From 49d0a9e6d94a17b3545b9af139b9d3e4911ffef4 Mon Sep 17 00:00:00 2001
From: Christian Mehlmauer <firefart@gmail.com>
Date: Thu, 5 May 2016 00:01:52 +0200
Subject: [PATCH] check directory listing in wp-includes

---
 lib/wpscan/wp_target.rb | 9 +++++++++
 wpscan.rb               | 4 ++++
 2 files changed, 13 insertions(+)

diff --git a/lib/wpscan/wp_target.rb b/lib/wpscan/wp_target.rb
index bd4d9e8c..a799ebfe 100644
--- a/lib/wpscan/wp_target.rb
+++ b/lib/wpscan/wp_target.rb
@@ -135,6 +135,11 @@ class WpTarget < WebSite
     @uri.merge("#{wp_content_dir}/uploads/").to_s
   end
 
+  # @return [ String ]
+  def includes_dir_url
+    @uri.merge("wp-includes/").to_s
+  end
+
   # Script for replacing strings in wordpress databases
   # reveals database credentials after hitting submit
   # http://interconnectit.com/124/search-and-replace-for-wordpress-databases/
@@ -153,4 +158,8 @@ class WpTarget < WebSite
   def upload_directory_listing_enabled?
     directory_listing_enabled?(upload_dir_url)
   end
+
+  def include_directory_listing_enabled?
+    directory_listing_enabled?(includes_dir_url)
+  end
 end
diff --git a/wpscan.rb b/wpscan.rb
index 7fb2b3f6..45466c93 100755
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -221,6 +221,10 @@ def main
       puts warning("Upload directory has directory listing enabled: #{wp_target.upload_dir_url}")
     end
 
+    if wp_target.include_directory_listing_enabled?
+      puts warning("Includes directory has directory listing enabled: #{wp_target.includes_dir_url}")
+    end
+
     enum_options = {
       show_progression: true,
       exclude_content: wpscan_options.exclude_content_based