garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

custom plugins directory

Browse Source
This commit is contained in:
Christian Mehlmauer
2012-09-22 23:50:14 +02:00
parent ef72568688
commit 9b6a2805d7
86 changed files with 892 additions and 461 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
doc/Array.html
View File

@@ -85,6 +85,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

35
doc/Browser.html
View File

@@ -101,6 +101,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -226,6 +228,11 @@
<dd class="description"></dd>
<dt><a name="USER_AGENT_MODES">USER_AGENT_MODES</a></dt>
<dd class="description"></dd>
</dl>
</div>
@@ -294,7 +301,7 @@
<div class="method-source-code" id="instance-source">
<pre>
<span class="ruby-comment"># File lib/browser.rb, line 57</span>
<span class="ruby-comment"># File lib/browser.rb, line 58</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">instance</span>(<span class="ruby-identifier">options</span> = {})
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">@@instance</span>
<span class="ruby-identifier">@@instance</span> = <span class="ruby-identifier">new</span>(<span class="ruby-identifier">options</span>)
@@ -330,7 +337,7 @@
<div class="method-source-code" id="reset-source">
<pre>
<span class="ruby-comment"># File lib/browser.rb, line 64</span>
<span class="ruby-comment"># File lib/browser.rb, line 65</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">reset</span>
<span class="ruby-identifier">@@instance</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-keyword">end</span></pre>
@@ -369,7 +376,7 @@
<div class="method-source-code" id="forge_request-source">
<pre>
<span class="ruby-comment"># File lib/browser.rb, line 140</span>
<span class="ruby-comment"># File lib/browser.rb, line 142</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">forge_request</span>(<span class="ruby-identifier">url</span>, <span class="ruby-identifier">params</span> = {})
<span class="ruby-constant">Typhoeus</span><span class="ruby-operator">::</span><span class="ruby-constant">Request</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-identifier">url</span>.<span class="ruby-identifier">to_s</span>,
@@ -405,7 +412,7 @@
<div class="method-source-code" id="get-source">
<pre>
<span class="ruby-comment"># File lib/browser.rb, line 128</span>
<span class="ruby-comment"># File lib/browser.rb, line 130</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get</span>(<span class="ruby-identifier">url</span>, <span class="ruby-identifier">params</span> = {})
<span class="ruby-identifier">run_request</span>(
<span class="ruby-identifier">forge_request</span>(<span class="ruby-identifier">url</span>, <span class="ruby-identifier">params</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-value">:method</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">:get</span>))
@@ -443,7 +450,7 @@ browser object, hydra will not have the new @max_threads and
<div class="method-source-code" id="load_config-source">
<pre>
<span class="ruby-comment"># File lib/browser.rb, line 101</span>
<span class="ruby-comment"># File lib/browser.rb, line 102</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">load_config</span>(<span class="ruby-identifier">config_file</span> = <span class="ruby-keyword">nil</span>)
<span class="ruby-ivar">@config_file</span> = <span class="ruby-identifier">config_file</span> <span class="ruby-operator">||</span> <span class="ruby-ivar">@config_file</span>
@@ -484,7 +491,7 @@ browser object, hydra will not have the new @max_threads and
<div class="method-source-code" id="max_threads-3D-source">
<pre>
<span class="ruby-comment"># File lib/browser.rb, line 93</span>
<span class="ruby-comment"># File lib/browser.rb, line 94</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">max_threads=</span>(<span class="ruby-identifier">max_threads</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">max_threads</span>.<span class="ruby-identifier">nil?</span> <span class="ruby-keyword">or</span> <span class="ruby-identifier">max_threads</span> <span class="ruby-operator">&lt;=</span> <span class="ruby-value">0</span>
<span class="ruby-identifier">max_threads</span> = <span class="ruby-value">1</span>
@@ -520,17 +527,17 @@ browser object, hydra will not have the new @max_threads and
<div class="method-source-code" id="merge_request_params-source">
<pre>
<span class="ruby-comment"># File lib/browser.rb, line 147</span>
<span class="ruby-comment"># File lib/browser.rb, line 149</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">merge_request_params</span>(<span class="ruby-identifier">params</span> = {})
<span class="ruby-keyword">if</span> <span class="ruby-ivar">@proxy</span>
