Awesome
WordPressMassExploiter
Mass exploiter of CVE-2015-1579 for WordPress CMS
This mass exploiter is based on CVE-2015-1579, discovered by CLAUDIO VIVIANI (https://www.exploit-db.com/exploits/36554/)
How it works:
1 - I use Selenium Framework to make the search on google.
2 - The results of search, are parsed and links are stored into wordpressAFD_results.txt file.
3 - The fuzzer() & download_wp_config() try download wp-config from all targets.
Exemple of using the tool:
$ python wordpressCVE-2015-1579.py --dork='revslider.php "index of"'
$ python wordpressCVE-2015-1579.py --dork='revslider.php "index of"' --period=lastYear (See options for this parameter on --help)
*OBS[1]: You can change the country of google search, the default is .com.br. BUT you won't be able to use --period parameter
*OBS[2]: INSTALL ALL DEPENDENCYS... (selenium beautifulsoup4 requests docopt tqdm python-nmap .... I don't remember all :D)