garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

bugfixing and more rspec tests

Browse Source
This commit is contained in:
Christian Mehlmauer
2012-09-21 22:10:33 +02:00
parent 7a224a078b
commit 29280dc0ab
50 changed files with 206 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
doc/Array.html
View File

@@ -166,6 +166,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/Browser.html
View File

@@ -182,6 +182,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

23
doc/BruteForce.html
View File

@@ -158,6 +158,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>
@@ -219,10 +221,10 @@ on large wordlists, although bareable.</p>
<div class="method-source-code" id="lines_in_file-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/brute_force.rb, line 111</span>
<span class="ruby-comment"># File lib/wpscan/modules/brute_force.rb, line 114</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">lines_in_file</span>(<span class="ruby-identifier">file_path</span>)
<span class="ruby-identifier">lines</span> = <span class="ruby-value">0</span>
<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-identifier">file_path</span>, <span class="ruby-string">'r'</span>).<span class="ruby-identifier">each</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">line</span><span class="ruby-operator">|</span> <span class="ruby-identifier">lines</span> <span class="ruby-operator">+=</span> <span class="ruby-value">1</span> }
<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-identifier">file_path</span>, <span class="ruby-string">'r'</span>).<span class="ruby-identifier">each</span> { <span class="ruby-operator">||</span> <span class="ruby-identifier">lines</span> <span class="ruby-operator">+=</span> <span class="ruby-value">1</span> }
<span class="ruby-identifier">lines</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- lines_in_file-source -->
@@ -265,23 +267,24 @@ on large wordlists, although bareable.</p>
<span class="ruby-identifier">hydra</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">hydra</span>
<span class="ruby-identifier">number_of_passwords</span> = <span class="ruby-constant">BruteForce</span>.<span class="ruby-identifier">lines_in_file</span>(<span class="ruby-identifier">wordlist_path</span>)
<span class="ruby-identifier">login_url</span> = <span class="ruby-identifier">login_url</span>()
<span class="ruby-identifier">found</span> = []
<span class="ruby-identifier">logins</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">login</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">queue_count</span> = <span class="ruby-value">0</span>
<span class="ruby-identifier">request_count</span> = <span class="ruby-value">0</span>
<span class="ruby-identifier">password_found</span> = <span class="ruby-keyword">false</span>
<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-identifier">wordlist_path</span>, <span class="ruby-string">'r'</span>).<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">password</span><span class="ruby-operator">|</span>
<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-identifier">wordlist_path</span>, <span class="ruby-string">&quot;r&quot;</span>).<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">password</span><span class="ruby-operator">|</span>
<span class="ruby-comment"># ignore file comments, but will miss passwords if they start with a hash...</span>
<span class="ruby-keyword">next</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">password</span>[<span class="ruby-value">0</span>,<span class="ruby-value">1</span>] <span class="ruby-operator">==</span> <span class="ruby-string">'#'</span>
<span class="ruby-keyword">next</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">password</span>[<span class="ruby-value">0</span>,<span class="ruby-value">1</span>] <span class="ruby-operator">==</span> <span class="ruby-node">&quot;#&quot;</span>
<span class="ruby-comment"># keep a count of the amount of requests to be sent</span>
<span class="ruby-identifier">request_count</span> <span class="ruby-operator">+=</span> <span class="ruby-value">1</span>
<span class="ruby-identifier">queue_count</span> <span class="ruby-operator">+=</span> <span class="ruby-value">1</span>
<span class="ruby-comment"># create local vars for on_complete call back, Issue 51.</span>
<span class="ruby-identifier">username</span> = <span class="ruby-identifier">login</span>
<span class="ruby-identifier">username</span> = <span class="ruby-identifier">login</span>.<span class="ruby-identifier">name</span>
<span class="ruby-identifier">password</span> = <span class="ruby-identifier">password</span>
<span class="ruby-comment"># the request object</span>
@@ -302,18 +305,20 @@ on large wordlists, although bareable.</p>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;\nIncorrect username and/or password.&quot;</span> <span class="ruby-keyword">if</span> <span class="ruby-ivar">@verbose</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">302</span>
<span class="ruby-identifier">puts</span> <span class="ruby-node">&quot;\n [SUCCESS] Username : #{username} Password : #{password}\n&quot;</span>
<span class="ruby-identifier">found</span> <span class="ruby-operator">&lt;&lt;</span> { <span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">username</span>, <span class="ruby-value">:password</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">password</span> }
<span class="ruby-identifier">password_found</span> = <span class="ruby-keyword">true</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">timed_out?</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;ERROR: Request timed out.&quot;</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">0</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;ERROR: No response from remote server. WAF/IPS?&quot;</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/^50/</span>
<span class="ruby-comment"># code is a fixnum, needs a string for regex</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span>.<span class="ruby-identifier">to_s</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/^50/</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;ERROR: Server error, try reducing the number of threads.&quot;</span>
<span class="ruby-keyword">else</span>
<span class="ruby-identifier">puts</span> <span class="ruby-node">&quot;\nERROR: We recieved an unknown response for #{password}...&quot;</span>
<span class="ruby-keyword">if</span> <span class="ruby-ivar">@verbose</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">'Code: '</span> <span class="ruby-operator">+</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span>.<span class="ruby-identifier">to_s</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">'Body: '</span> <span class="ruby-operator">+</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>
<span class="ruby-identifier">puts</span> <span class="ruby-node">&quot;Code: #{response.code.to_s}&quot;</span>
<span class="ruby-identifier">puts</span> <span class="ruby-node">&quot;Body: #{response.body}&quot;</span>
<span class="ruby-identifier">puts</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
@@ -343,7 +348,7 @@ on large wordlists, although bareable.</p>
<span class="ruby-comment"># run all of the remaining requests</span>
<span class="ruby-identifier">hydra</span>.<span class="ruby-identifier">run</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">found</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- brute_force-source -->