<span class="ruby-identifier">params</span> = <span class="ruby-identifier">params</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-value">:proxy</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@proxy</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">params</span>.<span class="ruby-identifier">has_key?</span>(<span class="ruby-value">:disable_ssl_host_verification</span>)
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">params</span>.<span class="ruby-identifier">has_key?</span>(<span class="ruby-value">:disable_ssl_host_verification</span>)
<span class="ruby-identifier">params</span> = <span class="ruby-identifier">params</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-value">:disable_ssl_host_verification</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">params</span>.<span class="ruby-identifier">has_key?</span>(<span class="ruby-value">:disable_ssl_peer_verification</span>)
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">params</span>.<span class="ruby-identifier">has_key?</span>(<span class="ruby-value">:disable_ssl_peer_verification</span>)
<span class="ruby-identifier">params</span> = <span class="ruby-identifier">params</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-value">:disable_ssl_peer_verification</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>)
<span class="ruby-keyword">end</span>
@@ -541,7 +548,7 @@ browser object, hydra will not have the new @max_threads and
<span class="ruby-keyword">end</span>
<span class="ruby-comment"># Used to enable the cache system if :cache_timeout &gt; 0</span>
<span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">params</span>.<span class="ruby-identifier">has_key?</span>(<span class="ruby-value">:cache_timeout</span>)
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">params</span>.<span class="ruby-identifier">has_key?</span>(<span class="ruby-value">:cache_timeout</span>)
<span class="ruby-identifier">params</span> = <span class="ruby-identifier">params</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-value">:cache_timeout</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@cache_timeout</span>)
<span class="ruby-keyword">end</span>
@@ -576,7 +583,7 @@ browser object, hydra will not have the new @max_threads and
<div class="method-source-code" id="post-source">
<pre>
<span class="ruby-comment"># File lib/browser.rb, line 134</span>
<span class="ruby-comment"># File lib/browser.rb, line 136</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">post</span>(<span class="ruby-identifier">url</span>, <span class="ruby-identifier">params</span> = {})
<span class="ruby-identifier">run_request</span>(
<span class="ruby-identifier">forge_request</span>(<span class="ruby-identifier">url</span>, <span class="ruby-identifier">params</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-value">:method</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">:post</span>))
@@ -611,7 +618,7 @@ browser object, hydra will not have the new @max_threads and
<div class="method-source-code" id="user_agent-source">
<pre>
<span class="ruby-comment"># File lib/browser.rb, line 81</span>
<span class="ruby-comment"># File lib/browser.rb, line 82</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">user_agent</span>
<span class="ruby-keyword">case</span> <span class="ruby-ivar">@user_agent_mode</span>
<span class="ruby-keyword">when</span> <span class="ruby-string">&quot;semi-static&quot;</span>
@@ -652,11 +659,11 @@ browser object, hydra will not have the new @max_threads and
<div class="method-source-code" id="user_agent_mode-3D-source">
<pre>
<span class="ruby-comment"># File lib/browser.rb, line 68</span>
<span class="ruby-comment"># File lib/browser.rb, line 69</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">user_agent_mode=</span>(<span class="ruby-identifier">ua_mode</span>)
<span class="ruby-identifier">ua_mode</span> <span class="ruby-operator">||=</span> <span class="ruby-string">&quot;static&quot;</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">@@user_agent_modes</span>.<span class="ruby-identifier">include?</span>(<span class="ruby-identifier">ua_mode</span>)
<span class="ruby-keyword">if</span> <span class="ruby-constant">USER_AGENT_MODES</span>.<span class="ruby-identifier">include?</span>(<span class="ruby-identifier">ua_mode</span>)
<span class="ruby-ivar">@user_agent_mode</span> = <span class="ruby-identifier">ua_mode</span>
<span class="ruby-comment"># For semi-static user agent mode, the user agent has to be nil the first time (it will be set with the getter)</span>
<span class="ruby-ivar">@user_agent</span> = <span class="ruby-keyword">nil</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">ua_mode</span> <span class="ruby-operator">===</span> <span class="ruby-string">&quot;semi-static&quot;</span>

