garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs

Browse Source
This commit is contained in:
Christian Mehlmauer
2013-01-27 01:16:44 +01:00
parent 60a6f16ddd
commit 1afe12657f
38 changed files with 3644 additions and 437 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
doc/WpscanOptions.html
View File

@@ -394,23 +394,23 @@ any remaining - by _</p>
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 232</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">get_opt_long</span>
<span class="ruby-constant">GetoptLong</span>.<span class="ruby-identifier">new</span>(
[<span class="ruby-string">&quot;--url&quot;</span>, <span class="ruby-string">&quot;-u&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--enumerate&quot;</span>, <span class="ruby-string">&quot;-e&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">OPTIONAL_ARGUMENT</span>],
[<span class="ruby-string">&quot;--username&quot;</span>, <span class="ruby-string">&quot;-U&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--wordlist&quot;</span>, <span class="ruby-string">&quot;-w&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--threads&quot;</span>, <span class="ruby-string">&quot;-t&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--force&quot;</span>, <span class="ruby-string">&quot;-f&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">&quot;--help&quot;</span>, <span class="ruby-string">&quot;-h&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">&quot;--verbose&quot;</span>, <span class="ruby-string">&quot;-v&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">&quot;--proxy&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--proxy-auth&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--update&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">&quot;--follow-redirection&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">&quot;--wp-content-dir&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--wp-plugins-dir&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--config-file&quot;</span>, <span class="ruby-string">&quot;-c&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--exclude-content-based&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--basic-auth&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>]
[<span class="ruby-string">'--url'</span>, <span class="ruby-string">'-u'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">'--enumerate'</span>, <span class="ruby-string">'-e'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">OPTIONAL_ARGUMENT</span>],
[<span class="ruby-string">'--username'</span>, <span class="ruby-string">'-U'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">'--wordlist'</span>, <span class="ruby-string">'-w'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">'--threads'</span>, <span class="ruby-string">'-t'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">'--force'</span>, <span class="ruby-string">'-f'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">'--help'</span>, <span class="ruby-string">'-h'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">'--verbose'</span>, <span class="ruby-string">'-v'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">'--proxy'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">'--proxy-auth'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">'--update'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">'--follow-redirection'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">'--wp-content-dir'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">'--wp-plugins-dir'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">'--config-file'</span>, <span class="ruby-string">'-c'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">'--exclude-content-based'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">'--basic-auth'</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>]
)
<span class="ruby-keyword">end</span></pre>
</div><!-- get_opt_long-source -->
@@ -510,7 +510,7 @@ any remaining - by _</p>
<div class="method-source-code" id="basic_auth-3D-source">
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 140</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">basic_auth=</span>(<span class="ruby-identifier">basic_auth</span>)
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Invalid basic authentication format, login:password expected&quot;</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">basic_auth</span>.<span class="ruby-identifier">index</span>(<span class="ruby-string">':'</span>).<span class="ruby-identifier">nil?</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">'Invalid basic authentication format, login:password expected'</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">basic_auth</span>.<span class="ruby-identifier">index</span>(<span class="ruby-string">':'</span>).<span class="ruby-identifier">nil?</span>
<span class="ruby-ivar">@basic_auth</span> = <span class="ruby-node">&quot;Basic #{Base64.encode64(basic_auth).chomp}&quot;</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- basic_auth-3D-source -->
@@ -542,7 +542,7 @@ any remaining - by _</p>
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 108</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_all_plugins=</span>(<span class="ruby-identifier">enumerate_all_plugins</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_all_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> (<span class="ruby-ivar">@enumerate_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">or</span> <span class="ruby-ivar">@enumerate_only_vulnerable_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>)
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Please choose only one plugin enumeration option&quot;</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">'Please choose only one plugin enumeration option'</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@enumerate_all_plugins</span> = <span class="ruby-identifier">enumerate_all_plugins</span>
<span class="ruby-keyword">end</span>
@@ -576,7 +576,7 @@ any remaining - by _</p>
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 132</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_all_themes=</span>(<span class="ruby-identifier">enumerate_all_themes</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_all_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> (<span class="ruby-ivar">@enumerate_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">or</span> <span class="ruby-ivar">@enumerate_only_vulnerable_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>)
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Please choose only one theme enumeration option&quot;</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">'Please choose only one theme enumeration option'</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@enumerate_all_themes</span> = <span class="ruby-identifier">enumerate_all_themes</span>
<span class="ruby-keyword">end</span>
@@ -610,7 +610,7 @@ any remaining - by _</p>
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 100</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_only_vulnerable_plugins=</span>(<span class="ruby-identifier">enumerate_only_vulnerable_plugins</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_only_vulnerable_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> (<span class="ruby-ivar">@enumerate_all_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">or</span> <span class="ruby-ivar">@enumerate_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>)
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Please choose only one plugin enumeration option&quot;</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">'Please choose only one plugin enumeration option'</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@enumerate_only_vulnerable_plugins</span> = <span class="ruby-identifier">enumerate_only_vulnerable_plugins</span>
