wordpress-audit 1.0.0

WordPress audit tool - detects outdated core, plugins, and themes
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112

//! WordPress Audit CLI - Scan WordPress websites for security information

use clap::{Parser, ValueEnum};
use std::process::ExitCode;

use wordpress_audit::{
    Analyzer, Scanner,
    output::{OutputConfig, OutputFormat, OutputSort, output_analysis},
};

/// WordPress security scanner - detects versions, plugins, and themes
#[derive(Parser, Debug)]
#[command(name = "wordpress-audit")]
#[command(version, about, long_about = None)]
struct Args {
    /// URL of the WordPress site to scan
    url: String,

    /// Output format
    #[arg(short = 'o', long = "output", default_value = "human", value_enum)]
    output_format: OutputFormatArg,

    /// Sort order for output
    #[arg(long = "sort", default_value = "type", value_enum)]
    sort: OutputSortArg,

    /// Allow scanning private/internal IP addresses (localhost, 192.168.x.x, etc.)
    #[arg(long = "allow-private")]
    allow_private: bool,
}

/// Output format argument
#[derive(Clone, Copy, Debug, ValueEnum)]
enum OutputFormatArg {
    Human,
    Json,
    None,
}

impl From<OutputFormatArg> for OutputFormat {
    fn from(arg: OutputFormatArg) -> Self {
        match arg {
            OutputFormatArg::Human => OutputFormat::Human,
            OutputFormatArg::Json => OutputFormat::Json,
            OutputFormatArg::None => OutputFormat::None,
        }
    }
}

/// Output sort argument
#[derive(Clone, Copy, Debug, ValueEnum)]
enum OutputSortArg {
    /// Sort by type (Core, Theme, Plugin), then by name (default)
    Type,
    /// Sort alphabetically by name only
    Name,
    /// Sort by status, then by type, then by name
    Status,
}

impl From<OutputSortArg> for OutputSort {
    fn from(arg: OutputSortArg) -> Self {
        match arg {
            OutputSortArg::Type => OutputSort::Type,
            OutputSortArg::Name => OutputSort::Name,
            OutputSortArg::Status => OutputSort::Status,
        }
    }
}

#[tokio::main]
async fn main() -> ExitCode {
    let args = Args::parse();

    // Print banner for human output
    if matches!(args.output_format, OutputFormatArg::Human) {
        print_banner();
    }

    let output_config = OutputConfig::new(args.output_format.into(), args.sort.into());

    match run_scan(&args.url, args.allow_private, &output_config).await {
        Ok(_) => ExitCode::SUCCESS,
        Err(e) => {
            eprintln!("Error: {}", e);
            ExitCode::FAILURE
        }
    }
}

async fn run_scan(
    url: &str,
    allow_private: bool,
    output_config: &OutputConfig,
) -> wordpress_audit::Result<()> {
    let scanner = Scanner::builder(url).allow_private(allow_private).build()?;
    let scan_result = scanner.scan().await?;
    let analysis = Analyzer::new(scan_result).analyze();

    let stdout = std::io::stdout();
    let mut writer = stdout.lock();
    output_analysis(&analysis, output_config, &mut writer)?;

    Ok(())
}

fn print_banner() {
    const VERSION: &str = env!("CARGO_PKG_VERSION");
    println!("WordPress Audit v{}", VERSION);
    println!("by Robert F. Ecker <robert@robdotec.com>");
    println!();
}