diff --git a/README b/README index 17e0cf68..bd6a275c 100644 --- a/README +++ b/README @@ -79,14 +79,16 @@ WPScan comes pre-installed on BackTrack5 R1 in the /pentest/web/wpscan directory --force | -f Forces WPScan to not check if the remote site is running WordPress. --enumerate | -e [option(s)] Enumeration. - option : - u usernames from id 1 to 10 - u[10-20] usernames from id 10 to 20 (you must write [] chars) - p plugins - p! only vulnerable plugins - t timthumbs - Multiple values are allowed : '-e tp' will enumerate timthumbs and plugins - If no option is supplied, the default is 'tup!' + option : + u usernames from id 1 to 10 + u[10-20] usernames from id 10 to 20 (you must write [] chars) + p plugins + p! only vulnerable plugins + t timthumbs + Multiple values are allowed : '-e tp' will enumerate timthumbs and plugins + If no option is supplied, the default is 'tup!' + +--config-file | -c Use the specified config file --follow-redirection If the target url has a redirection, it will be followed without asking if you wanted to do so or not diff --git a/README.md b/README.md index 7efc8df5..4973cbc9 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,8 @@ WPScan only supports Ruby => 1.9. Multiple values are allowed : '-e tp' will enumerate timthumbs and plugins If no option is supplied, the default is 'tup!' + --config-file | -c Use the specified config file + --follow-redirection If the target url has a redirection, it will be followed without asking if you wanted to do so or not --wp-content-dir WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specified it. Subdirectories are allowed diff --git a/lib/wpscan/wpscan_helper.rb b/lib/wpscan/wpscan_helper.rb index c0b44bdb..b1b92481 100644 --- a/lib/wpscan/wpscan_helper.rb +++ b/lib/wpscan/wpscan_helper.rb @@ -57,6 +57,7 @@ def help() puts " Multiple values are allowed : '-e tp' will enumerate timthumbs and plugins" puts " If no option is supplied, the default is 'tup!'" puts + puts "--config-file | -c Use the specified config file" puts "--follow-redirection If the target url has a redirection, it will be followed without asking if you wanted to do so or not" puts "--wp-content-dir WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specified it. Subdirectories are allowed" puts "--wp-plugins-dir Same thing than --wp-content-dir but for the plugins directory. If not supplied, WPScan will use wp-content-dir/plugins. Subdirectories are allowed" diff --git a/lib/wpscan/wpscan_options.rb b/lib/wpscan/wpscan_options.rb index 28abf97b..7aa24c51 100644 --- a/lib/wpscan/wpscan_options.rb +++ b/lib/wpscan/wpscan_options.rb @@ -36,7 +36,8 @@ class WpscanOptions :follow_redirection, :wp_content_dir, :wp_plugins_dir, - :help + :help, + :config_file ] attr_accessor *ACCESSOR_OPTIONS @@ -176,7 +177,8 @@ class WpscanOptions ["--update", GetoptLong::NO_ARGUMENT], ["--follow-redirection", GetoptLong::NO_ARGUMENT], ["--wp-content-dir", GetoptLong::REQUIRED_ARGUMENT], - ["--wp-plugins-dir", GetoptLong::REQUIRED_ARGUMENT] + ["--wp-plugins-dir", GetoptLong::REQUIRED_ARGUMENT], + ["--config-file", "-c", GetoptLong::REQUIRED_ARGUMENT] ) end