<span class="ruby-keyword">end</span>
@@ -644,7 +644,7 @@ any remaining - by _</p>
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 124</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_only_vulnerable_themes=</span>(<span class="ruby-identifier">enumerate_only_vulnerable_themes</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_only_vulnerable_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> (<span class="ruby-ivar">@enumerate_all_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">or</span> <span class="ruby-ivar">@enumerate_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>)
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Please choose only one theme enumeration option&quot;</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">'Please choose only one theme enumeration option'</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@enumerate_only_vulnerable_themes</span> = <span class="ruby-identifier">enumerate_only_vulnerable_themes</span>
<span class="ruby-keyword">end</span>
@@ -683,7 +683,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_options_from_string</span>(<span class="ruby-identifier">value</span>)
<span class="ruby-comment"># Usage of self is mandatory because there are overridden setters</span>
<span class="ruby-identifier">value</span> = <span class="ruby-identifier">value</span>.<span class="ruby-identifier">split</span>(<span class="ruby-string">','</span>).<span class="ruby-identifier">map</span>{ <span class="ruby-operator">|</span><span class="ruby-identifier">c</span><span class="ruby-operator">|</span> <span class="ruby-identifier">c</span>.<span class="ruby-identifier">downcase</span> }
<span class="ruby-identifier">value</span> = <span class="ruby-identifier">value</span>.<span class="ruby-identifier">split</span>(<span class="ruby-string">','</span>).<span class="ruby-identifier">map</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">c</span><span class="ruby-operator">|</span> <span class="ruby-identifier">c</span>.<span class="ruby-identifier">downcase</span> }
<span class="ruby-keyword">self</span>.<span class="ruby-identifier">enumerate_only_vulnerable_plugins</span> = <span class="ruby-keyword">true</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">value</span>.<span class="ruby-identifier">include?</span>(<span class="ruby-string">'vp'</span>)
@@ -738,7 +738,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 92</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_plugins=</span>(<span class="ruby-identifier">enumerate_plugins</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> (<span class="ruby-ivar">@enumerate_all_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">or</span> <span class="ruby-ivar">@enumerate_only_vulnerable_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>)
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Please choose only one plugin enumeration option&quot;</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">'Please choose only one plugin enumeration option'</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@enumerate_plugins</span> = <span class="ruby-identifier">enumerate_plugins</span>
<span class="ruby-keyword">end</span>
@@ -772,7 +772,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 116</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_themes=</span>(<span class="ruby-identifier">enumerate_themes</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> (<span class="ruby-ivar">@enumerate_all_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">or</span> <span class="ruby-ivar">@enumerate_only_vulnerable_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>)
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Please choose only one theme enumeration option&quot;</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">'Please choose only one theme enumeration option'</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@enumerate_themes</span> = <span class="ruby-identifier">enumerate_themes</span>
<span class="ruby-keyword">end</span>
@@ -836,7 +836,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 76</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">proxy=</span>(<span class="ruby-identifier">proxy</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">proxy</span>.<span class="ruby-identifier">index</span>(<span class="ruby-string">':'</span>) <span class="ruby-operator">==</span> <span class="ruby-keyword">nil</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Invalid proxy format. Should be host:port.&quot;</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">'Invalid proxy format. Should be host:port.'</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@proxy</span> = <span class="ruby-identifier">proxy</span>
<span class="ruby-keyword">end</span>
@@ -870,7 +870,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 84</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">proxy_auth=</span>(<span class="ruby-identifier">auth</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">auth</span>.<span class="ruby-identifier">index</span>(<span class="ruby-string">':'</span>) <span class="ruby-operator">==</span> <span class="ruby-keyword">nil</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Invalid proxy auth format, username:password expected&quot;</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">'Invalid proxy auth format, username:password expected'</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@proxy_auth</span> = <span class="ruby-identifier">auth</span>
<span class="ruby-keyword">end</span>
@@ -910,9 +910,9 @@ value</p>
<span class="ruby-constant">WpscanOptions</span>.<span class="ruby-identifier">option_to_instance_variable_setter</span>(<span class="ruby-identifier">cli_option</span>),
<span class="ruby-identifier">cli_value</span>
)
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">cli_option</span> <span class="ruby-operator">===</span> <span class="ruby-string">&quot;--enumerate&quot;</span> <span class="ruby-comment"># Special cases</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">cli_option</span> <span class="ruby-operator">===</span> <span class="ruby-string">'--enumerate'</span> <span class="ruby-comment"># Special cases</span>
<span class="ruby-comment"># Default value if no argument is given</span>
<span class="ruby-identifier">cli_value</span> = <span class="ruby-string">&quot;vt,tt,u,vp&quot;</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">cli_value</span>.<span class="ruby-identifier">length</span> <span class="ruby-operator">==</span> <span class="ruby-value">0</span>
<span class="ruby-identifier">cli_value</span> = <span class="ruby-string">'vt,tt,u,vp'</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">cli_value</span>.<span class="ruby-identifier">length</span> <span class="ruby-operator">==</span> <span class="ruby-value">0</span>
<span class="ruby-identifier">enumerate_options_from_string</span>(<span class="ruby-identifier">cli_value</span>)
<span class="ruby-keyword">else</span>
@@ -1016,7 +1016,7 @@ value</p>
<div class="method-source-code" id="url-3D-source">
<pre><span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 58</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">url=</span>(<span class="ruby-identifier">url</span>)
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Empty URL given&quot;</span> <span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">url</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">'Empty URL given'</span> <span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">url</span>
<span class="ruby-ivar">@url</span> = <span class="ruby-constant">URI</span>.<span class="ruby-identifier">parse</span>(<span class="ruby-identifier">add_http_protocol</span>(<span class="ruby-identifier">url</span>)).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>