GithubHelp home page GithubHelp logo

hartl3y94 / wpbullet Goto Github PK

View Code? Open in Web Editor NEW

This project forked from webarx-security/wpbullet

0.0 0.0 0.0 232 KB

A static code analysis for WordPress (and PHP)

License: GNU General Public License v2.0

Python 100.00%

wpbullet's Introduction

alt text

wpBullet Build Status Python 2.x|3.x License

A static code analysis for WordPress Plugins/Themes (and PHP)

Installation

Simply clone the repository, install requirements and run the script

  • $ git clone https://github.com/webarx-security/wpbullet wpbullet
  • $ cd wpbullet
  • $ pip install -r requirements.txt
  • $ python wpbullet.py

Usage

Available options:

--path (required) System path or download URL 
Examples:
--path="/path/to/plugin"
--path="https://wordpress.org/plugins/example-plugin"
--path="https://downloads.wordpress.org/plugin/example-plugin.1.5.zip"

--enabled (optional) Check only for given modules, ex. --enabled="SQLInjection,CrossSiteScripting"
--disabled (optional) Don't check for given modules, ex. --disabled="SQLInjection,CrossSiteScripting"
--cleanup (optional) Automatically remove content of .temp folder after scanning remotely downloaded plugin (boolean)
--report (optional) Saves result inside reports/ directory in JSON format (boolean)

$ python wpbullet.py --path="/var/www/wp-content/plugins/plugin-name"

Creating modules

Creating a module is flexible and allows for override of the BaseClass methods for each module as well as creating their own methods

Each module in Modules directory is implementing properties and methods from core.modules.BaseClass, thus each module's required parameter is BaseClass

Once created, module needs to be imported in modules/__init__.py. Module and class name must be consistent in order to module to be loaded.

If you are opening pull request to add new module, please provide unit tests for your module as well.

Module template

Modules/ExampleVulnerability.py

from core.modules import BaseClass


class ExampleVulnerability(object):

    # Vulnerability name
    name = "Cross-site Scripting"

    # Vulnerability severity
    severity = "Low-Medium"

    # Functions causing vulnerability
    functions = [
        "print"
        "echo"
    ]

    # Functions/regex that prevent exploitation
    blacklist = [
        "htmlspecialchars",
        "esc_attr"
    ]

Overriding regex match pattern

Regex pattern is being generated in core.modules.BaseClass.build_pattern and therefore can be overwritten in each module class.

Modules/ExampleVulnerability.py

import copy


...
# Build dynamic regex pattern to locate vulnerabilities in given content
def build_pattern(self, content, file):
    user_input = copy.deepcopy(self.user_input)

    variables = self.get_input_variables(self, content)

    if variables:
        user_input.extend(variables)

    if self.blacklist:
        blacklist_pattern = r"(?!(\s?)+(.*(" + '|'.join(self.blacklist) + ")))"
    else:
        blacklist_pattern = ""

    self.functions = [self.functions_prefix + x for x in self.functions]

    pattern = r"((" + '|'.join(self.functions) + ")\s{0,}\(?\s{0,1}" + blacklist_pattern + ".*(" + '|'.join(user_input) + ").*)"
    return pattern

Testing

Running unit tests: $ python3 -m unittest

wpbullet's People

Contributors

lukasikic avatar nikolagigic avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.