From 54ed148c8708b3cb3e8b0d34170f539ff48252cf Mon Sep 17 00:00:00 2001 From: ethicalhack3r Date: Fri, 14 Oct 2016 14:48:48 +0200 Subject: [PATCH 1/3] Add passive detection of google-universal-analytics --- lib/common/collections/wp_plugins/detectable.rb | 4 ++++ spec/lib/common/collections/wp_plugins/detectable_spec.rb | 7 +++++++ 2 files changed, 11 insertions(+) diff --git a/lib/common/collections/wp_plugins/detectable.rb b/lib/common/collections/wp_plugins/detectable.rb index df9cb5cd..3f271610 100644 --- a/lib/common/collections/wp_plugins/detectable.rb +++ b/lib/common/collections/wp_plugins/detectable.rb @@ -66,6 +66,10 @@ class WpPlugins < WpItems wp_plugins.add('wordpress-seo', version: $1) end + if body =~ /' + expected.add('google-universal-analytics', version: '2.4.2') + end + end end end From 4e2bf5322e320fd11afbb182f678436fe1d8e59e Mon Sep 17 00:00:00 2001 From: ethicalhack3r Date: Fri, 14 Oct 2016 14:51:40 +0200 Subject: [PATCH 2/3] Markdown formating --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1a530782..2fa4589d 100644 --- a/README.md +++ b/README.md @@ -81,7 +81,7 @@ To the extent permitted under Law, WPScan is provided under an AS-IS basis. The Running WPScan against websites without prior mutual consent may be illegal in your country. The WPScan Team accept no liability and are not responsible for any misuse or damage caused by WPScan. -11. Trademark +### 11. Trademark The "wpscan" term is a registered trademark. This License does not grant the use of the "wpscan" trademark or the use of the WPScan logo. From 785c6efa5b96f399cba8b497aba5db2041d4fadf Mon Sep 17 00:00:00 2001 From: ethicalhack3r Date: Fri, 14 Oct 2016 14:52:54 +0200 Subject: [PATCH 3/3] Fix typo --- README.md | 2 +- lib/wpscan/wpscan_helper.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 2fa4589d..80cc5cea 100644 --- a/README.md +++ b/README.md @@ -236,7 +236,7 @@ Published on https://hub.docker.com/r/wpscanteam/wpscan/ --follow-redirection If the target url has a redirection, it will be followed without asking if you wanted to do so or not --batch Never ask for user input, use the default behaviour. --no-color Do not use colors in the output. - --wp-content-dir WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specified it. + --wp-content-dir WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specify it. Subdirectories are allowed. --wp-plugins-dir Same thing than --wp-content-dir but for the plugins directory. If not supplied, WPScan will use wp-content-dir/plugins. Subdirectories are allowed diff --git a/lib/wpscan/wpscan_helper.rb b/lib/wpscan/wpscan_helper.rb index 8b82a0c7..2005dd45 100644 --- a/lib/wpscan/wpscan_helper.rb +++ b/lib/wpscan/wpscan_helper.rb @@ -89,7 +89,7 @@ def help puts '--follow-redirection If the target url has a redirection, it will be followed without asking if you wanted to do so or not' puts '--batch Never ask for user input, use the default behaviour.' puts '--no-color Do not use colors in the output.' - puts '--wp-content-dir WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specified it.' + puts '--wp-content-dir WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specify it.' puts ' Subdirectories are allowed.' puts '--wp-plugins-dir Same thing than --wp-content-dir but for the plugins directory.' puts ' If not supplied, WPScan will use wp-content-dir/plugins. Subdirectories are allowed'