16
doc/BruteForce.html
View File

@@ -77,6 +77,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -304,21 +306,21 @@ on large wordlists, although bareable.</p>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/login_error/</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;\nIncorrect username and/or password.&quot;</span> <span class="ruby-keyword">if</span> <span class="ruby-ivar">@verbose</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">302</span>
<span class="ruby-identifier">puts</span> <span class="ruby-node">&quot;\n [SUCCESS] Username : #{username} Password : #{password}\n&quot;</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;\n &quot;</span> <span class="ruby-operator">+</span> <span class="ruby-identifier">green</span>(<span class="ruby-string">&quot;[SUCCESS]&quot;</span>) <span class="ruby-operator">+</span> <span class="ruby-node">&quot; Username : #{username} Password : #{password}\n&quot;</span>
<span class="ruby-identifier">found</span> <span class="ruby-operator">&lt;&lt;</span> { <span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">username</span>, <span class="ruby-value">:password</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">password</span> }
<span class="ruby-identifier">password_found</span> = <span class="ruby-keyword">true</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">timed_out?</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;ERROR: Request timed out.&quot;</span>
<span class="ruby-identifier">puts</span> <span class="ruby-identifier">red</span>(<span class="ruby-string">&quot;ERROR:&quot;</span>) <span class="ruby-operator">+</span> <span class="ruby-string">&quot; Request timed out.&quot;</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">0</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;ERROR: No response from remote server. WAF/IPS?&quot;</span>
<span class="ruby-identifier">puts</span> <span class="ruby-identifier">red</span>(<span class="ruby-string">&quot;ERROR:&quot;</span>) <span class="ruby-operator">+</span> <span class="ruby-string">&quot; No response from remote server. WAF/IPS?&quot;</span>
<span class="ruby-comment"># code is a fixnum, needs a string for regex</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span>.<span class="ruby-identifier">to_s</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/^50/</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;ERROR: Server error, try reducing the number of threads.&quot;</span>
<span class="ruby-identifier">puts</span> <span class="ruby-identifier">red</span>(<span class="ruby-string">&quot;ERROR:&quot;</span>) <span class="ruby-operator">+</span> <span class="ruby-string">&quot; Server error, try reducing the number of threads.&quot;</span>
<span class="ruby-keyword">else</span>
<span class="ruby-identifier">puts</span> <span class="ruby-node">&quot;\nERROR: We recieved an unknown response for #{password}...&quot;</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;\n&quot;</span> <span class="ruby-operator">+</span> <span class="ruby-identifier">red</span>(<span class="ruby-string">&quot;ERROR:&quot;</span>) <span class="ruby-operator">+</span> <span class="ruby-node">&quot; We recieved an unknown response for #{password}...&quot;</span>
<span class="ruby-keyword">if</span> <span class="ruby-ivar">@verbose</span>
<span class="ruby-identifier">puts</span> <span class="ruby-node">&quot;Code: #{response.code.to_s}&quot;</span>
<span class="ruby-identifier">puts</span> <span class="ruby-node">&quot;Body: #{response.body}&quot;</span>
<span class="ruby-identifier">puts</span> <span class="ruby-identifier">red</span>(<span class="ruby-node">&quot;Code: #{response.code.to_s}&quot;</span>)
<span class="ruby-identifier">puts</span> <span class="ruby-identifier">red</span>(<span class="ruby-node">&quot;Body: #{response.body}&quot;</span>)
<span class="ruby-identifier">puts</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>

2
doc/CREDITS.html
View File

@@ -41,6 +41,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

6
doc/CacheFileStore.html
View File

@@ -91,6 +91,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -279,7 +281,7 @@ binary format Marshal does not need any “require”</p>
<span class="ruby-ivar">@serializer</span> = <span class="ruby-identifier">serializer</span>
<span class="ruby-comment"># File.directory? for ruby &lt;= 1.9 otherwise, it makes more sense to do Dir.exist? :/</span>
<span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-constant">File</span>.<span class="ruby-identifier">directory?</span>(<span class="ruby-ivar">@storage_path</span>)
<span class="ruby-keyword">unless</span> <span class="ruby-constant">File</span>.<span class="ruby-identifier">directory?</span>(<span class="ruby-ivar">@storage_path</span>)
<span class="ruby-constant">Dir</span>.<span class="ruby-identifier">mkdir</span>(<span class="ruby-ivar">@storage_path</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span></pre>
@@ -425,7 +427,7 @@ binary format Marshal does not need any “require”</p>
<pre>
<span class="ruby-comment"># File lib/cache_file_store.rb, line 58</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">write_entry</span>(<span class="ruby-identifier">key</span>, <span class="ruby-identifier">data_to_store</span>, <span class="ruby-identifier">cache_timeout</span>)
<span class="ruby-keyword">if</span> (<span class="ruby-identifier">cache_timeout</span> <span class="ruby-operator">&gt;</span> <span class="ruby-value">0</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">cache_timeout</span> <span class="ruby-operator">&gt;</span> <span class="ruby-value">0</span>
<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-identifier">get_entry_file_path</span>(<span class="ruby-identifier">key</span>), <span class="ruby-string">'w'</span>) <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">f</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">f</span>.<span class="ruby-identifier">write</span>(<span class="ruby-ivar">@serializer</span>.<span class="ruby-identifier">dump</span>(<span class="ruby-identifier">data_to_store</span>))
<span class="ruby-keyword">end</span>

