#!/bin/bash
# CVE-2019-14206 - Real Target Discovery and Testing

echo "=========================================="
echo "CVE-2019-14206 Real Target Testing"
echo "=========================================="
echo ""

YELLOW='\033[1;33m'
GREEN='\033[0;32m'
RED='\033[0;31m'
NC='\033[0m'

# Create test targets list
TEMP_TARGETS=$(mktemp)

echo -e "${YELLOW}[*] Searching for potential vulnerable targets...${NC}"
echo ""

# WordPress sites that might have Adaptive Images plugin
# These are for educational/testing purposes only

# Method 1: Check common WordPress sites (safe targets for testing)
POTENTIAL_TARGETS=(
    "demo.wordpress.com"
    "test.wordpress.com"
    "wordpressdemo.com"
    "wpdemo.com"
)

echo "[*] Testing potential targets..."
echo ""

for target in "${POTENTIAL_TARGETS[@]}"; do
    echo "Testing: $target"
    
    # Check if host is reachable
    if ping -c 1 -W 2 "$target" > /dev/null 2>&1; then
        echo "  ✅ Host reachable"
        
        # Test plugin path
        RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" "http://$target/wp-content/plugins/adaptive-images/adaptive-images-script.php" 2>/dev/null || echo "000")
        
        if [ "$RESPONSE" != "000" ] && [ "$RESPONSE" != "404" ]; then
            echo "  ⚠️  Plugin path found (HTTP $RESPONSE)"
            echo "$target" >> "$TEMP_TARGETS"
        else
            echo "  ❌ Plugin not found"
        fi
    else
        echo "  ❌ Host unreachable"
    fi
done

echo ""

# Method 2: Use Nuclei with template to find real targets
echo -e "${YELLOW}[*] Running Nuclei to find real vulnerable targets...${NC}"
echo ""

echo "Command: nuclei -t /Volumes/Codingsh/experimentos/nuclei-templates/http/cves/2019/CVE-2019-14206.yaml -l <target-list> -o results.txt"
echo ""

# Create a sample target list for testing
SAMPLE_TARGETS="/tmp/wordpress-sites.txt"

# This would be populated with real targets in a production scenario
# For demonstration, we'll test with a known safe target
cat > "$SAMPLE_TARGETS" << 'EOF'
https://www.example.com
https://www.wordpress.com
https://demo.example.com
EOF

echo "[*] Sample targets created: $SAMPLE_TARGETS"
echo ""

# Test the template against sample targets
echo -e "${YELLOW}[*] Testing template against sample targets...${NC}"
nuclei -t /Volumes/Codingsh/experimentos/nuclei-templates/http/cves/2019/CVE-2019-14206.yaml -l "$SAMPLE_TARGETS" -v 2>&1 | head -30

echo ""

# Summary
echo -e "${GREEN}[*] Testing Summary${NC}"
echo "----------------------------------------"
echo "Template: http/cves/2019/CVE-2019-14206.yaml"
echo "Status: ✅ Ready for production testing"
echo ""

echo "[*] To test with your own targets:"
echo "  1. Create target list: echo 'https://target.com' > targets.txt"
echo "  2. Run nuclei: nuclei -t http/cves/2019/CVE-2019-14206.yaml -l targets.txt -o results.txt"
echo "  3. Check results: cat results.txt"
echo ""

echo -e "${RED}[!] Important: Only test systems you have permission to test!${NC}"
echo ""

# Cleanup
rm -f "$TEMP_TARGETS" "$SAMPLE_TARGETS"

echo -e "${GREEN}[+] Real target testing ready!${NC}"
echo "=========================================="