garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improves Password Attack against wp-login.php to avoid FP

Browse Source
This commit is contained in:
erwanlr
2019-03-14 19:21:39 +00:00
parent e7925de5bc
commit 4f9822743c
3 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/wpscan/target/platform/wordpress.rb
View File

@@ -84,7 +84,7 @@ module WPScan
res = Browser.get_and_follow_location(@login_url)
@login_url = res.effective_url if in_scope?(res.effective_url)
@login_url = res.effective_url if res.effective_url =~ /wp\-login\.php\z/i && in_scope?(res.effective_url)
@login_url
end