Beispiel #1
0
 /**
  * @return mixed
  */
 private function findThemes()
 {
     $directories = $this->filesystem->directories($this->config->get('themes.path'));
     return Collection::make($directories)->reduce(function (&$initial, $directory) {
         $plugin = $this->get_theme_date($directory . '/style.css');
         if (!empty($plugin['Name']) && !empty($plugin['Version'])) {
             $plugin['Name'] = basename($directory);
             $initial[] = $this->transformWPPluginToTheme($plugin);
         }
         return $initial;
     }, []);
 }
 /**
  * @return int
  */
 public function handle()
 {
     $themes = $this->pipeline->send([])->through($this->config->get('themes.providers'))->then(function ($resolved_themes) {
         return $resolved_themes;
     });
     $vulnerable_themes = Collection::make($themes)->map(function (Entity $theme) {
         return [$theme->getName(), $theme->getTitle(), $theme->getMessage()];
     });
     if ($vulnerable_themes->count() > 0) {
         $this->error('Vulnerable Themes Found!');
         $this->table(['name', 'title', 'message'], $vulnerable_themes);
         return 1;
     }
     return 0;
 }
Beispiel #3
0
 /**
  * @return mixed
  */
 private function findPlugins()
 {
     $directories = $this->filesystem->directories($this->config->get('plugins.path'));
     return Collection::make($directories)->reduce(function (&$initial, $directory) {
         $files = $this->filesystem->glob($directory . '/*.php');
         foreach ($files as $file) {
             $plugin = $this->get_plugin_data($file);
             if (!empty($plugin['Title']) && !empty($plugin['Version'])) {
                 $plugin['Name'] = basename($directory);
                 $initial[] = $this->transformWPPluginToPlugin($plugin);
             }
         }
         return $initial;
     }, []);
 }
Beispiel #4
0
 /**
  * @param $entities
  *
  * @return mixed
  */
 private function findVulnerabilities(array $entities)
 {
     $requests = Collection::make($entities)->map(function (Entity $entity) {
         return function () use($entity) {
             return $this->vulnDBApi->getAsync($this->getAPIPath($entity));
         };
     })->getIterator();
     (new Pool($this->vulnDBApi, $requests, ['concurrency' => $this->config->get('http.concurrency'), 'fulfilled' => function ($response, $index) use(&$entities) {
         if ($response->getStatusCode() === 200) {
             $response_object = json_decode((string) $response->getBody());
             if ($this->isVulnerable($response_object, $entities[$index], $vulnerabilities)) {
                 $entities[$index]->vulnerable(Collection::make($vulnerabilities)->implode('title', ','));
             }
         }
     }]))->promise()->wait();
     return $entities;
 }
Beispiel #5
0
 /**
  * @return mixed
  */
 private function findWordpress()
 {
     return $this->get_wordpress_version($this->config->get('wordpress.path') . '/wp-includes/version.php');
 }