2
doc/CREDITS.html
View File

@@ -122,6 +122,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/CacheFileStore.html
View File

@@ -172,6 +172,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/Exploit.html
View File

@@ -190,6 +190,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/Generate_List.html
View File

@@ -172,6 +172,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/GitUpdater.html
View File

@@ -170,6 +170,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/Malwares.html
View File

@@ -162,6 +162,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

4
doc/Object.html
View File

@@ -182,6 +182,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>
@@ -433,7 +435,7 @@
<span class="ruby-keyword">break</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">looping</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">false</span> <span class="ruby-keyword">or</span> (<span class="ruby-identifier">counter</span> * <span class="ruby-value">-1</span> ) <span class="ruby-operator">&gt;=</span> <span class="ruby-identifier">base</span>.<span class="ruby-identifier">length</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">looping</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">false</span> <span class="ruby-keyword">or</span> (<span class="ruby-identifier">counter</span> * <span class="ruby-value">-1</span> ) <span class="ruby-operator">&gt;</span> <span class="ruby-identifier">base</span>.<span class="ruby-identifier">length</span>
<span class="ruby-keyword">break</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">already_found</span> = <span class="ruby-node">&quot;#{character if character}#{already_found}&quot;</span>

2
doc/README.html
View File

@@ -122,6 +122,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/RpcClient.html
View File

@@ -190,6 +190,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/SvnUpdater.html
View File

@@ -168,6 +168,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/Svn_Parser.html
View File

@@ -166,6 +166,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/Updater.html
View File

@@ -172,6 +172,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/UpdaterFactory.html
View File

@@ -166,6 +166,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/Vulnerable.html
View File

@@ -164,6 +164,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WebSite.html
View File

@@ -162,6 +162,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpConfigBackup.html
View File

@@ -158,6 +158,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpDetector.html
View File

@@ -166,6 +166,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpEnumerator.html
View File

@@ -166,6 +166,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpFullPathDisclosure.html
View File

@@ -158,6 +158,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpItem.html
View File

@@ -190,6 +190,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpOptions.html
View File

@@ -164,6 +164,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpPlugin.html
View File

@@ -168,6 +168,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpPlugins.html
View File

@@ -158,6 +158,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpReadme.html
View File

@@ -158,6 +158,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpTarget.html
View File

@@ -240,6 +240,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpTheme.html
View File

@@ -172,6 +172,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpTimthumbs.html
View File