4
doc/Exploit.html
View File

@@ -109,6 +109,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -441,7 +443,7 @@
<span class="ruby-identifier">session_spawn_timer</span> = <span class="ruby-constant">Time</span>.<span class="ruby-identifier">new</span>
<span class="ruby-keyword">while</span> <span class="ruby-identifier">sessions</span>.<span class="ruby-identifier">nil?</span> <span class="ruby-keyword">or</span> <span class="ruby-identifier">sessions</span>.<span class="ruby-identifier">empty?</span>
<span class="ruby-comment"># wait for a session to spawn with a timeout of 1 minute</span>
<span class="ruby-keyword">if</span> (<span class="ruby-constant">Time</span>.<span class="ruby-identifier">now</span> <span class="ruby-operator">-</span> <span class="ruby-identifier">session_spawn_timer</span> <span class="ruby-operator">&gt;</span> <span class="ruby-value">60</span>)
<span class="ruby-keyword">if</span> <span class="ruby-constant">Time</span>.<span class="ruby-identifier">now</span> <span class="ruby-operator">-</span> <span class="ruby-identifier">session_spawn_timer</span> <span class="ruby-operator">&gt;</span> <span class="ruby-value">60</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot;[ERROR] Session was not created... exiting.&quot;</span>
<span class="ruby-keyword">return</span> <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span>

7
doc/Generate_List.html
View File

@@ -91,6 +91,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -420,8 +422,7 @@ parse the response for the names.</p>
<span class="ruby-ivar">@hydra</span>.<span class="ruby-identifier">run</span>
<span class="ruby-identifier">found_items</span>.<span class="ruby-identifier">sort!</span>
<span class="ruby-identifier">found_items</span>.<span class="ruby-identifier">uniq!</span>
<span class="ruby-keyword">return</span> <span class="ruby-identifier">found_items</span>
<span class="ruby-identifier">found_items</span>.<span class="ruby-identifier">uniq</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- get_popular_items-source -->
@@ -452,7 +453,7 @@ parse the response for the names.</p>
<div class="method-source-code" id="save-source">
<pre>
<span class="ruby-comment"># File lib/wpstools/generate_list.rb, line 100</span>
<span class="ruby-comment"># File lib/wpstools/generate_list.rb, line 99</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">save</span>(<span class="ruby-identifier">items</span>)
<span class="ruby-identifier">items</span>.<span class="ruby-identifier">sort!</span>
<span class="ruby-identifier">items</span>.<span class="ruby-identifier">uniq!</span>

