diff --git a/lib/common/browser.rb b/lib/common/browser.rb index 6cbe37f2..443b3c01 100644 --- a/lib/common/browser.rb +++ b/lib/common/browser.rb @@ -24,7 +24,7 @@ class Browser attr_reader :hydra, :cache_dir - attr_accessor :referer, :cookie + attr_accessor :referer, :cookie, :vhost # @param [ Hash ] options # @@ -135,7 +135,15 @@ class Browser @basic_auth ) end - + + if vhost + params = Browser.append_params_header_field( + params, + 'Host', + vhost + ) + end + params.merge!(referer: referer) params.merge!(timeout: @request_timeout) if @request_timeout params.merge!(connecttimeout: @connect_timeout) if @connect_timeout diff --git a/lib/wpscan/wp_target.rb b/lib/wpscan/wp_target.rb index 8fbb9bac..81d573bd 100644 --- a/lib/wpscan/wp_target.rb +++ b/lib/wpscan/wp_target.rb @@ -28,8 +28,13 @@ class WpTarget < WebSite @wp_content_dir = options[:wp_content_dir] @wp_plugins_dir = options[:wp_plugins_dir] @multisite = nil + @vhost = options[:vhost] Browser.instance.referer = url + if @vhost + Browser.instance.vhost = @vhost + end + end # check if the target website is diff --git a/lib/wpscan/wpscan_options.rb b/lib/wpscan/wpscan_options.rb index dbe03ebc..7a354df5 100644 --- a/lib/wpscan/wpscan_options.rb +++ b/lib/wpscan/wpscan_options.rb @@ -19,6 +19,7 @@ class WpscanOptions :proxy_auth, :threads, :url, + :vhost, :wordlist, :force, :update, @@ -61,6 +62,10 @@ class WpscanOptions @url = URI.parse(add_http_protocol(url)).to_s end + def vhost=(vhost) + @vhost = vhost + end + def threads=(threads) @threads = threads.is_a?(Integer) ? threads : threads.to_i end @@ -246,6 +251,7 @@ class WpscanOptions def self.get_opt_long GetoptLong.new( ['--url', '-u', GetoptLong::REQUIRED_ARGUMENT], + ['--vhost',GetoptLong::OPTIONAL_ARGUMENT], ['--enumerate', '-e', GetoptLong::OPTIONAL_ARGUMENT], ['--username', '-U', GetoptLong::REQUIRED_ARGUMENT], ['--usernames', GetoptLong::REQUIRED_ARGUMENT],