├── README.md
├── Results
    └── Results.txt
├── enumerate.py
├── lib
    └── ua.txt
└── requirements.txt


/README.md:
--------------------------------------------------------------------------------
 1 | ## Wordpress Enumeration
 2 | WordPress enumeration is the process of gathering information about a WordPress website, including its version, plugins, and themes. This information can be useful for several purposes, including vulnerability assessment, penetration testing, and website analysis.
 3 | ## Screenshot:
 4 | ![Screenshot_1](https://user-images.githubusercontent.com/25004320/235063221-83d95d41-f333-493b-a21c-8a60fdfbbe70.png)
 5 | ![Screenshot_3](https://user-images.githubusercontent.com/25004320/235063233-ea9a099b-d685-422a-a37e-51dd09c4bdd0.png)
 6 | ## Requirements
 7 | - Python3.7+
 8 | ## Supported Os
 9 | - Linuxer
10 | - Wingays
11 | ## Get start with
12 | ```
13 | $ git clone https://github.com/Pari-Malam/Wordpress-CMS
14 | $ cd Wordpress-CMS
15 | $ pip/pip3 install -r requirements.txt
16 | $ python/python3 enumerate.py
17 | ```
18 | ## Footprints Notes
19 | - By using this tool, you agree that you are using it for educational purposes only and that you will not use it for any illegal activity. You also agree to bear all risks associated with the use of this tool. I will not be responsible for direct or indirect damage caused by the use of this tool. Don't suyyyyyyyyyyyyyyyyyyyy me!
20 | ## Author
21 | - Pari Malam
22 | ## Contacts
23 | [![Telegram](https://img.shields.io/badge/-Telegram-blue)](https://telegram.me/SurpriseMTFK)
24 | [![Discord](https://img.shields.io/badge/-Discord-purple)](https://discordapp.com/users/829404192585678858)
25 | 


--------------------------------------------------------------------------------
/Results/Results.txt:
--------------------------------------------------------------------------------
 1 | .++==========[Pari Malam]==========++.
 2 | URLs: https://www.exoclick.com
 3 | WordPress Version: 5.9
 4 | Installed Plugins: 
 5 | Actived Themes: exoclick
 6 | .++==========[Pari Malam]==========++.
 7 | 
 8 | .++==========[Pari Malam]==========++.
 9 | URLs: https://www.geeksforgeeks.org
10 | WordPress Version: 4.9.8
11 | Installed Plugins: 
12 | Actived Themes: iconic-one
13 | .++==========[Pari Malam]==========++.
14 | 
15 | .++==========[Pari Malam]==========++.
16 | URLs: https://www.movie2free.com
17 | WordPress Version: 6.2
18 | Installed Plugins: 
19 | Actived Themes: next
20 | .++==========[Pari Malam]==========++.
21 | 
22 | 