2
doc/GitUpdater.html
View File

@@ -89,6 +89,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

2
doc/Malwares.html
View File

@@ -81,6 +81,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

111
doc/Object.html
View File

@@ -77,10 +77,16 @@
<li><a href="#method-i-banner">#banner</a></li>
<li><a href="#method-i-colorize">#colorize</a></li>
<li><a href="#method-i-get_equal_string_end">#get_equal_string_end</a></li>
<li><a href="#method-i-green">#green</a></li>
<li><a href="#method-i-help">#help</a></li>
<li><a href="#method-i-red">#red</a></li>
<li><a href="#method-i-require_files_from_directory">#require_files_from_directory</a></li>
<li><a href="#method-i-usage">#usage</a></li>
@@ -101,6 +107,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -372,7 +380,7 @@
<div class="method-source-code" id="banner-source">
<pre>
<span class="ruby-comment"># File lib/common_helper.rb, line 105</span>
<span class="ruby-comment"># File lib/common_helper.rb, line 106</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">banner</span>()
<span class="ruby-identifier">puts</span> <span class="ruby-string">'____________________________________________________'</span>
<span class="ruby-identifier">puts</span> <span class="ruby-string">&quot; __ _______ _____ &quot;</span>
@@ -401,6 +409,39 @@
</div><!-- banner-method -->
<div id="colorize-method" class="method-detail ">
<a name="method-i-colorize"></a>
<div class="method-heading">
<span class="method-name">colorize</span><span
class="method-args">(text, color_code)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="colorize-source">
<pre>
<span class="ruby-comment"># File lib/common_helper.rb, line 125</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">colorize</span>(<span class="ruby-identifier">text</span>, <span class="ruby-identifier">color_code</span>)
<span class="ruby-node">&quot;\e[#{color_code}m#{text}\e[0m&quot;</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- colorize-source -->
</div>
</div><!-- colorize-method -->
<div id="get_equal_string_end-method" class="method-detail ">
<a name="method-i-get_equal_string_end"></a>
@@ -435,7 +476,7 @@
<span class="ruby-keyword">break</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">looping</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">false</span> <span class="ruby-keyword">or</span> (<span class="ruby-identifier">counter</span> * <span class="ruby-value">-1</span> ) <span class="ruby-operator">&gt;</span> <span class="ruby-identifier">base</span>.<span class="ruby-identifier">length</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">looping</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">false</span> <span class="ruby-keyword">or</span> (<span class="ruby-identifier">counter</span> * <span class="ruby-value">-1</span>) <span class="ruby-operator">&gt;</span> <span class="ruby-identifier">base</span>.<span class="ruby-identifier">length</span>
<span class="ruby-keyword">break</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">already_found</span> = <span class="ruby-node">&quot;#{character if character}#{already_found}&quot;</span>
@@ -454,6 +495,39 @@
</div><!-- get_equal_string_end-method -->
<div id="green-method" class="method-detail ">
<a name="method-i-green"></a>
<div class="method-heading">
<span class="method-name">green</span><span
class="method-args">(text)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="green-source">
<pre>
<span class="ruby-comment"># File lib/common_helper.rb, line 133</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">green</span>(<span class="ruby-identifier">text</span>)
<span class="ruby-identifier">colorize</span>(<span class="ruby-identifier">text</span>, <span class="ruby-value">32</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- green-source -->
</div>
</div><!-- green-method -->
<div id="help-method" class="method-detail ">
<a name="method-i-help"></a>
@@ -518,6 +592,39 @@
</div><!-- help-method -->
<div id="red-method" class="method-detail ">
<a name="method-i-red"></a>
<div class="method-heading">
<span class="method-name">red</span><span
class="method-args">(text)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="red-source">
<pre>
<span class="ruby-comment"># File lib/common_helper.rb, line 129</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">red</span>(<span class="ruby-identifier">text</span>)
<span class="ruby-identifier">colorize</span>(<span class="ruby-identifier">text</span>, <span class="ruby-value">31</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- red-source -->
</div>
</div><!-- red-method -->
<div id="require_files_from_directory-method" class="method-detail ">
<a name="method-i-require_files_from_directory"></a>