@@ -160,6 +160,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

28
doc/WpUsernames.html
View File

@@ -166,6 +166,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>
@@ -226,7 +228,7 @@
<div class="method-source-code" id="author_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 98</span>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 102</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">author_url</span>(<span class="ruby-identifier">author_id</span>)
<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-node">&quot;?author=#{author_id}&quot;</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>
@@ -259,7 +261,7 @@
<div class="method-source-code" id="extract_nickname_from_body-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 79</span>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 77</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">extract_nickname_from_body</span>(<span class="ruby-identifier">body</span>)
<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%{&lt;title&gt;([^&lt;]*)&lt;/title&gt;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
@@ -292,7 +294,7 @@
<div class="method-source-code" id="get_nickname_from_response-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 71</span>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 69</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_nickname_from_response</span>(<span class="ruby-identifier">resp</span>)
<span class="ruby-identifier">nickname</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">200</span>
@@ -329,7 +331,7 @@
<div class="method-source-code" id="get_nickname_from_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 62</span>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 60</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_nickname_from_url</span>(<span class="ruby-identifier">url</span>)
<span class="ruby-identifier">resp</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">url</span>, { <span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span> })
<span class="ruby-identifier">nickname</span> = <span class="ruby-keyword">nil</span>
@@ -367,18 +369,24 @@
<div class="method-source-code" id="remove_junk_from_nickname-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 83</span>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 81</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">remove_junk_from_nickname</span>(<span class="ruby-identifier">usernames</span>)
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">usernames</span>.<span class="ruby-identifier">kind_of?</span> <span class="ruby-constant">Array</span>
<span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;Need an array as input&quot;</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">nicknames</span> = []
<span class="ruby-identifier">usernames</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">u</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">nickname</span> = <span class="ruby-identifier">u</span>[<span class="ruby-value">:nickname</span>]
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">u</span>.<span class="ruby-identifier">kind_of?</span> <span class="ruby-constant">WpUser</span>
<span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;Items must be of type WpUser&quot;</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">nickname</span> = <span class="ruby-identifier">u</span>.<span class="ruby-identifier">nickname</span>
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">nickname</span> <span class="ruby-operator">==</span> <span class="ruby-string">&quot;empty&quot;</span>
<span class="ruby-identifier">nicknames</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">nickname</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">junk</span> = <span class="ruby-identifier">get_equal_string_end</span>(<span class="ruby-identifier">nicknames</span>)
<span class="ruby-identifier">usernames</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">u</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">u</span>[<span class="ruby-value">:nickname</span>] = <span class="ruby-identifier">u</span>[<span class="ruby-value">:nickname</span>].<span class="ruby-identifier">sub</span>(<span class="ruby-node">/#{Regexp.escape(junk)}$/</span>, <span class="ruby-string">&quot;&quot;</span>)
<span class="ruby-identifier">u</span>.<span class="ruby-identifier">nickname</span> = <span class="ruby-identifier">u</span>.<span class="ruby-identifier">nickname</span>.<span class="ruby-identifier">sub</span>(<span class="ruby-node">/#{Regexp.escape(junk)}$/</span>, <span class="ruby-string">&quot;&quot;</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">usernames</span>
<span class="ruby-keyword">end</span></pre>
@@ -412,7 +420,7 @@ href="http://seclists.org/fulldisclosure/2011/May/493">seclists.org/fulldisclosu
<pre>:range - default : 1..10</pre>
<p>returns an array of usernames (can be empty)</p>
<p>returns an array of <a href="WpUser.html">WpUser</a> (can be empty)</p>
@@ -440,9 +448,7 @@ href="http://seclists.org/fulldisclosure/2011/May/493">seclists.org/fulldisclosu
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">username</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">nil</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">nickname</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">nil</span>
<span class="ruby-identifier">usernames</span> <span class="ruby-operator">&lt;&lt;</span> { <span class="ruby-value">:id</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">author_id</span>,
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">username</span> <span class="ruby-operator">?</span> <span class="ruby-identifier">username</span> <span class="ruby-operator">:</span> <span class="ruby-string">&quot;empty&quot;</span>,
<span class="ruby-value">:nickname</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">nickname</span> <span class="ruby-operator">?</span> <span class="ruby-identifier">nickname</span> <span class="ruby-operator">:</span> <span class="ruby-string">&quot;empty&quot;</span>}
<span class="ruby-identifier">usernames</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-constant">WpUser</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">username</span>, <span class="ruby-identifier">author_id</span>, <span class="ruby-identifier">nickname</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">usernames</span> = <span class="ruby-identifier">remove_junk_from_nickname</span>(<span class="ruby-identifier">usernames</span>)

2
doc/WpVersion.html
View File

@@ -178,6 +178,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

2
doc/WpVulnerability.html
View File

@@ -164,6 +164,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>

4
doc/WpscanOptions.html
View File

@@ -198,6 +198,8 @@
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUser.html">WpUser</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
<li><a href="./WpVersion.html">WpVersion</a></li>
@@ -552,7 +554,7 @@ any remaining - by _</p>
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 101</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_only_vulnerable_themes=</span>(<span class="ruby-identifier">enumerate_only_vulnerable_themes</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_only_vulnerable_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> <span class="ruby-ivar">@enumerate_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_only_vulnerable_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> <span class="ruby-ivar">@enumerate_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;You can't enumerate themes and only vulnerable themes at the same time, please choose only one&quot;</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@enumerate_only_vulnerable_themes</span> = <span class="ruby-identifier">enumerate_only_vulnerable_themes</span>

29
doc/created.rid
View File

@@ -1,41 +1,42 @@
Thu, 20 Sep 2012 22:51:52 +0200
Fri, 21 Sep 2012 22:09:53 +0200
./CREDITS Mon, 17 Sep 2012 20:18:24 +0200
./lib/browser.rb Sun, 16 Sep 2012 15:18:58 +0200
./lib/cache_file_store.rb Sat, 15 Sep 2012 08:04:03 +0200
./lib/common_helper.rb Thu, 20 Sep 2012 22:01:50 +0200
./lib/common_helper.rb Fri, 21 Sep 2012 19:02:49 +0200
./lib/environment.rb Thu, 20 Sep 2012 22:12:57 +0200
./lib/updater/git_updater.rb Sat, 15 Sep 2012 08:00:23 +0200
./lib/updater/svn_updater.rb Sat, 15 Sep 2012 08:00:34 +0200
./lib/updater/updater.rb Sat, 15 Sep 2012 08:00:40 +0200
./lib/updater/updater_factory.rb Sat, 15 Sep 2012 08:00:46 +0200
./lib/wpscan/exploit.rb Sat, 15 Sep 2012 08:02:16 +0200
./lib/wpscan/modules/brute_force.rb Wed, 19 Sep 2012 21:41:41 +0200
./lib/wpscan/modules/brute_force.rb Fri, 21 Sep 2012 20:51:52 +0200
./lib/wpscan/modules/malwares.rb Thu, 20 Sep 2012 22:23:58 +0200
./lib/wpscan/modules/web_site.rb Wed, 19 Sep 2012 21:33:46 +0200
./lib/wpscan/modules/wp_config_backup.rb Sat, 15 Sep 2012 08:01:11 +0200
./lib/wpscan/modules/wp_full_path_disclosure.rb Sat, 15 Sep 2012 08:01:17 +0200
./lib/wpscan/modules/wp_login_protection.rb Tue, 18 Sep 2012 17:51:20 +0200
./lib/wpscan/modules/wp_plugins.rb Tue, 18 Sep 2012 22:27:43 +0200
./lib/wpscan/modules/wp_plugins.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/modules/wp_readme.rb Sat, 15 Sep 2012 08:01:52 +0200
./lib/wpscan/modules/wp_themes.rb Tue, 18 Sep 2012 22:28:05 +0200
./lib/wpscan/modules/wp_themes.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/modules/wp_timthumbs.rb Wed, 19 Sep 2012 15:03:22 +0200
./lib/wpscan/modules/wp_usernames.rb Thu, 20 Sep 2012 22:51:18 +0200
./lib/wpscan/modules/wp_usernames.rb Fri, 21 Sep 2012 18:48:29 +0200
./lib/wpscan/msfrpc_client.rb Sat, 15 Sep 2012 08:02:28 +0200
./lib/wpscan/vulnerable.rb Wed, 19 Sep 2012 22:21:47 +0200
./lib/wpscan/wp_detector.rb Thu, 20 Sep 2012 22:14:29 +0200
./lib/wpscan/wp_enumerator.rb Wed, 19 Sep 2012 22:30:45 +0200
./lib/wpscan/wp_item.rb Wed, 19 Sep 2012 22:21:19 +0200
./lib/wpscan/wp_options.rb Tue, 18 Sep 2012 22:28:27 +0200
./lib/wpscan/wp_plugin.rb Wed, 19 Sep 2012 22:20:29 +0200
./lib/wpscan/wp_detector.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_enumerator.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_item.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_options.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_plugin.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_target.rb Thu, 20 Sep 2012 22:16:44 +0200
./lib/wpscan/wp_theme.rb Wed, 19 Sep 2012 22:20:40 +0200
./lib/wpscan/wp_theme.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_user.rb Fri, 21 Sep 2012 18:00:14 +0200
./lib/wpscan/wp_version.rb Wed, 19 Sep 2012 21:33:07 +0200
./lib/wpscan/wp_vulnerability.rb Sat, 15 Sep 2012 08:03:09 +0200
./lib/wpscan/wpscan_helper.rb Sat, 15 Sep 2012 21:19:30 +0200
./lib/wpscan/wpscan_options.rb Tue, 18 Sep 2012 17:29:40 +0200
./lib/wpscan/wpscan_options.rb Fri, 21 Sep 2012 22:04:11 +0200
./lib/wpstools/generate_list.rb Sat, 15 Sep 2012 08:03:43 +0200
./lib/wpstools/parse_svn.rb Sat, 15 Sep 2012 23:36:25 +0200
./lib/wpstools/wpstools_helper.rb Sat, 15 Sep 2012 08:03:49 +0200
./README Thu, 13 Sep 2012 22:54:08 +0200
./wpscan.rb Thu, 20 Sep 2012 22:49:19 +0200
./wpscan.rb Fri, 21 Sep 2012 18:13:48 +0200
./wpstools.rb Sat, 15 Sep 2012 08:06:35 +0200

