Created
October 12, 2016 11:13
-
-
Save deanrock/ce46681d675616cc846514578c2b1d64 to your computer and use it in GitHub Desktop.
Find hacked .php files by comparing latest WP & plugins code with the version in your WP installation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import os | |
| import re | |
| from os import listdir | |
| from os.path import isfile, join | |
| def download_wp_plugin(name, path, temp_path): | |
| url = 'https://wordpress.org/plugins/%s/' % name | |
| import urllib2 | |
| try: | |
| response = urllib2.urlopen(url) | |
| html = response.read() | |
| n = re.search(r"href='https://downloads.wordpress.org/plugin/(.*)'>", html).groups()[0] | |
| url = 'https://downloads.wordpress.org/plugin/%s' % n | |
| except: | |
| print "cannot find plugin: %s" % name | |
| return False | |
| print url | |
| if not os.path.exists(os.path.join(path, name)): | |
| os.system("cd %s && wget %s" % (temp_dir, url)) | |
| os.system("cd %s && unzip ../../../%s" % (path, n)) | |
| wordpress_dir = sys.argv[1] | |
| temp_dir = sys.argv[2] | |
| plugins_path = os.path.join(wordpress_dir, 'wp-content', 'plugins') | |
| temp_plugins_path = os.path.join(temp_dir, 'wordpress', 'wp-content', 'plugins') | |
| if not os.path.exists(os.path.join(temp_dir, 'wordpress')): | |
| os.system("cd %s && wget https://wordpress.org/latest.tar.gz && tar xvfz latest.tar.gz" % temp_dir) | |
| for f in listdir(plugins_path): | |
| if os.path.isdir(os.path.join(plugins_path, f)): | |
| print "downloading plugin %s" % f | |
| download_wp_plugin(f, temp_plugins_path, temp_dir) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment