get wordpress site using a dork the attacker may do a password list attack (i did a tool for that purpose check my pastebin) or scan for common vulnerabilities using wpscan for example (i did a simple tool for multi scanning using wpscan)
(self)
| 1113 | print site |
| 1114 | |
| 1115 | def getWordpress(self): |
| 1116 | """ |
| 1117 | get wordpress site using a dork the attacker |
| 1118 | may do a password list attack (i did a tool for that purpose check my pastebin) |
| 1119 | or scan for common vulnerabilities using wpscan for example (i did a simple tool |
| 1120 | for multi scanning using wpscan) |
| 1121 | """ |
| 1122 | lista = [] |
| 1123 | page = 1 |
| 1124 | while page <= 101: |
| 1125 | try: |
| 1126 | bing = "http://www.bing.com/search?q=ip%3A" + \ |
| 1127 | self.serverip + "+?page_id=&count=50&first=" + str(page) |
| 1128 | openbing = urllib2.urlopen(bing) |
| 1129 | readbing = openbing.read() |
| 1130 | findwebs = re.findall('<h2><a href="(.*?)"', readbing) |
| 1131 | for i in range(len(findwebs)): |
| 1132 | wpnoclean = findwebs[i] |
| 1133 | findwp = re.findall('(.*?)\?page_id=', wpnoclean) |
| 1134 | lista.extend(findwp) |
| 1135 | page += 50 |
| 1136 | except: |
| 1137 | pass |
| 1138 | lista = unique(lista) |
| 1139 | clearScr() |
| 1140 | print '[*] Found ', len(lista), ' Wordpress Website\n' |
| 1141 | for site in lista: |
| 1142 | print site |
| 1143 | |
| 1144 | def getJoomla(self): |
| 1145 | """ |