forked from sergejmueller/wpcheck
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsensitive-files.js
95 lines (75 loc) · 2.06 KB
/
sensitive-files.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
/**
* wpcheck module sensitive-files.js
* Check WordPress/Apache/Dot files for their availability
*/
/**
* Required modules
*/
const request = require( 'request' ).defaults( { followRedirect: false } )
const fs = require( '../fs' )
const log = require( '../log' )
/**
* Initiator method
*
* @param {Object} data Data object with request values
* @return void
*/
exports.fire = ( data ) => {
const { wpURL, siteURL, userAgent, silentMode } = data
const filterName = fs.fileName( __filename, '.js' )
const logObj = { silentMode, filterName }
const targets = [
{
'url': `${wpURL}/wp-config.php`,
'method': 'HEAD',
'pattern': 'DB_PASSWORD'
},
{
'url': `${wpURL}/wp-admin/maint/repair.php`,
'method': 'HEAD',
'pattern': 'repair.php'
},
{
'url': `${siteURL}/.htaccess`
},
{
'url': `${siteURL}/.htpasswd`
},
{
'url': `${siteURL}/.ssh`
},
{
'url': `${siteURL}/.npmrc`
},
{
'url': `${siteURL}/.gitconfig`
},
{
'url': `${siteURL}/config.json`
},
{
'url': `${wpURL}/wp-config-sample.php`
},
{
'url': `${wpURL}/wp-content/debug.log`
}
]
targets.forEach( ( { url, method = 'GET', pattern = null } ) => {
request( {
'url': url,
'method': method,
'headers': { 'User-Agent': userAgent }
}, ( error, response, body ) => {
if ( error || response.statusCode !== 200 ) {
return log.ok( `${url} is not public`, logObj )
}
if ( ! pattern ) {
return log.warn( `${url} is public`, logObj )
}
if ( ! body.includes( pattern ) ) {
return log.info( `${url} is public but safe`, logObj )
}
return log.warn( `${url} is public and not safe`, logObj )
} )
} )
}