garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adds the --usernames option - Fixes #739

Browse Source
This commit is contained in:
erwanlr
2014-12-10 17:58:51 +01:00
parent e3ac331a71
commit 607a5b3fda
3 changed files with 20 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/wpscan/wpscan_helper.rb
View File

@@ -99,6 +99,7 @@ def help
puts '--basic-auth <username:password> Set the HTTP Basic authentication.' puts '--basic-auth <username:password> Set the HTTP Basic authentication.'
puts '--wordlist | -w <wordlist> Supply a wordlist for the password bruter and do the brute.' puts '--wordlist | -w <wordlist> Supply a wordlist for the password bruter and do the brute.'
puts '--username | -U <username> Only brute force the supplied username.' puts '--username | -U <username> Only brute force the supplied username.'
puts '--usernames <path-to-file> Only brute force the usernames from the file.'
puts '--threads | -t <number of threads> The number of threads to use when multi-threading requests.' puts '--threads | -t <number of threads> The number of threads to use when multi-threading requests.'
puts '--cache-ttl <cache-ttl> Typhoeus cache TTL.' puts '--cache-ttl <cache-ttl> Typhoeus cache TTL.'
puts '--request-timeout <request-timeout> Request Timeout.' puts '--request-timeout <request-timeout> Request Timeout.'

8
lib/wpscan/wpscan_options.rb
View File

@@ -23,6 +23,7 @@ class WpscanOptions
:update, :update,
:verbose, :verbose,
:username, :username,
:usernames,
:password, :password,
:follow_redirection, :follow_redirection,
:wp_content_dir, :wp_content_dir,
@@ -68,6 +69,12 @@ class WpscanOptions
end end
end end
def usernames=(file)
fail "The file #{file} does not exist" unless File.exists?(file)
@usernames = file
end
def proxy=(proxy) def proxy=(proxy)
if proxy.index(':') == nil if proxy.index(':') == nil
raise 'Invalid proxy format. Should be host:port.' raise 'Invalid proxy format. Should be host:port.'
@@ -237,6 +244,7 @@ class WpscanOptions
['--url', '-u', GetoptLong::REQUIRED_ARGUMENT], ['--url', '-u', GetoptLong::REQUIRED_ARGUMENT],
['--enumerate', '-e', GetoptLong::OPTIONAL_ARGUMENT], ['--enumerate', '-e', GetoptLong::OPTIONAL_ARGUMENT],
['--username', '-U', GetoptLong::REQUIRED_ARGUMENT], ['--username', '-U', GetoptLong::REQUIRED_ARGUMENT],
['--usernames', GetoptLong::REQUIRED_ARGUMENT],
['--wordlist', '-w', GetoptLong::REQUIRED_ARGUMENT], ['--wordlist', '-w', GetoptLong::REQUIRED_ARGUMENT],
['--threads', '-t', GetoptLong::REQUIRED_ARGUMENT], ['--threads', '-t', GetoptLong::REQUIRED_ARGUMENT],
['--force', '-f', GetoptLong::NO_ARGUMENT], ['--force', '-f', GetoptLong::NO_ARGUMENT],

15
wpscan.rb
View File

@@ -303,8 +303,8 @@ def main
end end
end end
# If we haven't been supplied a username, enumerate them... # If we haven't been supplied a username/usernames list, enumerate them...
if !wpscan_options.username and wpscan_options.wordlist or wpscan_options.enumerate_usernames if !wpscan_options.username && !wpscan_options.usernames && wpscan_options.wordlist || wpscan_options.enumerate_usernames
puts puts
puts "#{info('[+]')} Enumerating usernames ..." puts "#{info('[+]')} Enumerating usernames ..."
@@ -337,8 +337,15 @@ def main
end end
else else
# FIXME : Change the .username to .login (and also the --username in the CLI) wp_users = WpUsers.new
wp_users = WpUsers.new << WpUser.new(wp_target.uri, login: wpscan_options.username)
if wpscan_options.usernames
File.open(wpscan_options.usernames).each do |username|
wp_users << WpUser.new(wp_target.uri, login: username.chomp)
end
else
wp_users << WpUser.new(wp_target.uri, login: wpscan_options.username)
end
end end
# Start the brute forcer # Start the brute forcer