@phil,
I’ve just used Git for the first time and sent you hashes for 3.8 😉 I hope I did it right!
https://github.com/mattyrob/exploit-scanner-hashes/blob/master/hashes-3.8.php
@mattyrob Just added you as a collaborator too so you should (I think) be able to push directly in future
Thanks, guys! This is great.
Any chance of including the ability to pull the hashes from the git repo right into the plugin? It’s save a couple steps! Or maybe including a handy link in the admin interface to help calcified brains like mine remember where to pull the hashes from?
(Either way, I really appreciate your work on this plugin and the up-keep on the hashes. It’s been a real life-saver for me more than once!)
If you’re using SSH you should be able to do the following;
$ cd wp-content/plugins
$ git clone git@github.com:philipjohn/exploit-scanner-hashes.git
$ mv exploit-scanner-hashes/* exploit-scanner/
Then, each time a new version is released, this should work;
$ cd wp-content/plugins/exploit-scanner
$ git pull origin master
If you’re not using SSH you’ll still need to download locally and then upload the new hashes.
The only other way would probably be to fork the entire plugin, which given it may have been abandoned might not be a bad idea…
Phil
Actually, let’s try this…. @donncha @duck_ @ryan @azaozz @tott any plans to continue development for this plugin folks? 🙂
@donncha i’m happy to jump in if needed. likely can script something up to create the hashes for the tagged builts.
The hashes for WordPress work great. I’m getting a lot of errors listed on the plugins.
Is there a way to include the plugins in the hash file.
I’ve tried creating a hash file for each plugin and adding it into the wp-content/plugins/exploit-scanner directory.
It didn’t work.
I also tried zipping all plugin folders along with WordPress 3.9 folder into one zip file called latest.zip.
That didn’t work either.
Are there any ideas what I might do to remove the false positives from the scan?
Thanks,
Docfxit