2
doc/README.html
View File

@@ -41,6 +41,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

55
doc/RpcClient.html
View File

@@ -109,6 +109,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -344,11 +346,10 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<div class="method-source-code" id="exploit-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 96</span>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 93</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">exploit</span>(<span class="ruby-identifier">name</span>, <span class="ruby-identifier">opts</span>)
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'module.execute'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-string">'exploit'</span>, <span class="ruby-identifier">name</span>, <span class="ruby-identifier">opts</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'module.execute'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-string">'exploit'</span>, <span class="ruby-identifier">name</span>, <span class="ruby-identifier">opts</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- exploit-source -->
@@ -382,8 +383,7 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 72</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_exploit_info</span>(<span class="ruby-identifier">name</span>)
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'module.info'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-string">'exploit'</span>, <span class="ruby-identifier">name</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'module.info'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-string">'exploit'</span>, <span class="ruby-identifier">name</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- get_exploit_info-source -->
@@ -414,11 +414,10 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<div class="method-source-code" id="get_options-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 80</span>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 79</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_options</span>(<span class="ruby-identifier">name</span>)
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'module.options'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-string">'exploit'</span>,<span class="ruby-identifier">name</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'module.options'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-string">'exploit'</span>,<span class="ruby-identifier">name</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- get_options-source -->
@@ -449,11 +448,10 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<div class="method-source-code" id="get_payloads-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 88</span>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 86</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_payloads</span>(<span class="ruby-identifier">name</span>)
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'module.compatible_payloads'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">name</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'module.compatible_payloads'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">name</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- get_payloads-source -->
@@ -484,11 +482,10 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<div class="method-source-code" id="jobs-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 104</span>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 100</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">jobs</span>()
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'job.list'</span>, <span class="ruby-ivar">@auth_token</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'job.list'</span>, <span class="ruby-ivar">@auth_token</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- jobs-source -->
@@ -519,11 +516,10 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<div class="method-source-code" id="kill_session-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 120</span>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 114</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">kill_session</span>(<span class="ruby-identifier">id</span>)
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.stop'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">id</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.stop'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">id</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- kill_session-source -->
@@ -597,11 +593,10 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<div class="method-source-code" id="meterpreter_read-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 142</span>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 133</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">meterpreter_read</span>(<span class="ruby-identifier">id</span>)
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.meterpreter_read'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">id</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.meterpreter_read'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">id</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- meterpreter_read-source -->
@@ -632,11 +627,10 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<div class="method-source-code" id="meterpreter_write-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 148</span>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 138</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">meterpreter_write</span>(<span class="ruby-identifier">id</span>, <span class="ruby-identifier">data</span>)
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.meterpreter_write'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">id</span>, <span class="ruby-identifier">data</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.meterpreter_write'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">id</span>, <span class="ruby-identifier">data</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- meterpreter_write-source -->
@@ -667,11 +661,10 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<div class="method-source-code" id="read_shell-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 128</span>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 121</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">read_shell</span>(<span class="ruby-identifier">id</span>)
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.shell_read'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">id</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.shell_read'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">id</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- read_shell-source -->
@@ -702,11 +695,10 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<div class="method-source-code" id="sessions-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 112</span>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 107</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">sessions</span>()
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.list'</span>, <span class="ruby-ivar">@auth_token</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.list'</span>, <span class="ruby-ivar">@auth_token</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- sessions-source -->
@@ -737,11 +729,10 @@ wpscan -P wpscan -f -t Web -u /RPC2 name = exploit/unix/webapp/php_include</p>
<div class="method-source-code" id="write_shell-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 136</span>
<span class="ruby-comment"># File lib/wpscan/msfrpc_client.rb, line 128</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">write_shell</span>(<span class="ruby-identifier">id</span>, <span class="ruby-identifier">data</span>)
<span class="ruby-identifier">authenticate</span>()
<span class="ruby-identifier">result</span> = <span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.shell_write'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">id</span>, <span class="ruby-identifier">data</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">result</span>
<span class="ruby-ivar">@server</span>.<span class="ruby-identifier">call</span>(<span class="ruby-string">'session.shell_write'</span>, <span class="ruby-ivar">@auth_token</span>, <span class="ruby-identifier">id</span>, <span class="ruby-identifier">data</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- write_shell-source -->

28
doc/SvnUpdater.html
View File

@@ -87,6 +87,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -202,6 +204,24 @@
<!-- Constants -->
<div id="constants-list" class="section">
<h3 class="section-header">Constants</h3>
<dl>
<dt><a name="REVISION_PATTERN">REVISION_PATTERN</a></dt>
<dd class="description"></dd>
<dt><a name="TRUNK_URL">TRUNK_URL</a></dt>
<dd class="description"></dd>
</dl>
</div>
@@ -232,7 +252,7 @@
<pre>
<span class="ruby-comment"># File lib/updater/svn_updater.rb, line 26</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">is_installed?</span>
<span class="ruby-node">%[svn info &quot;#{@repo_directory}&quot; --xml 2&gt;&amp;1]</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/revision=/</span> <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
<span class="ruby-node">%[svn info &quot;#@repo_directory&quot; --xml 2&gt;&amp;1]</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/revision=/</span> <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- is_installed-3F-source -->
@@ -265,8 +285,8 @@
<pre>
<span class="ruby-comment"># File lib/updater/svn_updater.rb, line 30</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">local_revision_number</span>
<span class="ruby-identifier">local_revision</span> = <span class="ruby-node">%[svn info &quot;#{@repo_directory}&quot; --xml 2&gt;&amp;1]</span>
<span class="ruby-identifier">local_revision</span>[<span class="ruby-identifier">@@revision_pattern</span>, <span class="ruby-value">1</span>].<span class="ruby-identifier">to_s</span>
<span class="ruby-identifier">local_revision</span> = <span class="ruby-node">%[svn info &quot;#@repo_directory&quot; --xml 2&gt;&amp;1]</span>
<span class="ruby-identifier">local_revision</span>[<span class="ruby-constant">REVISION_PATTERN</span>, <span class="ruby-value">1</span>].<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- local_revision_number-source -->
@@ -299,7 +319,7 @@
<pre>
<span class="ruby-comment"># File lib/updater/svn_updater.rb, line 35</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">update</span>
<span class="ruby-node">%[svn up &quot;#{@repo_directory}&quot;]</span>
<span class="ruby-node">%[svn up &quot;#@repo_directory&quot;]</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- update-source -->

