/gist:9840891
Last active Aug 31, 2015
Data sent & received for WPScan
| #!/usr/bin/env ruby | |
| require 'typhoeus' | |
| require 'addressable/uri' | |
| require 'pathname' | |
| require 'ruby-progressbar' | |
| # @return [ Integer ] The memory of the current process in Bytes | |
| def memory_usage | |
| `ps -o rss= -p #{Process.pid}`.to_i * 1024 # ps returns the value in KB | |
| end | |
| # Hack of the Numeric class | |
| class Numeric | |
| # @return [ String ] A human readable string of the value | |
| def bytes_to_human | |
| units = %w(B KB MB GB TB) | |
| e = self > 0 ? (Math.log(self) / Math.log(1024)).floor : 0 | |
| s = format('%.3f', (to_f / 1024**e)) | |
| s.sub(/\.?0*$/, ' ' + units[e]) | |
| end | |
| end | |
| file = Pathname.new(__FILE__).dirname.join('..', 'wpscan', 'data', 'plugins_full.txt').to_s # CHANGE ME | |
| target = 'http://192.168.1.103/wordpress-3.7.1/wp-content/plugins/' # CHANGE ME | |
| found = [] | |
| uri = Addressable::URI.parse(target) | |
| hydra = Typhoeus::Hydra.new(max_concurrency: 16) | |
| progress_bar = ProgressBar.create( | |
| format: '%t %a <%B> (%c / %C) %P%% %e', | |
| title: '', | |
| total: File.readlines(file).size | |
| ) | |
| module Typhoeus | |
| class Response | |
| def raw | |
| response_headers + body | |
| end | |
| def length | |
| raw.length | |
| end | |
| def raw_request | |
| (debug_info.header_out + debug_info.data_out).join | |
| end | |
| def request_length | |
| raw_request.length | |
| end | |
| end | |
| end | |
| module Ethon | |
| class Easy | |
| module Callbacks | |
| def debug_callback | |
| @debug_callback ||= proc {|handle, type, data, size, udata| | |
| message = data.read_string(size) | |
| @debug_info.add type, message | |
| # print message unless [:data_in, :data_out].include?(type) | |
| 0 | |
| } | |
| end | |
| end | |
| end | |
| end | |
| start_memory = memory_usage | |
| start_time = Time.new | |
| total_sent = 0 | |
| total_received = 0 | |
| queue_count = 0 | |
| File.new(file).each_line do |line| | |
| plugin_name = line.chomp | |
| url = uri.join(plugin_name + '/').to_s | |
| request = Typhoeus::Request.new(url, method: :get, verbose: true) | |
| request.on_complete do |response| | |
| progress_bar.progress += 1 | |
| total_sent += response.request_length | |
| total_received += response.length | |
| # print "Reqs #{::ObjectSpace.each_object(::Typhoeus::Request).count} / Res: #{::ObjectSpace.each_object(::Typhoeus::Response).count}\r\n" | |
| found << plugin_name if response.code == 200 | |
| end | |
| hydra.queue(request) | |
| queue_count += 1 | |
| if queue_count >= 16 | |
| hydra.run | |
| queue_count = 0 | |
| end | |
| end | |
| hydra.run | |
| used_memory = memory_usage - start_memory | |
| elapsed_time = Time.now - start_time | |
| puts 'Found:' | |
| p found | |
| puts "Total Sent: #{total_sent.bytes_to_human}" | |
| puts "Total Received: #{total_received.bytes_to_human}" | |
| puts "Memory Used: #{used_memory.bytes_to_human}" | |
| puts "Elapsed Time: #{Time.at(elapsed_time).utc.strftime('%H:%M:%S')}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment