Fix #438 - New choice added when a redirection is detected

2014-04-02 19:43:17 +02:00
parent 812c42c89a
commit 3725a23c49
1 changed files with 11 additions and 9 deletions
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -70,15 +70,17 @@ def main
        puts
      else
        puts "The remote host tried to redirect us to: #{redirection}"
-        print '[?] Do you want follow the redirection ? [y/n] '
+        print '[?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N] '
      end

-      if wpscan_options.follow_redirection or Readline.readline =~ /^y/i
+      if wpscan_options.follow_redirection or (input = Readline.readline) =~ /^y/i
        wpscan_options.url = redirection
        wp_target = WpTarget.new(redirection, wpscan_options.to_h)
      else
-        puts 'Scan aborted'
-        exit(0)
+        if input =~ /^a/i
+          puts 'Scan aborted'
+          exit(0)
+        end
      end
    end

@@ -100,7 +102,7 @@ def main
    unless wp_target.wp_plugins_dir_exists?
      puts "The plugins directory '#{wp_target.wp_plugins_dir}' does not exist."
      puts 'You can specify one per command line option (don\'t forget to include the wp-content directory if needed)'
-      print '[?] Continue? [y/n] '
+      print '[?] Continue? [Y]es [N]o, default: [N] '
      unless Readline.readline =~ /^y/i
        exit(0)
      end
@@ -328,7 +330,7 @@ def main

        puts
        puts "#{red('[!]')} The plugin #{protection_plugin.name} has been detected. It might record the IP and timestamp of every failed login and/or prevent brute forcing altogether. Not a good idea for brute forcing!"
-        print "[?] Do you want to start the brute force anyway ? [y/n] "
+        print '[?] Do you want to start the brute force anyway ? [Y]es [N]o, default: [N] '

        bruteforce = false if Readline.readline !~ /^y/i
      end