Nmap Development mailing list archives
[Enhancement+Bug] Latest theme checking support for http-wordpress-enum
From: Gyanendra Mishra <anomaly.the () gmail com>
Date: Wed, 11 Feb 2015 03:40:45 +0530
Hi, Recently http-wordpress-plugins was merged with http-wordpress-themes and a few other features were added.[1] I have added latest version checking for themes. Currently for clarity I have kept it as a separate function(get_latest_theme_version) which can easily be combined with the function that returns the latest plugin version. Every theme seems to have the theme version stored here : https://wordpress.org/themes/rss/topic/<themename> In the <description> there is an <img> that has the latest version in src attribute. I am essentially fetching the latest version of the theme from there. As its rss its fast to fetch. I have attached the modified http-wordpress-enum file. After I was done with the script I tried running it. That is when I noticed a bug. It seems that if the search limit is X the script shows top X themes/plugins in wp-themes.lst/wp-plugins.lst even if they aren't being used on the target. Could someone please confirm this? Its probably a small error, will work on it tomorrow. Gyanendra [1]:http://nmap.org/nsedoc/scripts/http-wordpress-enum.html
Attachment:
http-wordpress-enum.nse
Description:
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [Enhancement+Bug] Latest theme checking support for http-wordpress-enum Gyanendra Mishra (Feb 10)
- Re: [Enhancement+Bug] Latest theme checking support for http-wordpress-enum Daniel Miller (Feb 11)
- Re: [Enhancement+Bug] Latest theme checking support for http-wordpress-enum Gyanendra Mishra (Feb 11)
- Re: [Enhancement+Bug] Latest theme checking support for http-wordpress-enum Gyanendra Mishra (Feb 14)
- Re: [Enhancement+Bug] Latest theme checking support for http-wordpress-enum Daniel Miller (Feb 11)