76
doc/index.html
View File

@@ -100,6 +100,8 @@
<li class="module"><a href="WpTimthumbs.html">WpTimthumbs</a></li>
<li class="class"><a href="WpUser.html">WpUser</a></li>
<li class="module"><a href="WpUsernames.html">WpUsernames</a></li>
<li class="class"><a href="WpVersion.html">WpVersion</a></li>
@@ -161,32 +163,34 @@
<li><a href="Malwares.html#method-c-malwares_file">::malwares_file &mdash; Malwares</a></li>
<li><a href="CacheFileStore.html#method-c-new">::new &mdash; CacheFileStore</a></li>
<li><a href="WpItem.html#method-c-new">::new &mdash; WpItem</a></li>
<li><a href="WpVersion.html#method-c-new">::new &mdash; WpVersion</a></li>
<li><a href="WpVulnerability.html#method-c-new">::new &mdash; WpVulnerability</a></li>
<li><a href="WpscanOptions.html#method-c-new">::new &mdash; WpscanOptions</a></li>
<li><a href="RpcClient.html#method-c-new">::new &mdash; RpcClient</a></li>
<li><a href="Svn_Parser.html#method-c-new">::new &mdash; Svn_Parser</a></li>
<li><a href="Generate_List.html#method-c-new">::new &mdash; Generate_List</a></li>
<li><a href="WpTheme.html#method-c-new">::new &mdash; WpTheme</a></li>
<li><a href="WpPlugin.html#method-c-new">::new &mdash; WpPlugin</a></li>
<li><a href="Exploit.html#method-c-new">::new &mdash; Exploit</a></li>
<li><a href="WpPlugin.html#method-c-new">::new &mdash; WpPlugin</a></li>
<li><a href="Svn_Parser.html#method-c-new">::new &mdash; Svn_Parser</a></li>
<li><a href="WpTarget.html#method-c-new">::new &mdash; WpTarget</a></li>
<li><a href="WpUser.html#method-c-new">::new &mdash; WpUser</a></li>
<li><a href="Generate_List.html#method-c-new">::new &mdash; Generate_List</a></li>
<li><a href="Updater.html#method-c-new">::new &mdash; Updater</a></li>
<li><a href="WpItem.html#method-c-new">::new &mdash; WpItem</a></li>
<li><a href="CacheFileStore.html#method-c-new">::new &mdash; CacheFileStore</a></li>
<li><a href="WpVulnerability.html#method-c-new">::new &mdash; WpVulnerability</a></li>
<li><a href="WpTheme.html#method-c-new">::new &mdash; WpTheme</a></li>
<li><a href="WpscanOptions.html#method-c-new">::new &mdash; WpscanOptions</a></li>
<li><a href="WpTarget.html#method-c-new">::new &mdash; WpTarget</a></li>
<li><a href="WpscanOptions.html#method-c-option_to_instance_variable_setter">::option_to_instance_variable_setter &mdash; WpscanOptions</a></li>
<li><a href="WpDetector.html#method-c-passive_detection">::passive_detection &mdash; WpDetector</a></li>
@@ -199,8 +203,12 @@
<li><a href="WpItem.html#method-i-3C-3D-3E">#<=> &mdash; WpItem</a></li>
<li><a href="WpUser.html#method-i-3C-3D-3E">#<=> &mdash; WpUser</a></li>
<li><a href="WpItem.html#method-i-3D-3D">#== &mdash; WpItem</a></li>
<li><a href="WpUser.html#method-i-3D-3D-3D">#=== &mdash; WpUser</a></li>
<li><a href="WpItem.html#method-i-3D-3D-3D">#=== &mdash; WpItem</a></li>
