Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "Wordpress Fingerprinting"

From NetSec
Jump to: navigation, search
(Added version 3.3.1)
Line 1: Line 1:
{{info|Wordpress comes bundled with the tinymce.js plug-in.  Because this code changes '''every''' wordpress release, we are able to use its [[Cryptography|md5sum]] to determine a wordpress version against a target site.  A [[perl]] script is below.}}
+
{{InHouse}}{{info|Wordpress comes bundled with the tinymce.js plug-in.  Because this code changes '''every''' wordpress release, we are able to use its [[Cryptography|md5sum]] to determine a wordpress version against a target site.  A [[perl]] script is below.}}
  
 
<syntaxhighlight lang="perl">
 
<syntaxhighlight lang="perl">

Revision as of 03:55, 12 March 2012

We have more tools coming soon! Look forward to Chimera Live CD.
c3el4.png
These are the offensive security tools developed by our wiki staff.
c3el4.png Wordpress comes bundled with the tinymce.js plug-in. Because this code changes every wordpress release, we are able to use its md5sum to determine a wordpress version against a target site. A perl script is below.

<syntaxhighlight lang="perl">

  1. !/usr/bin/perl

use strict; use LWP::UserAgent; use HTTP::Request; use HTTP::Response; use Digest::MD5 qw(md5_hex);

my $domain = shift || die "No domain provided.\n";

my %ver_hash = (

 'a306a72ce0f250e5f67132dc6bcb2ccb' => '2.0',
 '4f04728cb4631a553c4266c14b9846aa' => '2.1',
 '25e1e78d5b0c221e98e14c6e8c62084f' => '2.2',
 '83c83d0f0a71bd57c320d93e59991c53' => '2.3',
 '7293453cf0ff5a9a4cfe8cebd5b5a71a' => '2.5',
 '61740709537bd19fb6e03b7e11eb8812' => '2.6',
 'e6bbc53a727f3af003af272fd229b0b2' => '2.7,2.7.1',
 '56c606da29ea9b8f8d823eeab8038ee8' => '2.8.5',
 '128e75ed19d49a94a771586bf83265ec' => '2.9.1,3.0.0',
 '0711a6aa3862ac0dd2f9ef1a3d26f809' => '3.0.1 - 3.0.6',
 '1786644689f0495f07d5ae1737395108' => '3.1.1 - 3.1.4',
 'b2c6b6d221c816948248b453046355eb' => '3.2 / 3.2.1',
 'c67211f73b63e773e626127aa95338c2' => '3.1',
 'a57c0d7464527bc07b34d675d4bf0159' => '3.2.1',
 '6c6895e2d8b7fc2ffcf17fedac81c7e8' => 'Wordpress.com 2011-9-2',
 '9754385dabfc67c8b6d49ad4acba25c3' => '3.3.1'
 );

my $js = "/wp-includes/js/tinymce/tiny_mce.js"; my $fullurl = sprintf("http://%s%s", $domain, $js);

my $digestobj = Digest::MD5->new; my $ua = new LWP::UserAgent;


my $content; $ua->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10"); my $req = new HTTP::Request GET => "$fullurl"; my $res = $ua->request($req); print "\nRequesting\t$fullurl\n"; if ($res->is_error) {

 print $res->status_line;

} if ($res->is_success) {

 $content = $res->content;
 my $md5 = $digestobj->add("$content");
 my $final = $md5->hexdigest;
 print "MD5:\t\t$final\n";
 print "Version:\t$ver_hash{$final}\n\n";

} </syntaxhighlight>



Wordpress Fingerprinting
is part of a series on

Web applications

Visit the Web applications Portal for complete coverage.