--------------------------------------------------------------------------------
/enumerate.py:
--------------------------------------------------------------------------------
  1 | # Author: Pari Malam
  2 | 
  3 | import os
  4 | import random
  5 | import requests
  6 | from bs4 import BeautifulSoup
  7 | import warnings
  8 | import concurrent.futures
  9 | from sys import stdout
 10 | from colorama import Fore, Style, init
 11 | warnings.filterwarnings("ignore")
 12 | init(autoreset=True)
 13 | 
 14 | FY = Fore.YELLOW
 15 | FG = Fore.GREEN
 16 | FR = Fore.RED
 17 | FC = Fore.CYAN
 18 | FW = Fore.WHITE
 19 | 
 20 | def clear():
 21 |     os.system('clear' if os.name == 'posix' else 'cls')
 22 | 
 23 | def dirdar():
 24 |     if not os.path.exists('Results'):
 25 |         os.mkdir('Results')
 26 | dirdar()
 27 | 
 28 | def banners():
 29 |     clear()
 30 |     stdout.write("                                                                                         \n")
 31 |     stdout.write(""+Fore.LIGHTRED_EX +"██╗    ██╗██████╗       ███████╗███╗   ██╗██╗   ██╗███╗   ███╗███████╗██████╗  █████╗ ████████╗██╗ ██████╗ ███╗   ██╗\n")
 32 |     stdout.write(""+Fore.LIGHTRED_EX +"██║    ██║██╔══██╗      ██╔════╝████╗  ██║██║   ██║████╗ ████║██╔════╝██╔══██╗██╔══██╗╚══██╔══╝██║██╔═══██╗████╗  ██║\n")
 33 |     stdout.write(""+Fore.LIGHTRED_EX +"██║ █╗ ██║██████╔╝█████╗█████╗  ██╔██╗ ██║██║   ██║██╔████╔██║█████╗  ██████╔╝███████║   ██║   ██║██║   ██║██╔██╗ ██║\n")
 34 |     stdout.write(""+Fore.LIGHTRED_EX +"██║███╗██║██╔═══╝ ╚════╝██╔══╝  ██║╚██╗██║██║   ██║██║╚██╔╝██║██╔══╝  ██╔══██╗██╔══██║   ██║   ██║██║   ██║██║╚██╗██║\n")
 35 |     stdout.write(""+Fore.LIGHTRED_EX +"╚███╔███╔╝██║           ███████╗██║ ╚████║╚██████╔╝██║ ╚═╝ ██║███████╗██║  ██║██║  ██║   ██║   ██║╚██████╔╝██║ ╚████║\n")
 36 |     stdout.write(""+Fore.LIGHTRED_EX +" ╚══╝╚══╝ ╚═╝           ╚══════╝╚═╝  ╚═══╝ ╚═════╝ ╚═╝     ╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═╝   ╚═╝   ╚═╝ ╚═════╝ ╚═╝  ╚═══╝\n")
 37 |     stdout.write(""+Fore.YELLOW +"═════════════╦═════════════════════════════════╦══════════════════════════════════════════════════════════════════════\n")
 38 |     stdout.write(""+Fore.YELLOW   +"╔════════════╩═════════════════════════════════╩═════════════════════════════╗\n")
 39 |     stdout.write(""+Fore.YELLOW   +"║ \x1b[38;2;255;20;147m• "+Fore.GREEN+"AUTHOR             "+Fore.RED+"    |"+Fore.LIGHTWHITE_EX+"   PARI MALAM                                    "+Fore.YELLOW+"║\n")
 40 |     stdout.write(""+Fore.YELLOW   +"╔════════════════════════════════════════════════════════════════════════════╝\n")
 41 |     stdout.write(""+Fore.YELLOW   +"║ \x1b[38;2;255;20;147m• "+Fore.GREEN+"GITHUB             "+Fore.RED+"    |"+Fore.LIGHTWHITE_EX+"   GITHUB.COM/PARI-MALAM                         "+Fore.YELLOW+"║\n")
 42 |     stdout.write(""+Fore.YELLOW   +"╚════════════════════════════════════════════════════════════════════════════╝\n")
 43 |     print(f"{FY}[Wordpress-Enumeration] - {FG}Perform With Massive Wordpress Enumeration {FR}[Plugin/Theme]{Style.RESET_ALL}\n")
 44 | banners()
 45 | 
 46 | def load_user_agents():
 47 |     with open("lib/ua.txt", "r") as ua_file:
 48 |         user_agents = ua_file.readlines()
 49 |     user_agents = [ua.strip() for ua in user_agents if ua.strip()]
 50 |     return user_agents
 51 | 
 52 | def add_http_prefix(url):
 53 |     if not url.startswith("http://") and not url.startswith("https://"):
 54 |         url = "http://" + url
 55 |     return url
 56 | 
 57 | def get_wordpress_info(url):
