Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add an option to set url for get plugins list from custom wordpress api #1843

Open
z-avanes opened this issue May 29, 2024 · 0 comments
Open

Add an option to set url for get plugins list from custom wordpress api #1843

z-avanes opened this issue May 29, 2024 · 0 comments

Comments

@z-avanes
Copy link

z-avanes commented May 29, 2024
edited
Loading

Hi,
The current method for estimating installed plugins is not 100% accurate.
I think if we create a plugin that, after installation, exposes the list of installed plugins through a custom API then WPScan can get that list and process it and the result going to 100% accurate.

Sample command
wp --url http://test.com --plugins-url http://test.com/wp-json/custom/v1/plugins?key=test
Sample of plugin code


class Custom_Plugins_API
{
    const API_KEY = '';

    public function __construct()
    {
        add_action('rest_api_init', [$this, 'register_routes']);
    }

    public function register_routes()
    {
        register_rest_route('custom/v1', '/plugins', array(
            'methods' => 'GET',
            'callback' => [$this, 'get_installed_plugins'],
            'permission_callback' => [$this, 'validate_api_key'],
        ));
    }

    public function validate_api_key($request)
    {
        $api_key = $request->get_param('key');
        return $api_key && $api_key === self::API_KEY;
    }

    public function get_installed_plugins()
    {
        if (!function_exists('get_plugins')) {
            require_once ABSPATH . 'wp-admin/includes/plugin.php';
        }

        $all_plugins = get_plugins();
        $plugins_info = array();

        foreach ($all_plugins as $plugin_file => $plugin_data) {
            $plugins_info[] = array(
                'name' => $plugin_data['Name'],
                'version' => $plugin_data['Version'],
            );
        }

        return new \WP_REST_Response($plugins_info, 200);
    }
}

new Custom_Plugins_API();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@z-avanes