WordPress.org

Ready to get started?Download WordPress

Forums

Exploit Scanner
Git repo for Hashes (11 posts)

  1. philipjohn
    Member
    Posted 7 months ago #

    Soooo... I was just updating my sites with new hashes and thought "this would be so much easier if I could just pull them from a neat git repo".

    So that's what I did: https://github.com/philipjohn/exploit-scanner-hashes

    Thanks to the guys who've already generated hashes, and especially to @mattyrob for the generator which I've also included in the repo.

    For those of you who are keen I've even mused about improvements: https://github.com/philipjohn/exploit-scanner-hashes/issues

    Obviously if you generate the hashes before me (highly likely!) then please do fork & pull to keep the repo up to date.

    Cheers!
    Phil

    http://wordpress.org/plugins/exploit-scanner/

  2. mattyrob
    Member
    Posted 7 months ago #

    @Phil,

    I've just used Git for the first time and sent you hashes for 3.8 ;) I hope I did it right!

    https://github.com/mattyrob/exploit-scanner-hashes/blob/master/hashes-3.8.php

  3. philipjohn
    Member
    Posted 7 months ago #

    Woohoo! :D

  4. philipjohn
    Member
    Posted 7 months ago #

    @mattyrob Just added you as a collaborator too so you should (I think) be able to push directly in future

  5. mattyrob
    Member
    Posted 7 months ago #

    @Phil,

    That's great - I think!

  6. mcramer
    Member
    Posted 7 months ago #

    Thanks, guys! This is great.

  7. RyuMaou
    Member
    Posted 6 months ago #

    Any chance of including the ability to pull the hashes from the git repo right into the plugin? It's save a couple steps! Or maybe including a handy link in the admin interface to help calcified brains like mine remember where to pull the hashes from?

    (Either way, I really appreciate your work on this plugin and the up-keep on the hashes. It's been a real life-saver for me more than once!)

  8. philipjohn
    Member
    Posted 6 months ago #

    If you're using SSH you should be able to do the following;

    $ cd wp-content/plugins
    $ git clone git@github.com:philipjohn/exploit-scanner-hashes.git
    $ mv exploit-scanner-hashes/* exploit-scanner/

    Then, each time a new version is released, this should work;

    $ cd wp-content/plugins/exploit-scanner
    $ git pull origin master

    If you're not using SSH you'll still need to download locally and then upload the new hashes.

    The only other way would probably be to fork the entire plugin, which given it may have been abandoned might not be a bad idea...

    Phil

  9. philipjohn
    Member
    Posted 6 months ago #

    Actually, let's try this.... @donncha @duck_ @ryan @azaozz @tott any plans to continue development for this plugin folks? :)

  10. Thorsten Ott
    Member
    Plugin Author

    Posted 6 months ago #

    @donncha i'm happy to jump in if needed. likely can script something up to create the hashes for the tagged builts.

  11. Docfxit
    Member
    Posted 3 months ago #

    The hashes for WordPress work great. I'm getting a lot of errors listed on the plugins.

    Is there a way to include the plugins in the hash file.

    I've tried creating a hash file for each plugin and adding it into the wp-content/plugins/exploit-scanner directory.

    It didn't work.
    I also tried zipping all plugin folders along with WordPress 3.9 folder into one zip file called latest.zip.

    That didn't work either.

    Are there any ideas what I might do to remove the false positives from the scan?

    Thanks,

    Docfxit

Reply

You must log in to post.

About this Plugin

About this Topic