通过
搜索
搜索10up / wpcli-vulnerability-scanner
检查已安装插件和主题中的漏洞
1.2.1
2024-04-01 13:45 UTC
Requires
- php: >=7.0
- halaxa/json-machine: ^1.1
Requires (Dev)
- wp-cli/extension-command: ^2.1
- wp-cli/wp-cli-tests: ^3.1
README
检查WordPress核心、已安装插件和主题中的漏洞。
安装
全局命令,自动
可以通过git仓库安装为wp-cli包,这是最推荐的方式。
wp package install 10up/wpcli-vulnerability-scanner:dev-stable
API访问
WP-CLI漏洞扫描器与WPScan、Patchstack和Wordfence Intelligence协同工作,检查报告的漏洞;您可以选择这三个中的任何一个来使用。您需要在您的wp-config.php中添加一个常量来决定您想使用哪个API服务(默认将使用WPScan API)。
要使用WPScan API
define( 'VULN_API_PROVIDER', 'wpscan' );
要使用Patchstack API
define( 'VULN_API_PROVIDER', 'patchstack' );
要使用Wordfence Intelligence API
define( 'VULN_API_PROVIDER', 'wordfence' );
注意:Wordfence Intelligence漏洞API(https://www.wordfence.com/wti-community-edition-terms-and-conditions/)不需要认证。如果使用Wordfence作为提供商,则不需要VULN_API_TOKEN。
对于WPScan和Patchstack,您需要注册一个用户帐户并从所选的API服务提供API令牌。一旦获得令牌,您可以将其添加到wp-config.php中,如下所示
define( 'VULN_API_TOKEN', 'YOUR_TOKEN_HERE' );
全局命令,手动
克隆此仓库,切换到稳定分支,从wp-cli配置中要求wpcli-vulnerability-scanner.php。例如,在~/.wp-cli/config.yml中[其他配置位置]
require:
- /path/to/this/repo/wpcli-vulnerability-scanner.php
标准插件
此仓库可以作为常规插件安装。没有UI,但命令将可用。
wp plugin install --activate https://github.com/10up/wpcli-vulnerability-scanner/archive/stable.zip
插件安装后,您可以使用wp help vuln来验证命令是否就绪
用法
wp vuln status
- 选项
--test加载测试数据--format=<format>接受的值:table、csv、json、count、ids、yaml。默认:table--nagios生成nagios输出--reference在输出中包含漏洞的参考链接
wp vuln core-status
- 选项
--format=<format>接受的值:table、csv、json、count、ids、yaml。默认:table--nagios生成nagios输出--reference在输出中包含漏洞的参考链接
wp vuln plugin-status
- 选项
--test加载测试数据--porcelain仅打印有更新的漏洞插件的slug--format=<format>接受的值:table、csv、json、count、ids、yaml。默认:table--nagios生成nagios输出--reference在输出中包含漏洞的参考链接
wp vuln theme-status
- 选项
--test加载测试数据--porcelain仅打印有更新的漏洞主题的slug--format=<format>接受的值:table、csv、json、count、ids、yaml。默认:table--nagios生成nagios输出--reference在输出中包含漏洞的参考链接
示例输出
检查WordPress核心、插件和主题中的报告漏洞
$ wp vuln status Vulnerability API Provider: Patchstack WordPress 6.2.2 +-----------+-------------------+-----------------------------------------------------------+---------------+----------+----------+ | name | installed version | status | introduced in | fixed in | severity | +-----------+-------------------+-----------------------------------------------------------+---------------+----------+----------+ | WordPress | 6.2.2 | No vulnerabilities reported for this version of WordPress | n/a | n/a | n/a | +-----------+-------------------+-----------------------------------------------------------+---------------+----------+----------+ Plugins +-----------------------------+-------------------+----------------------------------------------------------------------------------------------------------------+---------------+----------+---------------+ | name | installed version | status | introduced in | fixed in | severity | +-----------------------------+-------------------+----------------------------------------------------------------------------------------------------------------+---------------+----------+---------------+ | simple-podcasting | 1.5.0 | No vulnerabilities reported for this version of simple-podcasting | n/a | n/a | n/a | | woocommerce | 7.8.2 | No vulnerabilities reported for this version of woocommerce | n/a | n/a | n/a | | wordpress-seo | 20.2 | Wordpress Yoast SEO plugin <= 20.2 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting vulnerability | <= 20.2 | 20.2.1 | Medium 6.5/10 | +-----------------------------+-------------------+----------------------------------------------------------------------------------------------------------------+---------------+----------+---------------+ Themes +-------------------+-------------------+-------------------------------------------------------------------+---------------+----------+----------+ | name | installed version | status | introduced in | fixed in | severity | +-------------------+-------------------+-------------------------------------------------------------------+---------------+----------+----------+ | twentytwentythree | 1.1 | No vulnerabilities reported for this version of twentytwentythree | n/a | n/a | n/a | +-------------------+-------------------+-------------------------------------------------------------------+---------------+----------+----------+
