garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update CHANGELOG

Browse Source
This commit is contained in:
Peter van der Laan
2013-11-08 15:43:48 +01:00
parent 48ad1a9af2
commit 804db84b9a
1 changed files with 10 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
CHANGELOG
View File

@@ -32,6 +32,7 @@ Added default wp-content dir detection, see Issue #141.
Added checks for well formed xml
* Changed
Trying a fix for Kali Linux
Make a seperator between plugin name and vulnerability name
It's WordPress, not Wordpress
Changed wordpress.com scanning error to warning. See issue #343.
@@ -41,8 +42,13 @@ Same URL syntax for all Packet Storm Security URL's
Packet Storm Security URL's don't need the 'friendly part' of the URL. So it can be neglected.
Use online documentation
User prompt on same line
Don't skip passwords that start with a hash. This is fairly common (see RockYou list for example).
Updated Fedora install instructions as per Issue #92
Slight update to security plugin warning. Issue #212.
Ruby-progressbar Gemfile version bump
Fix error with the -U option (undefined method 'merge' for #WpTarget:)
Banner artwork
Fix hacks.rb conflict
Handle when there are 2 headers of the same name
Releasing the Typhoeus version constraint
Amended Arch Linux install instructions. See issue #183.
@@ -64,7 +70,7 @@ Code cleaning
Fix typo's
clean up rspecs
Themes & Plugins lists regenerated
Rspecs
Rspecs update
Code Factoring
Added checks for old ruby. Otherwise there will be syntax errors
@@ -91,32 +97,25 @@ WP 3.5.2 Fingerprint
Bug Fix : Wp 3.5 & 3.5.1 not detected from advanced fingerprinting.
* Fixed issues
Trying a fix for Kali Linux
Fix #249 - [ERROR] "\xF1" on US-ASCII
Fix #275 - [ERROR] "\xC3" on US-ASCII
Fix #271 - Further Instructions added to the Mac Install
Don't skip passwords that start with a hash. This is fairly common (see RockYou list for example).
Fix #266 - passive detection regex
Fix #265 - remove base64 images before passive detection
Fix #262 - [ERROR] bad component(expected absolute path component)
Ref #260 - Fixes Travis Fail, due to rspec-mock v2.14.3
Fix for xmlrpc false positive. Issue #260.
Fix #260 - Fixes Travis Fail, due to rspec-mock v2.14.3
Fix #208 - Fixed vulnerable plugins still appear in the results
Fix #245 - all theme enumeration error
Fix #241 - Cant convert array to string
Fix #232 - Crash while enumerating usernames
Updated Fedora install instructions as per Issue #92
Slight update to security plugin warning. Issue #212.
Fix #223 - New wordpress urls for most popular plugins & themes
Fix #177 - Passive Cache plugins detection (no spec)
Possible fix for #169 - False reports
Fix #169 - False reports
Fix #182 - Remove the progress-bar static length (120), and let it to automatic
Fix #181 - Don't exit if no usernames found during a simple enumeration (but exit if a brute force is asked)
Fix for issue #200
Fix #200 - Log file not recording the list of username retireved
Fix #164 - README.txt detection
Fix #166 - ListGenerator using the old Browser#get method for full generation
Fix hacks.rb conflict
Fix error with the -U option (undefined method 'merge' for #WpTarget:)
Fix #153 - Disable error trace when it's from the main script
Fix #163 - in the proper way
Fix #144 - Use cookie jar to prevent infinite redirections loop