Maria Casino,Slingooriginals com real money.REGISTER NOW GET FREE 888 PESOS REWARDS!

Plugin Author Philip John
(@philipjohn)

10 years, 11 months ago

Soooo… I was just updating my sites with new hashes and thought “this would be so much easier if I could just pull them from a neat git repo”.

So that’s what I did: https://github.com/philipjohn/exploit-scanner-hashes

Thanks to the guys who’ve already generated hashes, and especially to @mattyrob for the generator which I’ve also included in the repo.

For those of you who are keen I’ve even mused about improvements: https://github.com/philipjohn/exploit-scanner-hashes/issues

Obviously if you generate the hashes before me (highly likely!) then please do fork & pull to keep the repo up to date.

Cheers!
Phil

https://www.ads-software.com/plugins/exploit-scanner/

Viewing 10 replies - 1 through 10 (of 10 total)

Matt Robinson
(@mattyrob)

10 years, 11 months ago

@phil,

I’ve just used Git for the first time and sent you hashes for 3.8 ?? I hope I did it right!

https://github.com/mattyrob/exploit-scanner-hashes/blob/master/hashes-3.8.php

Plugin Author Philip John
(@philipjohn)

10 years, 11 months ago

Woohoo! ??

Plugin Author Philip John
(@philipjohn)

10 years, 11 months ago

@mattyrob Just added you as a collaborator too so you should (I think) be able to push directly in future

Matt Robinson
(@mattyrob)

10 years, 11 months ago

@phil,

That’s great – I think!

mcramer
(@mcramer)

10 years, 11 months ago

Thanks, guys! This is great.

RyuMaou
(@ryumaou)

10 years, 10 months ago

Any chance of including the ability to pull the hashes from the git repo right into the plugin? It’s save a couple steps! Or maybe including a handy link in the admin interface to help calcified brains like mine remember where to pull the hashes from?

(Either way, I really appreciate your work on this plugin and the up-keep on the hashes. It’s been a real life-saver for me more than once!)
Plugin Author Philip John
(@philipjohn)

10 years, 10 months ago
If you’re using SSH you should be able to do the following;
```
$ cd wp-content/plugins
$ git clone [email protected]:philipjohn/exploit-scanner-hashes.git
$ mv exploit-scanner-hashes/* exploit-scanner/
```
Then, each time a new version is released, this should work;
```
$ cd wp-content/plugins/exploit-scanner
$ git pull origin master
```
If you’re not using SSH you’ll still need to download locally and then upload the new hashes.

The only other way would probably be to fork the entire plugin, which given it may have been abandoned might not be a bad idea…

Phil
Plugin Author Philip John
(@philipjohn)

10 years, 10 months ago

Actually, let’s try this…. @donncha @duck_ @ryan @azaozz @tott any plans to continue development for this plugin folks? ??

Plugin Author Thorsten Ott
(@tott)

10 years, 10 months ago

@donncha i’m happy to jump in if needed. likely can script something up to create the hashes for the tagged builts.

Docfxit
(@docfxit)

10 years, 7 months ago

The hashes for WordPress work great. I’m getting a lot of errors listed on the plugins.

Is there a way to include the plugins in the hash file.

I’ve tried creating a hash file for each plugin and adding it into the wp-content/plugins/exploit-scanner directory.

It didn’t work.
I also tried zipping all plugin folders along with WordPress 3.9 folder into one zip file called latest.zip.

That didn’t work either.

Are there any ideas what I might do to remove the false positives from the scan?

Thanks,

Docfxit