garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added html & htm extension in the local scanning

Browse Source
This commit is contained in:
erwanlr
2013-01-07 14:39:37 +01:00
parent 8894e42adf
commit 980aa7198a
2 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
data/local_vulnerable_files.xml
View File

@@ -25,6 +25,9 @@ ryandewhurst at gmail
<reference></reference> <reference></reference>
</hash> </hash>
PS : Only he following extensions are scanned : js, php, swf, html, htm
If you want to add one, modify the variable file_extension_to_scan, line 191 in wpstools.rb
--> -->
<hashes> <hashes>

8
wpstools.rb
View File

@@ -186,12 +186,13 @@ begin
if @check_local_vulnerable_files if @check_local_vulnerable_files
if Dir::exist?(@dir_to_scan) if Dir::exist?(@dir_to_scan)
local_hashes = {} xml_file = DATA_DIR + "/local_vulnerable_files.xml"
xml_file = DATA_DIR + "/local_vulnerable_files.xml" local_hashes = {}
file_extension_to_scan = "*.{js,php,swf,html,htm}"
print "[+] Generating local hashes ... " print "[+] Generating local hashes ... "
Dir[File::join(@dir_to_scan, "**", "*.{js,php,swf}")].each do |filename| Dir[File::join(@dir_to_scan, "**", file_extension_to_scan)].each do |filename|
sha1sum = Digest::SHA1.file(filename).hexdigest sha1sum = Digest::SHA1.file(filename).hexdigest
if local_hashes.has_key?(sha1sum) if local_hashes.has_key?(sha1sum)
@@ -223,6 +224,7 @@ begin
local_filenames.each do |file| local_filenames.each do |file|
puts " | - #{file}" puts " | - #{file}"
end end
puts " |"
puts " | Title: #{vuln_title}" puts " | Title: #{vuln_title}"
puts " | Refrence: #{vuln_refrence}" puts " | Refrence: #{vuln_refrence}"
end end