WordPress.org

Forums

Exploit Scanner
Git repo for Hashes (11 posts)

  1. Philip John
    Member
    Plugin Author

    Posted 1 year ago #

    Soooo... I was just updating my sites with new hashes and thought "this would be so much easier if I could just pull them from a neat git repo".

    So that's what I did: https://github.com/philipjohn/exploit-scanner-hashes

    Thanks to the guys who've already generated hashes, and especially to @mattyrob for the generator which I've also included in the repo.

    For those of you who are keen I've even mused about improvements: https://github.com/philipjohn/exploit-scanner-hashes/issues

    Obviously if you generate the hashes before me (highly likely!) then please do fork & pull to keep the repo up to date.

    Cheers!
    Phil

    http://wordpress.org/plugins/exploit-scanner/

  2. mattyrob
    Member
    Posted 1 year ago #

    @Phil,

    I've just used Git for the first time and sent you hashes for 3.8 ;) I hope I did it right!

    https://github.com/mattyrob/exploit-scanner-hashes/blob/master/hashes-3.8.php

  3. Philip John
    Member
    Plugin Author

    Posted 1 year ago #

    Woohoo! :D

  4. Philip John
    Member
    Plugin Author

    Posted 1 year ago #

    @mattyrob Just added you as a collaborator too so you should (I think) be able to push directly in future

  5. mattyrob
    Member
    Posted 1 year ago #

    @Phil,

    That's great - I think!

  6. mcramer
    Member
    Posted 1 year ago #

    Thanks, guys! This is great.

  7. RyuMaou
    Member
    Posted 1 year ago #

    Any chance of including the ability to pull the hashes from the git repo right into the plugin? It's save a couple steps! Or maybe including a handy link in the admin interface to help calcified brains like mine remember where to pull the hashes from?

    (Either way, I really appreciate your work on this plugin and the up-keep on the hashes. It's been a real life-saver for me more than once!)

  8. Philip John
    Member
    Plugin Author

    Posted 1 year ago #

    If you're using SSH you should be able to do the following;

    $ cd wp-content/plugins
    $ git clone git@github.com:philipjohn/exploit-scanner-hashes.git
    $ mv exploit-scanner-hashes/* exploit-scanner/

    Then, each time a new version is released, this should work;

    $ cd wp-content/plugins/exploit-scanner
    $ git pull origin master

    If you're not using SSH you'll still need to download locally and then upload the new hashes.

    The only other way would probably be to fork the entire plugin, which given it may have been abandoned might not be a bad idea...

    Phil

  9. Philip John
    Member
    Plugin Author

    Posted 1 year ago #

    Actually, let's try this.... @donncha @duck_ @ryan @azaozz @tott any plans to continue development for this plugin folks? :)

  10. Thorsten Ott
    Member
    Plugin Author

    Posted 1 year ago #

    @donncha i'm happy to jump in if needed. likely can script something up to create the hashes for the tagged builts.

  11. Docfxit
    Member
    Posted 1 year ago #

    The hashes for WordPress work great. I'm getting a lot of errors listed on the plugins.

    Is there a way to include the plugins in the hash file.

    I've tried creating a hash file for each plugin and adding it into the wp-content/plugins/exploit-scanner directory.

    It didn't work.
    I also tried zipping all plugin folders along with WordPress 3.9 folder into one zip file called latest.zip.

    That didn't work either.

    Are there any ideas what I might do to remove the false positives from the scan?

    Thanks,

    Docfxit

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Exploit Scanner
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic