Fix #454 --batch option added

2014-04-11 16:45:44 +02:00
parent 3749ef8433
commit 85421f9b4b
3 changed files with 19 additions and 14 deletions
--- a/lib/wpscan/wpscan_helper.rb
+++ b/lib/wpscan/wpscan_helper.rb
@@ -101,5 +101,6 @@ def help
  puts '--max-threads <max-threads>  Maximum Threads'
  puts '--help     | -h This help screen.'
  puts '--verbose  | -v Verbose output.'
+  puts '--batch Never ask for user input, use the default behaviour.'
  puts
 end
--- a/lib/wpscan/wpscan_options.rb
+++ b/lib/wpscan/wpscan_options.rb
@@ -3,6 +3,7 @@
 class WpscanOptions

  ACCESSOR_OPTIONS = [
+    :batch,
    :enumerate_plugins,
    :enumerate_only_vulnerable_plugins,
    :enumerate_all_plugins,
@@ -255,7 +256,8 @@ class WpscanOptions
      ['--cache-ttl', GetoptLong::REQUIRED_ARGUMENT],
      ['--request-timeout', GetoptLong::REQUIRED_ARGUMENT],
      ['--connect-timeout', GetoptLong::REQUIRED_ARGUMENT],
-      ['--max-threads', GetoptLong::REQUIRED_ARGUMENT]
+      ['--max-threads', GetoptLong::REQUIRED_ARGUMENT],
+      ['--batch', GetoptLong::NO_ARGUMENT]
    )
  end

--- a/wpscan.rb
+++ b/wpscan.rb
@@ -70,16 +70,18 @@ def main
        puts
      else
        puts "The remote host tried to redirect us to: #{redirection}"
-        print '[?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N] '
+        puts '[?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N]'
      end

-      if wpscan_options.follow_redirection or (input = Readline.readline) =~ /^y/i
-        wpscan_options.url = redirection
-        wp_target = WpTarget.new(redirection, wpscan_options.to_h)
-      else
-        if input =~ /^a/i
-          puts 'Scan aborted'
-          exit(0)
+      unless wpscan_options.batch
+        if wpscan_options.follow_redirection || (input = Readline.readline) =~ /^y/i
+          wpscan_options.url = redirection
+          wp_target = WpTarget.new(redirection, wpscan_options.to_h)
+        else
+          if input =~ /^a/i
+            puts 'Scan aborted'
+            exit(0)
+          end
        end
      end
    end
@@ -102,8 +104,8 @@ def main
    unless wp_target.wp_plugins_dir_exists?
      puts "The plugins directory '#{wp_target.wp_plugins_dir}' does not exist."
      puts 'You can specify one per command line option (don\'t forget to include the wp-content directory if needed)'
-      print '[?] Continue? [Y]es [N]o, default: [N] '
-      unless Readline.readline =~ /^y/i
+      puts '[?] Continue? [Y]es [N]o, default: [N]'
+      if wpscan_options.batch || Readline.readline !~ /^y/i
        exit(0)
      end
    end
@@ -330,11 +332,11 @@ def main

        puts
        puts "#{red('[!]')} The plugin #{protection_plugin.name} has been detected. It might record the IP and timestamp of every failed login and/or prevent brute forcing altogether. Not a good idea for brute forcing!"
-        print '[?] Do you want to start the brute force anyway ? [Y]es [N]o, default: [N] '
+        puts '[?] Do you want to start the brute force anyway ? [Y]es [N]o, default: [N]'

-        bruteforce = false if Readline.readline !~ /^y/i
+        bruteforce = false if wpscan_options.batch || Readline.readline !~ /^y/i
      end
-      puts
+
      if bruteforce
        puts "#{green('[+]')} Starting the password brute forcer"