garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adds the --usernames option - Fixes #739

Browse Source
This commit is contained in:
erwanlr
2014-12-10 17:58:51 +01:00
parent e3ac331a71
commit 607a5b3fda
3 changed files with 20 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
wpscan.rb
View File

@@ -303,8 +303,8 @@ def main
end
end
# If we haven't been supplied a username, enumerate them...
if !wpscan_options.username and wpscan_options.wordlist or wpscan_options.enumerate_usernames
# If we haven't been supplied a username/usernames list, enumerate them...
if !wpscan_options.username && !wpscan_options.usernames && wpscan_options.wordlist || wpscan_options.enumerate_usernames
puts
puts "#{info('[+]')} Enumerating usernames ..."
@@ -337,8 +337,15 @@ def main
end
else
# FIXME : Change the .username to .login (and also the --username in the CLI)
wp_users = WpUsers.new << WpUser.new(wp_target.uri, login: wpscan_options.username)
wp_users = WpUsers.new
if wpscan_options.usernames
File.open(wpscan_options.usernames).each do |username|
wp_users << WpUser.new(wp_target.uri, login: username.chomp)
end
else
wp_users << WpUser.new(wp_target.uri, login: wpscan_options.username)
end
end
# Start the brute forcer