<li><a href="WpTheme.html#method-i-3D-3D-3D">#=== &mdash; WpTheme</a></li>
@@ -245,6 +253,8 @@
<li><a href="WpscanOptions.html#method-i-enumerate_themes-3D">#enumerate_themes= &mdash; WpscanOptions</a></li>
<li><a href="WpUser.html#method-i-eql-3F">#eql? &mdash; WpUser</a></li>
<li><a href="WpTarget.html#method-i-error_404_hash">#error_404_hash &mdash; WpTarget</a></li>
<li><a href="WpPlugin.html#method-i-error_log-3F">#error_log? &mdash; WpPlugin</a></li>
@@ -341,21 +351,21 @@
<li><a href="RpcClient.html#method-i-jobs">#jobs &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-i-kill_session">#kill_session &mdash; Exploit</a></li>
<li><a href="RpcClient.html#method-i-kill_session">#kill_session &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-i-kill_session">#kill_session &mdash; Exploit</a></li>
<li><a href="Exploit.html#method-i-last_session_id">#last_session_id &mdash; Exploit</a></li>
<li><a href="WpLoginProtection.html#method-i-limit_login_attempts_url">#limit_login_attempts_url &mdash; WpLoginProtection</a></li>
<li><a href="Browser.html#method-i-load_config">#load_config &mdash; Browser</a></li>
<li><a href="SvnUpdater.html#method-i-local_revision_number">#local_revision_number &mdash; SvnUpdater</a></li>
<li><a href="GitUpdater.html#method-i-local_revision_number">#local_revision_number &mdash; GitUpdater</a></li>
<li><a href="Updater.html#method-i-local_revision_number">#local_revision_number &mdash; Updater</a></li>
<li><a href="GitUpdater.html#method-i-local_revision_number">#local_revision_number &mdash; GitUpdater</a></li>
<li><a href="SvnUpdater.html#method-i-local_revision_number">#local_revision_number &mdash; SvnUpdater</a></li>
<li><a href="RpcClient.html#method-i-login">#login &mdash; RpcClient</a></li>
@@ -371,14 +381,14 @@
<li><a href="Browser.html#method-i-merge_request_params">#merge_request_params &mdash; Browser</a></li>
<li><a href="Exploit.html#method-i-meterpreter_read">#meterpreter_read &mdash; Exploit</a></li>
<li><a href="RpcClient.html#method-i-meterpreter_read">#meterpreter_read &mdash; RpcClient</a></li>
<li><a href="RpcClient.html#method-i-meterpreter_write">#meterpreter_write &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-i-meterpreter_read">#meterpreter_read &mdash; Exploit</a></li>
<li><a href="Exploit.html#method-i-meterpreter_write">#meterpreter_write &mdash; Exploit</a></li>
<li><a href="RpcClient.html#method-i-meterpreter_write">#meterpreter_write &mdash; RpcClient</a></li>
<li><a href="Svn_Parser.html#method-i-parse">#parse &mdash; Svn_Parser</a></li>
<li><a href="WpPlugins.html#method-i-plugins_from_aggressive_detection">#plugins_from_aggressive_detection &mdash; WpPlugins</a></li>
@@ -393,14 +403,14 @@
<li><a href="CacheFileStore.html#method-i-read_entry">#read_entry &mdash; CacheFileStore</a></li>
