/** * @return mixed */ private function findThemes() { $directories = $this->filesystem->directories($this->config->get('themes.path')); return Collection::make($directories)->reduce(function (&$initial, $directory) { $plugin = $this->get_theme_date($directory . '/style.css'); if (!empty($plugin['Name']) && !empty($plugin['Version'])) { $plugin['Name'] = basename($directory); $initial[] = $this->transformWPPluginToTheme($plugin); } return $initial; }, []); }
/** * @return int */ public function handle() { $themes = $this->pipeline->send([])->through($this->config->get('themes.providers'))->then(function ($resolved_themes) { return $resolved_themes; }); $vulnerable_themes = Collection::make($themes)->map(function (Entity $theme) { return [$theme->getName(), $theme->getTitle(), $theme->getMessage()]; }); if ($vulnerable_themes->count() > 0) { $this->error('Vulnerable Themes Found!'); $this->table(['name', 'title', 'message'], $vulnerable_themes); return 1; } return 0; }
/** * @return mixed */ private function findPlugins() { $directories = $this->filesystem->directories($this->config->get('plugins.path')); return Collection::make($directories)->reduce(function (&$initial, $directory) { $files = $this->filesystem->glob($directory . '/*.php'); foreach ($files as $file) { $plugin = $this->get_plugin_data($file); if (!empty($plugin['Title']) && !empty($plugin['Version'])) { $plugin['Name'] = basename($directory); $initial[] = $this->transformWPPluginToPlugin($plugin); } } return $initial; }, []); }
/** * @param $entities * * @return mixed */ private function findVulnerabilities(array $entities) { $requests = Collection::make($entities)->map(function (Entity $entity) { return function () use($entity) { return $this->vulnDBApi->getAsync($this->getAPIPath($entity)); }; })->getIterator(); (new Pool($this->vulnDBApi, $requests, ['concurrency' => $this->config->get('http.concurrency'), 'fulfilled' => function ($response, $index) use(&$entities) { if ($response->getStatusCode() === 200) { $response_object = json_decode((string) $response->getBody()); if ($this->isVulnerable($response_object, $entities[$index], $vulnerabilities)) { $entities[$index]->vulnerable(Collection::make($vulnerabilities)->implode('title', ',')); } } }]))->promise()->wait(); return $entities; }
/** * @return mixed */ private function findWordpress() { return $this->get_wordpress_version($this->config->get('wordpress.path') . '/wp-includes/version.php'); }