使用JSON格式
$ wp vuln status --format=json
{"core":[{"name":"WordPress","installed version":"6.2.2","status":"No vulnerabilities reported for this version of WordPress","introduced in":"n\/a","fixed in":"n\/a","severity":"n\/a"}],"plugins":[{"name":"simple-podcasting","installed version":"1.5.0","status":"No vulnerabilities reported for this version of simple-podcasting","introduced in":"n\/a","fixed in":"n\/a","severity":"n\/a"},{"name":"woocommerce","installed version":"7.8.2","status":"No vulnerabilities reported for this version of woocommerce","introduced in":"n\/a","fixed in":"n\/a","severity":"n\/a"},{"name":"wordpress-seo","installed version":"20.2","status":"Wordpress Yoast SEO plugin <= 20.2 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting vulnerability","introduced in":"<= 20.2","fixed in":"20.2.1","severity":"Medium 6.5\/10"}],"themes":[{"name":"twentytwentythree","installed version":"1.1","status":"No vulnerabilities reported for this version of twentytwentythree","introduced in":"n\/a","fixed in":"n\/a","severity":"n\/a"}]}
检查任何给定的主题
$ wp vuln theme-check twentyfifteen --version=1.1 Vulnerability API Provider: Patchstack +---------------+-------------------+--------------------------------------------------------------+----------+----------+ | name | installed version | status | fixed in | severity | +---------------+-------------------+--------------------------------------------------------------+----------+----------+ | twentyfifteen | 1.1 | WordPress Twenty Fifteen Theme <= 1.1 - Cross Site Scripting | 1.2 | n/a | +---------------+-------------------+--------------------------------------------------------------+----------+----------+
使用JSON格式
$ wp vuln theme-check twentyfifteen --version=1.1 --format=json
[{"name":"twentyfifteen","installed version":"1.1","status":"WordPress Twenty Fifteen Theme <= 1.1 - Cross Site Scripting","fixed in":"1.2","severity":"n\/a"}]
示例用法
基本
wp plugin update $(wp vuln plugin-status --porcelain)
如果没有slug由plugin-status命令返回,将简单地报错。可以通过添加 &> /dev/null来抑制输出
wp theme update $(wp vuln theme-status --porcelain) &> /dev/null
计划/定时任务
0 0 * * * wp theme update $(wp vuln theme-status --porcelain) &> /dev/null
0 0 * * * wp plugin update $(wp vuln plugin-status --porcelain) &> /dev/null
0 0 * * * 是每天午夜。要创建替代计划,请参阅http://crontab.guru/。例如,0 0 * * 1,4在每周一和周四午夜运行。
带有电子邮件通知
包含一个示例bash脚本,includes/vuln.sh。您可以自定义并用于cron作业,以便在发现漏洞时收到警报。
-
WPCLIPATH应该是您的wp命令的完整路径。如果提供的文件名不存在,脚本将尝试自动发现此路径 -
RECIPIENT应该是将接收通知的电子邮件地址 -
SUBJECT是电子邮件主题
本说明文档不讨论如何在您的服务器上配置mail命令。为了进行简单测试,请尝试
echo "This is the body text" | mail -s "Email subject" you@domain.com
Nagios
wp vuln plugin-status --nagios将输出用于Nagios监控的结果。
检查未安装的主题和插件
检查特定版本的主题或插件。例如
wp vuln theme-check twentyfifteen --version=1.1
或一次性检查多个(不能接受版本号)
wp vuln plugin-check wppizza wordpress-seo
运行测试
先决条件
必须有VULN_API_PROVIDER和VULN_API_TOKEN环境变量
要运行针对WPScan API的测试
export VULN_API_PROVIDER='wpscan'
export VULN_API_TOKEN='Your API Token Here'
要运行针对Patchstack API的测试
export VULN_API_PROVIDER='patchstack'
export VULN_API_TOKEN='Your API Token Here'
要运行针对Wordfence Intelligence API的测试,VULN_API_TOKEN不是必需的
export VULN_API_PROVIDER='wordfence'
安装依赖项
composer prepare-tests
注意:Composer运行时可能耗尽内存,您可能需要采取步骤释放您端的内存
运行测试
WPScan API
composer behat -- features/vuln-wpscan.feature
PatchStack API
composer behat -- features/vuln-patchstack.feature
Wordfence API
composer behat -- features/vuln-wordfence.feature
支持级别
活跃:10up正在积极开发此项目,并预计未来将继续工作,包括将测试更新到WordPress的最新版本。欢迎提交错误报告、功能请求、问题和拉取请求。
变更日志
关于WP-CLI漏洞扫描器所有显著变更的完整列表在CHANGELOG.md中记录。
贡献
请阅读CODE_OF_CONDUCT.md了解我们的行为准则,CONTRIBUTING.md了解向我们的提交拉取请求的过程,以及CREDITS.md中列出WP-CLI漏洞扫描器的维护者、贡献者和使用的库。
喜欢你所看到的吗?