From a9f745a5771dcf690ada0fe06334e90b76355d53 Mon Sep 17 00:00:00 2001
From: Brendan McDevitt <brendan@mcdevitt.tech>
Date: Tue, 22 Feb 2022 19:11:31 -0600
Subject: [PATCH] added a container wrapper around wordpress vuln db

---
 .gitignore         |  1 +
 Dockerfile         |  5 ++++
 README.md          | 21 +++++++++++++++-
 check_wp_vuln.sh   | 62 ++++++++++++++++++++++++++++++++++++++++++++++
 docker-compose.yml |  9 +++++++
 5 files changed, 97 insertions(+), 1 deletion(-)
 create mode 100644 .gitignore
 create mode 100644 Dockerfile
 create mode 100755 check_wp_vuln.sh
 create mode 100644 docker-compose.yml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..4c49bd7
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.env
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..d4d8974
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,5 @@
+FROM python:latest
+COPY ./check_wp_vuln.sh /
+
+RUN chmod +x /check_wp_vuln.sh
+ENTRYPOINT ["/check_wp_vuln.sh"]
diff --git a/README.md b/README.md
index a6fc817..5bdd0df 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,22 @@
 # docker_wordpress_scanner
 
-This is a docker-compose ecosystem that will install a specific target wordpress version in a webserver and then run wpscan against and output the vulnerabilities. It is meant to be used as a quick way to scan a target wordpress version from its base
\ No newline at end of file
+This is a docker-compose ecosystem that will install a specific target wordpress version in a webserver and then run wpscan against and output the vulnerabilities. It is meant to be used as a quick way to scan a target wordpress version from its base
+
+### Usage:
+Create a .env file with the following envar
+```
+WPSCANDB_API_TOKEN=
+```
+
+this token is used for wpscan db api calls. To use the container:
+
+```
+# PLUGIN
+docker run --env-file .env wp_checker --plugin jetpack
+
+# THEME
+docker run --env-file .env wp_checker --theme zerif-lite
+
+# VERSION - Example checks version 4.9.4
+docker run --env-file .env wp_checker --all 494 
+```
diff --git a/check_wp_vuln.sh b/check_wp_vuln.sh
new file mode 100755
index 0000000..470a9f6
--- /dev/null
+++ b/check_wp_vuln.sh
@@ -0,0 +1,62 @@
+#!/usr/bin/env bash
+# query wpvuln db for vulnerabilities
+
+function plugin {
+
+	curl -H "Authorization: Token token=$WPSCANDB_API_TOKEN" https://wpscan.com/api/v3/plugins/$1 2> /dev/null | \
+python -m json.tool 
+
+	}
+
+function theme {
+
+	curl -H "Authorization: Token token=$WPSCANDB_API_TOKEN" https://wpscan.com/api/v3/themes/$1 2> /dev/null | \
+python -m json.tool 
+
+	}
+
+function all {
+	curl -H "Authorization: Token token=$WPSCANDB_API_TOKEN" https://wpscan.com/api/v3/wordpresses/$1 2> /dev/null | \
+python -m json.tool
+
+	}
+
+function usage {
+
+echo "Usage: $(basename $0) <options> <plugin/theme/wpversion>"
+echo "options:"
+echo " --help			display this help page"
+echo " --plugin		query api for a specific plugin"
+echo " --theme 		query api for specific theme"
+echo " --all			retrieve all vulnerabilities in a specific wp version number"
+
+}
+
+
+if [ -z $1 ]; then
+  usage
+  exit
+elif [ $# -gt 2 ]; then
+  echo "too many arguments"
+  echo " "
+  usage
+  exit
+fi
+
+case "$1" in
+  '--help')
+    usage
+    ;;
+
+  '--plugin')
+    plugin $2
+    ;;
+
+  '--theme')
+    theme $2
+    ;;
+
+  '--all')
+    all $2
+    ;;
+esac
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..afb7c72
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,9 @@
+version: "3.7"
+
+services:
+    docker_wordpress_scanner:
+          build: .
+          entrypoint: bash -c
+          tty: true
+          env_file:
+            - .env