 58 |     target = add_http_prefix(url)
 59 |     headers = {'user-agent': random.choice(load_user_agents())}
 60 | 
 61 |     try:
 62 |         response = requests.get(target, headers=headers, verify=False)
 63 |         soup = BeautifulSoup(response.text, "html.parser")
 64 | 
 65 |         version_meta = soup.find("meta", {"name": "generator"})
 66 |         version = None
 67 |         if version_meta and "content" in version_meta.attrs:
 68 |             content = version_meta["content"].split()
 69 |             if len(content) > 1:
 70 |                 version = content[1]
 71 | 
 72 |         plugins = []
 73 |         for link in soup.find_all("link", {"rel": "stylesheet"}):
 74 |             href = link.get("href")
 75 |             if href and "plugins" in href:
 76 |                 plugins.append(href.split("plugins/")[1].split("/")[0])
 77 | 
 78 |         theme_link = soup.find("link", {"rel": "stylesheet"})
 79 |         theme = None
 80 |         if theme_link and "href" in theme_link.attrs:
 81 |             href = theme_link["href"]
 82 |             theme_parts = href.split("themes/")
 83 |             if len(theme_parts) > 1:
 84 |                 theme = theme_parts[1].split("/")[0]
 85 | 
 86 |     except Exception as e:
 87 |         print(f"Error: {e}")
 88 |         return None, None, None
 89 | 
 90 |     return version, plugins, theme
 91 | 
 92 | def scan_site(url):
 93 |     version, plugins, theme = get_wordpress_info(url)
 94 | 
 95 |     if version:
 96 |         output = (
 97 |             f".++==========[Pari Malam]==========++.\n"
 98 |             f"URL: {url}\n"
 99 |             f"WordPress Version: {version}\n"
100 |             f"Installed Plugins: {', '.join(plugins)}\n"
101 |             f"Active Theme: {theme}\n"
102 |             f".++==========[Pari Malam]==========++.\n\n"
103 |         )
104 |         print(Fore.YELLOW + "[WORDPRESS-ENUM]" + Fore.RED + " .:" + Fore.GREEN + f" [W00T!] - {Fore.WHITE}{url}\n")
105 |         print(Fore.YELLOW + "[WORDPRESS-ENUM]" + Fore.RED + " .:" + Fore.GREEN + f" WordPress Version: {Fore.WHITE}{version}")
106 |         print(Fore.YELLOW + "[WORDPRESS-ENUM]" + Fore.RED + " .:" + Fore.GREEN + f" Installed Plugins: {Fore.WHITE}{', '.join(plugins)}")
107 |         print(Fore.YELLOW + "[WORDPRESS-ENUM]" + Fore.RED + " .:" + Fore.GREEN + f" Active Theme: {Fore.WHITE}{theme}")
108 |         with open('Results/Results.txt', 'a') as results_file:
109 |             results_file.write(output)
110 |     else:
111 |         print(Fore.YELLOW + "[WORDPRESS-ENUM]" + Fore.GREEN + " .:" + Fore.RED + f" [NOT FOUND!] - {Fore.WHITE}{url}")
112 | 
113 | if __name__ == '__main__':
114 |     input_file = input(f"{Fore.YELLOW}[URL/IP LIST] {Fore.RED}.: {Fore.WHITE}")
115 |     threads = int(input(f"{Fore.YELLOW}[THREAD: 10-30] {Fore.RED}.: {Fore.WHITE}"))
116 | 
117 |     try:
118 |         with open(input_file, mode='r') as f:
119 |             target = [i.strip() for i in f.readlines()]
120 |     except FileNotFoundError:
121 |         exit('\n  WHUT ARE YOU DOIN? FILE NOT FOUND! ' + input_file)
122 | 
123 |     with concurrent.futures.ThreadPoolExecutor(max_workers=threads) as executor:
124 |         futures = [executor.submit(scan_site, site) for site in target]
125 | 
126 |         for future in concurrent.futures.as_completed(futures):
127 |             future.result()


--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | requests
2 | colorama
3 | bs4
4 | urllib3


--------------------------------------------------------------------------------