wpoptic/wordpress_detector.py at main · studentofcoding/wpoptic · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
import sys
import requests
import re
import logging
from urllib.parse import urljoin
from concurrent.futures import ThreadPoolExecutor, as_completed

# Set up logging
logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')

def is_wordpress(url):
    try:
        logging.info(f"Checking if {url} is a WordPress site")
        response = requests.get(url, timeout=10)
        response.raise_for_status()

        # Check for WordPress-specific meta tags or scripts
        wp_patterns = [
            r'<meta name="generator" content="WordPress',
            r'wp-content',
            r'wp-includes',
        ]

        for pattern in wp_patterns:
            if re.search(pattern, response.text, re.IGNORECASE):
                logging.info(f"WordPress pattern '{pattern}' found in {url}")
                return True

        # Check for wp-login.php
        login_url = urljoin(url, 'wp-login.php')
        logging.info(f"Checking for wp-login.php at {login_url}")
        login_response = requests.get(login_url, timeout=5)
        if login_response.status_code == 200 and 'WordPress' in login_response.text:
            logging.info(f"wp-login.php found at {login_url}")
            return True

        logging.info(f"{url} is not a WordPress site")
        return False
    except requests.RequestException as e:
        logging.error(f"Error accessing {url}: {str(e)}")
        return False

def detect_plugins_client_side(url):
    try:
        logging.info(f"Detecting client-side plugins for {url}")
        response = requests.get(url, timeout=10)
        response.raise_for_status()

        # Look for plugin-specific patterns in the HTML
        plugin_pattern = r'wp-content/plugins/([^/]+)/'
        plugins = set(re.findall(plugin_pattern, response.text))

        logging.info(f"Client-side plugins detected: {', '.join(plugins)}")
        return list(plugins)
    except requests.RequestException as e:
        logging.error(f"Error detecting client-side plugins for {url}: {str(e)}")
        return []

def check_plugin_exists(url, plugin_name):
    plugin_url = urljoin(url, f'wp-content/plugins/{plugin_name}/')
    try:
        logging.info(f"Checking if plugin {plugin_name} exists at {plugin_url}")
        response = requests.head(plugin_url, timeout=5)
        exists = response.status_code == 200
        logging.info(f"Plugin {plugin_name} {'exists' if exists else 'does not exist'} at {plugin_url}")
        return exists
    except requests.RequestException as e:
        logging.error(f"Error checking plugin {plugin_name} at {plugin_url}: {str(e)}")
        return False

def detect_plugins_server_side(url):
    common_plugins = [
        'akismet', 'contact-form-7', 'woocommerce', 'yoast-seo', 'elementor',
        'jetpack', 'wordfence', 'wp-super-cache', 'all-in-one-seo-pack', 'wpfc'
    ]

    logging.info(f"Detecting server-side plugins for {url}")
    detected_plugins = []

    with ThreadPoolExecutor(max_workers=5) as executor:
        future_to_plugin = {executor.submit(check_plugin_exists, url, plugin): plugin for plugin in common_plugins}
        for future in as_completed(future_to_plugin):
            plugin = future_to_plugin[future]
            if future.result():
                detected_plugins.append(plugin)

    logging.info(f"Server-side plugins detected: {', '.join(detected_plugins)}")
    return detected_plugins

def main():
    if len(sys.argv) != 2:
        logging.error("Usage: python wordpress_detector.py <url>")
        sys.exit(1)

    url = sys.argv[1]
    if not url.startswith(('http://', 'https://')):
        url = 'https://' + url

    logging.info(f"Starting WordPress detection for {url}")

    if is_wordpress(url):
        logging.info(f"{url} is a WordPress site")

        client_side_plugins = detect_plugins_client_side(url)
        server_side_plugins = detect_plugins_server_side(url)

        all_plugins = list(set(client_side_plugins + server_side_plugins))

        if all_plugins:
            logging.info("Detected plugins:")
            for plugin in all_plugins:
                logging.info(f"- {plugin}")
        else:
            logging.info("No plugins detected")
    else:
        logging.info(f"{url} is not a WordPress site")

if __name__ == "__main__":
    main()