Is it possible to scan a website, parse the output and cross reference it with the exploits available in the database?

Otherwise the project looks promising.

The exploits could do with sorting in to sub folders, e.g "contact-form" - This should allow people to find the modules more easily.

Both show and search commands currently expect a mandatory argument. I think it would make sense to have them display everything they can (both options and advanced options for show, and all available modules for search).

Everytime i use "bundle install", it'll warn me that An error occurred while installing mime-types-data (3.2016.0221), and Bundler cannot continue.But when i use "gem install mime-types-data -v '3.2016.0221'",it works.Please help me solve it.

root@localhost:~/Downloads/wordpress-exploit-framework-master# ruby wpxf.rb
/usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in require': cannot load such file -- colorize (LoadError) from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:inrequire'
from /root/Downloads/wordpress-exploit-framework-master/env.rb:10:in <top (required)>' from wpxf.rb:4:inrequire_relative'
from wpxf.rb:4:in `

• ihave follwed all the instrution on the readme file ,
  iam using kali rolling

Hi rastating,

first thank for your work!

When I run the tool

Failed to load required dependency: typhoeus

You must run "bundle install" prior to using WordPress Exploit Framework.
If bundler is not present on your system, you can install it by running "gem ins
tall bundler"

E:\Ruby\wordpress-exploit-framework-master>bundle install
Using bundler 1.16.1
Using colorize 0.8.1
Using diff-lcs 1.3
Using ffi 1.9.18 (x64-mingw32)
Using ethon 0.11.0
Using mime-types-data 3.2016.0521
Using mime-types 3.1
Using mini_portile2 2.3.0
Using nokogiri 1.8.1 (x64-mingw32)
Using require_all 1.5.0
Using rspec-support 3.7.0
Using rspec-core 3.7.0
Using rspec-expectations 3.7.0
Using rspec-mocks 3.7.0
Using rspec 3.7.0
Using rubyzip 1.2.1
Using slop 4.6.1
Using typhoeus 1.3.0
Bundle complete! 8 Gemfile dependencies, 18 gems now installed.
Use bundle info [gemname] to see where a bundled gem is installed.

E:\Ruby\wordpress-exploit-framework-master>

Ruby installed

ruby 2.4.3p205 (2017-12-14 revision 61247) [x64-mingw32]

$ruby wpxf.rb
/usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in require': /home/derento/Scrivania/wordpress-exploit-framework/lib/wpxf/net/http_server.rb:92: syntax error, unexpected '.' (SyntaxError) @http_server_thread&.exit ^ from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in require'
from /home/derento/Scrivania/wordpress-exploit-framework/lib/wpxf/core.rb:58:in <top (required)>' from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in require'
from /usr/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in require' from /home/derento/Scrivania/wordpress-exploit-framework/env.rb:43:in <top (required)>'
from wpxf.rb:4:in require_relative' from wpxf.rb:4:in

Currently, the only way to know available commands is to "tab-tab", which just gives a list of registered commands. For example, I try the show command, I'm told it's supposed to take an argument, but nothing tells me what arguments it expects, tried show modules and show exploits (like in metasploit), but both didn't work, and I still have no idea of what arguments I should give.

A help / help <command> would thus be really useful to know what each command does, and what arguments they expect.

whenever i try to run your program .

ruby wpxf.rb

I get the following errors

/usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in require': cannot load such file -- require_all (LoadError) from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:inrequire'
from /opt/wordpress-exploit-framework/env.rb:13:in <top (required)>' from wpxf.rb:4:inrequire_relative'
from wpxf.rb:4:in `

On Code Climate, a large number of issues are currently open for the WordPress Exploit Framework project. A large amount of these are regarding code duplication and complexity, and are slightly more difficult to fix , but there are also a number of style issues, which should be relatively easy to resolve.

The style issues can be found here: https://codeclimate.com/github/rastating/wordpress-exploit-framework/issues?category=style#

If looking into multiple issues, one pull request should be made per type of issue. For example, if you want to fix all the frozen string literal issues, and the empty method issues, you should create one pull request to resolve the frozen string literal issues, and another separate pull request to fix the empty method issues.

Splitting the issues up into separate pull requests will make the reviewing process easier and more manageable.

As always, read the Contributing Guidelines first before starting.

Good luck, have fun and happy Hacktoberfest :)

Setg (or set global) means less typing... ala metasploit.

Hi, small issue while attempting to run the first time

uname -a

Linux kali 4.6.0-kali1-amd64 #1 SMP Debian 4.6.4-1kali1 (2016-07-21) x86_64 GNU/Linux

after apt-get update and installing required packages still get an error

ruby wpxf.rb error

/usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in require': cannot load such file -- colorize (LoadError) from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in require'
from /root/Code/wordpress-exploit-framework/env.rb:1:in <top (required)>' from wpxf.rb:4:in require_relative'
from wpxf.rb:4:in <main>' from wpxf.rb:4:in

'

When I press ^D I received an error like this:

wpxf [exploit/alo_easymail_csrf_xss_shell_upload] >   [!] Uncaught error: undefined method `split' for nil:NilClass
  [!] /xxx/wordpress-exploit-framework/lib/cli/console.rb:117:in `block in
      start'
      /xxx/wordpress-exploit-framework/lib/cli/console.rb:114:in `loop'
      /xxx/wordpress-exploit-framework/lib/cli/console.rb:114:in `start'
      ./wpxf.rb:93:in `<main>'

It was expecting the shell to exit.

root@kalih4ck:/home/sjodi442/wordpress-exploit-framework# ./wpxf.rb
/usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in require': cannot load such file -- colorize (LoadError) from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in require'
from /home/sjodi442/wordpress-exploit-framework/env.rb:1:in <top (required)>' from ./wpxf.rb:4:in require_relative'
from ./wpxf.rb:4:in `

Hello there!
Guys, is there a possibility to make wpx as a gem?

Hello,can you help me to fix this error ?:

`Installing nokogiri 1.6.7.2 with native extensions

Gem::Ext::BuildError: ERROR: Failed to build gem native extension.

/usr/bin/ruby2.2 -r ./siteconf20160307-23919-gfhnk5.rb extconf.rb

checking if the C compiler accepts ... yes
Building nokogiri using packaged libraries.
Using mini_portile version 2.0.0
checking for gzdopen() in -lz... no
zlib is missing; necessary for building libxml2
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers. Check the mkmf.log file for more details. You may
need configuration options.

Provided configuration options:
--with-opt-dir
--without-opt-dir
--with-opt-include
--without-opt-include=${opt-dir}/include
--with-opt-lib
--without-opt-lib=${opt-dir}/lib
--with-make-prog
--without-make-prog
--srcdir=.
--curdir
--ruby=/usr/bin/$(RUBY_BASE_NAME)2.2
--help
--clean
--use-system-libraries
--enable-static
--disable-static
--with-zlib-dir
--without-zlib-dir
--with-zlib-include
--without-zlib-include=${zlib-dir}/include
--with-zlib-lib
--without-zlib-lib=${zlib-dir}/lib
--enable-cross-build
--disable-cross-build

extconf failed, exit code 1

Gem files will remain installed in /var/lib/gems/2.2.0/gems/nokogiri-1.6.7.2 for inspection.
Results logged to /var/lib/gems/2.2.0/extensions/x86-linux/2.2.0/nokogiri-1.6.7.2/gem_make.out
Using rspec-core 3.4.3
Using rspec-expectations 3.4.0
Using rspec-mocks 3.4.1
Using typhoeus 1.0.1
An error occurred while installing nokogiri (1.6.7.2), and Bundler cannot continue.
Make sure that gem install nokogiri -v '1.6.7.2' succeeds before bundling.`

The base path for the require calls in env.rb are all relative to the current working directory, it seems.

Which causes the below error if running wpxf.rb from a directory other than the one it is stored in:

/home/rastating/.rvm/rubies/ruby-2.2.2/lib/ruby/site_ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in `require': cannot load such file -- wpxf/core (LoadError)

There is some code in the first 8 lines of env.rb (see below) that is supposed to deal with this by adding the directory of the project to the load path, which needs fixing.

wpxfbase = __FILE__
while File.symlink?(wpxfbase)
  wpxfbase = File.expand_path(File.readlink(wpxfbase), File.dirname(wpxfbase))
end

app_path = File.expand_path(File.join(File.dirname(wpxfbase)))
$LOAD_PATH.unshift(app_path, 'lib')
$LOAD_PATH.unshift(app_path, 'modules')

ruby wpxf.rb
/usr/local/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:in require': cannot load such file -- colorize (LoadError) from /usr/local/lib/ruby/2.2.0/rubygems/core_ext/kernel_require.rb:54:inrequire'
from /root/ruby-2.2.4/wordpress-exploit-framework/env.rb:10:in <top (required)>' from wpxf.rb:4:inrequire_relative'
from wpxf.rb:4:in `

I am trying to do some experiment with my own website and whenever i try to run exploit/shell/revslider_shell_upload it upload the shell in
somewebsite.com/wp-content/plugins/revslider/temp/update_extract/revslider/KENcyLYEs.php
how i can change the upload path for payload from plugins/revslider/temp/update_extract/revslider/KENcyLYEs.php => /wp-content/uploads/2015/09/KENcyLYEs.php

please suggest as soon as possible

Exploit modules in WordPress Exploit Framework often have a name which is similar to what is recorded in the WPScan Vulnerability Database, but not exactly the same.

Here is an example:

The name in the module is Creative Contact Form Shell Upload whereas the name in the WPScan Vulnerability Database is Creative Contact Form <= 0.9.7 Shell Upload. This makes searching by name difficult...

Every vulnerability recorded in the WPScan Vulnerability Database has a unique ID. The author of module in my example has included the ID under references:

references: [ 
         ['EDB', '35057'], 
         ['WPVDB', '7652'] 
], 

So what I'm proposing is the ability to search WordPress Exploit Framework using the WPScan Vulnerability Database ID (WPVDB ID).

Searching by ID has several advantages, such as:

• IDs are immutable (they should never change) whereas a title might change, for example if a vulnerability is submitted with a typo/spelling mistake.
• If a vulnerability includes punctuation in the name such as a hyphen, it is easy for this to be reproduced incorrectly (‒, –, —, ―). There's no such ambiguity with a numeric ID.
• If in the future the WPScan Vulnerability Database decides to support multiple languages, the ID remains consistent across languages.

wpxf > use exploit/aries_revslider_shell_upload

[+] Loaded module: #Wpxf::Exploit::AriesRevsliderShellUpload:0x00000002ca8968

wpxf [exploit/aries_revslider_shell_upload] > show options

Module options:

Name         Current Setting   Required   Description
----------   ---------------   --------   --------------------------------------
host                           true       Address of the target host.
port         80                true       Port the remote host is listening on
proxy                          false      Proxy address ([protocol://]host:port)
ssl          false             true       Use SSL/HTTPS for all requests
target_uri   /                 true       Base path to the WordPress application
verbose      false             true       Enable verbose output
vhost                          false      HTTP server virtual host

wpxf [exploit/aries_revslider_shell_upload] > set host http://xxx.de/

[+] Set host => http://xxx.de/

wpxf [exploit/aries_revslider_shell_upload] > run

[!] One or more required options not set: payload

works with set but not gset