detect-exploits

A simple bash script to scan for exploits in WordPress and Drupal.

Dependencies

Modern GNU grep and GNU find.

Install

make install

Usage

detect-exploits [OPTION]... DIR
A simple bash script to scan for exploits in WordPress and Drupal.

 Usage:
   detect-exploits /var/www/drupal
     Run all scans on the drupal directory.

   detect-exploits --scan-keywords /var/www/drupal
     Run the keywords scan on the drupal directory.

   detect-exploits --owner=foo --group=bar --web-group=baz /var/www/drupal
     Specify the file ownership fo the permissions scan.

 Options:
  --scan-keywords    Scan for odd keywords within PHP files.
  --scan-uploads     Scan for odd files in the uploads directory
  --scan-filenames   Scan for suspicious filenames
  --scan-duplicates  Scan for duplicate installations
  --scan-permissions Scan file permissions
  --owner            The owner of the system files during a file permissions scan.
                     Defaults to user running the script.
  --group            The group of the system files during a file permissions scan
                     Defaults to user running the script.
  --web-group        The web server group for generated files during a file permissions scan
                     Defaults to www-data, apache, or httpd.
  -f, --force        Skip all user interaction
  -q, --quiet        Quiet (no output)
  -v, --verbose      Output more
  -h, --help         Display this help and exit
      --version      Output version information and exit

Running tests

Install the development dependencies

make dev-install

Run all the tests using:

make test

Or you can cherry pick tests using bats directly

bats test/*.bats