From 980aa7198a56e69a1143ea7c2b6486c702dcde59 Mon Sep 17 00:00:00 2001
From: erwanlr <erwan.lr@gmail.com>
Date: Mon, 7 Jan 2013 14:39:37 +0100
Subject: [PATCH] Added html & htm extension in the local scanning

---
 data/local_vulnerable_files.xml | 3 +++
 wpstools.rb                     | 8 +++++---
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/data/local_vulnerable_files.xml b/data/local_vulnerable_files.xml
index e9f3a65c..3371eab4 100644
--- a/data/local_vulnerable_files.xml
+++ b/data/local_vulnerable_files.xml
@@ -25,6 +25,9 @@ ryandewhurst at gmail
     <reference></reference>
   </hash>
 
+  PS :  Only he following extensions are scanned : js, php, swf, html, htm
+        If you want to add one, modify the variable file_extension_to_scan, line 191 in wpstools.rb
+
 -->
 
 <hashes>
diff --git a/wpstools.rb b/wpstools.rb
index de3e9a61..38af3dcd 100755
--- a/wpstools.rb
+++ b/wpstools.rb
@@ -186,12 +186,13 @@ begin
 
   if @check_local_vulnerable_files
     if Dir::exist?(@dir_to_scan)
-      local_hashes   = {}
-      xml_file = DATA_DIR + "/local_vulnerable_files.xml"
+      xml_file               = DATA_DIR + "/local_vulnerable_files.xml"
+      local_hashes           = {}
+      file_extension_to_scan = "*.{js,php,swf,html,htm}"
 
       print "[+] Generating local hashes ... "
 
-      Dir[File::join(@dir_to_scan, "**", "*.{js,php,swf}")].each do |filename|
+      Dir[File::join(@dir_to_scan, "**", file_extension_to_scan)].each do |filename|
         sha1sum = Digest::SHA1.file(filename).hexdigest
 
         if local_hashes.has_key?(sha1sum)
@@ -223,6 +224,7 @@ begin
           local_filenames.each do |file|
             puts "  |  - #{file}"
           end
+          puts "  |"
           puts "  | Title: #{vuln_title}"
           puts "  | Refrence: #{vuln_refrence}"
         end