You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello the community.
I'm working on a scanning all the wordpress theme of a list of ips. I've created the first part of the file (witch is working), but i haven't found anything online about my problem.
I want nuclei to get the plugin file conf and get the version of it. But in my case I'm not sure if it goes into the second part.
id: wordpress-themes-enumeration
info:
name: WordPress Themes Enumeration
author:
severity: info
description: This template extracts the names of all WordPress themes from a site.
tags: wordpress, wp-theme
metadata:
max-request: 1
plugin_namespace: user-role-editor
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
name: theme-name
group: 1
regex:
- '\/wp-content\/themes\/([^\/]+)\/[^\/]+\.css'
- type: regex
part: body
name: version
group: 1
regex:
- '\/wp-content\/themes\/[^\/]+\/[^\/]+\.css\?ver=([\w\.]+)'
- type: regex
part: body
name: wp-theme
internal: true
regex:
- 'https?:\/\/[^\/]+\/wp-content\/themes\/[^\/]+\/[^\/]+\.css\?ver=[\w\.]+'
matchers-condition: or
matchers:
- type: status
status:
- 200
- type: regex
part: body
name : wp-theme
internal: true
regex:
- 'https?:\/\/[^\/]+\/wp-content\/themes\/[^\/]+\/[^\/]+\.css\?ver=[\w\.]+'
- method: GET # From here is the second part witch normal go to the file with the value of "wp-theme" and get the version
path:
- "{{wp-theme}}"
extractors:
- type: regex
part: body
name: version2
group: 1
regex:
- '.*' # Extract theme names
matchers-condition: or
matchers:
- type: status
status:
- 200
- type: regex
part: body
name : version3
regex:
- '.*'
I'm sorry for my explanation, i hope you will understand it.
Thanks you :)
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello the community.
I'm working on a scanning all the wordpress theme of a list of ips. I've created the first part of the file (witch is working), but i haven't found anything online about my problem.
I want nuclei to get the plugin file conf and get the version of it. But in my case I'm not sure if it goes into the second part.
I'm sorry for my explanation, i hope you will understand it.
Thanks you :)
Beta Was this translation helpful? Give feedback.
All reactions