Wordpress-Scanner/findexploit.py at main · Cyber-Aakash/Wordpress-Scanner · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
from urllib.parse import urlparse, parse_qs
import requests
import json
from bs4 import BeautifulSoup

def findvulnerabilities(url):
    try:
        response = requests.get(url+"feed")

        if response.status_code == 200:
            soup = BeautifulSoup(response.text,'xml')

        generator_tag = soup.find('generator')

        if generator_tag:
            wordpress_version = generator_tag.string
            parse_url = urlparse(wordpress_version)
            parse_version = parse_qs(parse_url.query)

            if 'v' in parse_version:
                version = parse_version['v'][0]
                int_conversion =  int(version.replace(".",""))
                print(int_conversion)
                addverison = str(int_conversion)

                api_token = 'IdI5IRSEkWXDy032v01GXa8ZIn9YGWhjpaDQl2Nj93A'
                headers = {'Authorization': 'Token token='f'{api_token}'}
                wpurl = "https://wpscan.com/api/v3/wordpresses/"
                response = requests.get(wpurl+addverison, headers=headers)
                data = response.json()
                # print(data)
                decode_json = json.dumps(data, indent=4)
                print(decode_json)

            else:
                print("Wordpress Version not found")
        else:
            print("Failed to load the website")
    except:
        print("URL is not Valid")