<li><a href="RpcClient.html#method-i-read_shell">#read_shell &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-i-read_shell">#read_shell &mdash; Exploit</a></li>
<li><a href="WpItem.html#method-i-readme_url">#readme_url &mdash; WpItem</a></li>
<li><a href="RpcClient.html#method-i-read_shell">#read_shell &mdash; RpcClient</a></li>
<li><a href="WpReadme.html#method-i-readme_url">#readme_url &mdash; WpReadme</a></li>
<li><a href="WpItem.html#method-i-readme_url">#readme_url &mdash; WpItem</a></li>
<li><a href="WebSite.html#method-i-redirection">#redirection &mdash; WebSite</a></li>
<li><a href="WpTarget.html#method-i-registration_enabled-3F">#registration_enabled? &mdash; WpTarget</a></li>
@@ -417,10 +427,10 @@
<li><a href="Exploit.html#method-i-session_count">#session_count &mdash; Exploit</a></li>
<li><a href="RpcClient.html#method-i-sessions">#sessions &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-i-sessions">#sessions &mdash; Exploit</a></li>
<li><a href="RpcClient.html#method-i-sessions">#sessions &mdash; RpcClient</a></li>
<li><a href="WpscanOptions.html#method-i-set_option_from_cli">#set_option_from_cli &mdash; WpscanOptions</a></li>
<li><a href="WpLoginProtection.html#method-i-simple_login_lockdown_url">#simple_login_lockdown_url &mdash; WpLoginProtection</a></li>
@@ -443,11 +453,11 @@
<li><a href="WpItem.html#method-i-to_s">#to_s &mdash; WpItem</a></li>
<li><a href="GitUpdater.html#method-i-update">#update &mdash; GitUpdater</a></li>
<li><a href="Updater.html#method-i-update">#update &mdash; Updater</a></li>
<li><a href="SvnUpdater.html#method-i-update">#update &mdash; SvnUpdater</a></li>
<li><a href="Updater.html#method-i-update">#update &mdash; Updater</a></li>
<li><a href="GitUpdater.html#method-i-update">#update &mdash; GitUpdater</a></li>
<li><a href="WpTarget.html#method-i-url">#url &mdash; WpTarget</a></li>
@@ -461,10 +471,10 @@
<li><a href="WpUsernames.html#method-i-usernames">#usernames &mdash; WpUsernames</a></li>
<li><a href="WpItem.html#method-i-version">#version &mdash; WpItem</a></li>
<li><a href="WpTarget.html#method-i-version">#version &mdash; WpTarget</a></li>
<li><a href="WpItem.html#method-i-version">#version &mdash; WpItem</a></li>
<li><a href="Vulnerable.html#method-i-vulnerabilities">#vulnerabilities &mdash; Vulnerable</a></li>
<li><a href="WpscanOptions.html#method-i-wordlist-3D">#wordlist= &mdash; WpscanOptions</a></li>
@@ -475,10 +485,10 @@
<li><a href="CacheFileStore.html#method-i-write_entry">#write_entry &mdash; CacheFileStore</a></li>
<li><a href="RpcClient.html#method-i-write_shell">#write_shell &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-i-write_shell">#write_shell &mdash; Exploit</a></li>
<li><a href="RpcClient.html#method-i-write_shell">#write_shell &mdash; RpcClient</a></li>
<li><a href="WebSite.html#method-i-xmlrpc_url">#xmlrpc_url &mdash; WebSite</a></li>
</ul>

