garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improves Password Attack against wp-login.php to avoid FP

Browse Source
This commit is contained in:
erwanlr
2019-03-14 19:21:39 +00:00
parent e7925de5bc
commit 4f9822743c
3 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
spec/shared_examples/target/platform/wordpress.rb
View File

@@ -98,9 +98,17 @@ shared_examples WPScan::Target::Platform::WordPress do
end
context 'to an in scope URL' do
let(:effective_url) { target.url('wp-login.php').gsub('http', 'https') }
context 'when https version of the wp-login' do
let(:effective_url) { target.url('wp-login.php').gsub('http', 'https') }
its(:login_url) { should eql effective_url }
its(:login_url) { should eql effective_url }
end
context 'when something else' do
let(:effective_url) { target.url('something').gsub('http', 'https') }
its(:login_url) { should eql target.url('wp-login.php') }
end
end
context 'to an out of scope URL' do