print "[!] Found "+elem+" Theme"
if (mode == "top"):
print "[!] Enumerating Most Downloaded installed Themes in "+url+"\n"
top = open("doc/themes.txt","r")
cont = top.read()
list = cont.split("\n")
for elem in list:
#print "[x] Testing : "+elem
if (self.fprint.check_if_exist(url+"/wp-content/themes/"+elem)):
print "[!] Found "+elem+" Theme"