2
doc/lib/common_helper_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-20 22:01:50 +0200</dd>
<dd class="modified-date">2012-09-21 19:02:49 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/modules/brute_force_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-19 21:41:41 +0200</dd>
<dd class="modified-date">2012-09-21 20:51:52 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/modules/wp_plugins_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-18 22:27:43 +0200</dd>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/modules/wp_usernames_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-20 22:51:18 +0200</dd>
<dd class="modified-date">2012-09-21 18:48:29 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_detector_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-20 22:14:29 +0200</dd>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_enumerator_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-19 22:30:45 +0200</dd>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_options_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-18 22:28:27 +0200</dd>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_plugin_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-19 22:20:29 +0200</dd>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_theme_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-19 22:20:40 +0200</dd>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wpscan_options_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-18 17:29:40 +0200</dd>
<dd class="modified-date">2012-09-21 22:04:11 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/wpscan_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-20 22:49:19 +0200</dd>
<dd class="modified-date">2012-09-21 18:13:48 +0200</dd>
<dt class="requires">Requires</dt>

2
lib/wpscan/wpscan_options.rb
View File

@@ -99,7 +99,7 @@ class WpscanOptions
end
def enumerate_only_vulnerable_themes=(enumerate_only_vulnerable_themes)
if enumerate_only_vulnerable_themes === true and @enumerate_plugins === true
if enumerate_only_vulnerable_themes === true and @enumerate_themes === true
raise "You can't enumerate themes and only vulnerable themes at the same time, please choose only one"
else
@enumerate_only_vulnerable_themes = enumerate_only_vulnerable_themes

5
spec/lib/wpscan/wp_options_spec.rb
View File

@@ -129,5 +129,10 @@ describe WpOptions do
@options[:type] = nil
@message = "type must be set"
end
it "should raise an exception (type unknown)" do
@options[:type] = "unknown"
@message = "Unknown type unknown"
end
end
end

36
spec/lib/wpscan/wpscan_options_spec.rb
View File

@@ -88,7 +88,8 @@ describe "WpscanOptions" do
describe "#enumerate_plugins=" do
it "should raise an error" do
@wpscan_options.enumerate_only_vulnerable_plugins = true
expect { @wpscan_options.enumerate_plugins = true }.to raise_error
expect { @wpscan_options.enumerate_plugins = true }.to raise_error(RuntimeError,
"You can't enumerate plugins and only vulnerable plugins at the same time, please choose only one")
end
it "should not raise an error" do
@@ -99,10 +100,26 @@ describe "WpscanOptions" do
end
end
describe "#enumerate_themes=" do
it "should raise an error" do
@wpscan_options.enumerate_only_vulnerable_themes = true
expect { @wpscan_options.enumerate_themes = true }.to raise_error(RuntimeError,
"You can't enumerate themes and only vulnerable themes at the same time, please choose only one")
end
it "should not raise an error" do
@wpscan_options.enumerate_only_vulnerable_themes = false
@wpscan_options.enumerate_themes = true
@wpscan_options.enumerate_themes.should be_true
end
end
describe "#enumerate_only_vulnerable_plugins=" do
it "should raise an error" do
@wpscan_options.enumerate_plugins = true
expect { @wpscan_options.enumerate_only_vulnerable_plugins = true }.to raise_error
expect { @wpscan_options.enumerate_only_vulnerable_plugins = true }.to raise_error(RuntimeError,
"You can't enumerate plugins and only vulnerable plugins at the same time, please choose only one")
end
it "should not raise an error" do
@@ -113,6 +130,21 @@ describe "WpscanOptions" do
end
end
describe "#enumerate_only_vulnerable_themes=" do
it "should raise an error" do
@wpscan_options.enumerate_themes = true
expect { @wpscan_options.enumerate_only_vulnerable_themes = true }.to raise_error(RuntimeError,
"You can't enumerate themes and only vulnerable themes at the same time, please choose only one")
end
it "should not raise an error" do
@wpscan_options.enumerate_themes = false
@wpscan_options.enumerate_only_vulnerable_themes = true
@wpscan_options.enumerate_only_vulnerable_themes.should be_true
end
end
describe "#to_h" do
it "should return an empty hash" do
@wpscan_options.to_h.should be_a Hash