21 lines
925 B
Python
21 lines
925 B
Python
from autorecon.plugins import ServiceScan
|
|
|
|
class WPScan(ServiceScan):
|
|
|
|
def __init__(self):
|
|
super().__init__()
|
|
self.name = 'WPScan'
|
|
self.tags = ['default', 'safe', 'http']
|
|
|
|
def configure(self):
|
|
self.add_option('api-token', help='An API Token from wpvulndb.com to help search for more vulnerabilities.')
|
|
self.match_service_name('^http')
|
|
self.match_service_name('^nacn_http$', negative_match=True)
|
|
|
|
def manual(self, service, plugin_was_run):
|
|
api_token = ''
|
|
if self.get_option('api-token'):
|
|
api_token = ' --api-token ' + self.get_option('api-token')
|
|
|
|
service.add_manual_command('(wpscan) WordPress Security Scanner (useful if WordPress is found):', 'wpscan --url {http_scheme}://{addressv6}:{port}/ --no-update -e vp,vt,tt,cb,dbe,u,m --plugins-detection aggressive --plugins-version-detection aggressive -f cli-no-color' + api_token + ' 2>&1 | tee "{scandir}/{protocol}_{port}_{http_scheme}_wpscan.txt"')
|