From 804db84b9a079a8b75cbd22a78ed323399ff695a Mon Sep 17 00:00:00 2001 From: Peter van der Laan Date: Fri, 8 Nov 2013 15:43:48 +0100 Subject: [PATCH] Update CHANGELOG --- CHANGELOG | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index f2c01d16..42f52384 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -32,6 +32,7 @@ Added default wp-content dir detection, see Issue #141. Added checks for well formed xml * Changed +Trying a fix for Kali Linux Make a seperator between plugin name and vulnerability name It's WordPress, not Wordpress Changed wordpress.com scanning error to warning. See issue #343. @@ -41,8 +42,13 @@ Same URL syntax for all Packet Storm Security URL's Packet Storm Security URL's don't need the 'friendly part' of the URL. So it can be neglected. Use online documentation User prompt on same line +Don't skip passwords that start with a hash. This is fairly common (see RockYou list for example). +Updated Fedora install instructions as per Issue #92 +Slight update to security plugin warning. Issue #212. Ruby-progressbar Gemfile version bump +Fix error with the -U option (undefined method 'merge' for #WpTarget:) Banner artwork +Fix hacks.rb conflict Handle when there are 2 headers of the same name Releasing the Typhoeus version constraint Amended Arch Linux install instructions. See issue #183. @@ -64,7 +70,7 @@ Code cleaning Fix typo's clean up rspecs Themes & Plugins lists regenerated -Rspecs +Rspecs update Code Factoring Added checks for old ruby. Otherwise there will be syntax errors @@ -91,32 +97,25 @@ WP 3.5.2 Fingerprint Bug Fix : Wp 3.5 & 3.5.1 not detected from advanced fingerprinting. * Fixed issues -Trying a fix for Kali Linux Fix #249 - [ERROR] "\xF1" on US-ASCII Fix #275 - [ERROR] "\xC3" on US-ASCII Fix #271 - Further Instructions added to the Mac Install -Don't skip passwords that start with a hash. This is fairly common (see RockYou list for example). Fix #266 - passive detection regex Fix #265 - remove base64 images before passive detection Fix #262 - [ERROR] bad component(expected absolute path component) -Ref #260 - Fixes Travis Fail, due to rspec-mock v2.14.3 -Fix for xmlrpc false positive. Issue #260. +Fix #260 - Fixes Travis Fail, due to rspec-mock v2.14.3 Fix #208 - Fixed vulnerable plugins still appear in the results Fix #245 - all theme enumeration error Fix #241 - Cant convert array to string Fix #232 - Crash while enumerating usernames -Updated Fedora install instructions as per Issue #92 -Slight update to security plugin warning. Issue #212. Fix #223 - New wordpress urls for most popular plugins & themes Fix #177 - Passive Cache plugins detection (no spec) -Possible fix for #169 - False reports +Fix #169 - False reports Fix #182 - Remove the progress-bar static length (120), and let it to automatic Fix #181 - Don't exit if no usernames found during a simple enumeration (but exit if a brute force is asked) -Fix for issue #200 +Fix #200 - Log file not recording the list of username retireved Fix #164 - README.txt detection Fix #166 - ListGenerator using the old Browser#get method for full generation -Fix hacks.rb conflict -Fix error with the -U option (undefined method 'merge' for #WpTarget:) Fix #153 - Disable error trace when it's from the main script Fix #163 - in the proper way Fix #144 - Use cookie jar to prevent infinite redirections loop