5
doc/Svn_Parser.html
View File

@@ -85,6 +85,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -337,8 +339,7 @@
<span class="ruby-identifier">dirs</span> = <span class="ruby-identifier">get_root_directories</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">urls</span> = <span class="ruby-identifier">get_svn_project_urls</span>(<span class="ruby-identifier">dirs</span>)
<span class="ruby-identifier">entries</span> = <span class="ruby-identifier">get_svn_file_entries</span>(<span class="ruby-identifier">urls</span>)
<span class="ruby-keyword">return</span> <span class="ruby-identifier">entries</span>
<span class="ruby-identifier">get_svn_file_entries</span>(<span class="ruby-identifier">urls</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- parse-source -->

2
doc/Updater.html
View File

@@ -91,6 +91,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

2
doc/UpdaterFactory.html
View File

@@ -85,6 +85,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

10
doc/Vulnerable.html
View File

@@ -83,6 +83,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -205,11 +207,11 @@
<h3 class="section-header">Attributes</h3>
<div id="vulns_xml-attribute-method" class="method-detail">
<a name="vulns_xml"></a>
<div id="vulns_file-attribute-method" class="method-detail">
<a name="vulns_file"></a>
<div class="method-heading attribute-method-heading">
<span class="method-name">vulns_xml</span><span
<span class="method-name">vulns_file</span><span
class="attribute-access-type">[R]</span>
</div>
@@ -268,7 +270,7 @@ be empty)</p>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">vulnerabilities</span>
<span class="ruby-identifier">vulnerabilities</span> = []
<span class="ruby-identifier">xml</span> = <span class="ruby-constant">Nokogiri</span><span class="ruby-operator">::</span><span class="ruby-constant">XML</span>(<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-ivar">@vulns_xml</span>)) <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">config</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">xml</span> = <span class="ruby-constant">Nokogiri</span><span class="ruby-operator">::</span><span class="ruby-constant">XML</span>(<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-ivar">@vulns_file</span>)) <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">config</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">config</span>.<span class="ruby-identifier">noblanks</span>
<span class="ruby-keyword">end</span>

19
doc/WebSite.html
View File

@@ -81,6 +81,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -224,7 +226,7 @@
<div class="method-source-code" id="is_online-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/web_site.rb, line 50</span>
<span class="ruby-comment"># File lib/wpscan/modules/web_site.rb, line 52</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">is_online?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">code</span> <span class="ruby-operator">!=</span> <span class="ruby-value">0</span>
<span class="ruby-keyword">end</span></pre>
@@ -261,15 +263,17 @@
<span class="ruby-keyword">def</span> <span class="ruby-identifier">is_wordpress?</span>
<span class="ruby-identifier">wordpress</span> = <span class="ruby-keyword">false</span>
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">login_url</span>(),
{ <span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span> }
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(
<span class="ruby-identifier">login_url</span>(),
{<span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>}
)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">%{WordPress}</span>
<span class="ruby-identifier">wordpress</span> = <span class="ruby-keyword">true</span>
<span class="ruby-keyword">else</span>
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">xmlrpc_url</span>(),
{ <span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span> }
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(
<span class="ruby-identifier">xmlrpc_url</span>(),
{<span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>}
)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">%{XML-RPC server accepts POST requests only}</span>
@@ -309,8 +313,9 @@ redirection or nil</p>
<div class="method-source-code" id="redirection-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/web_site.rb, line 56</span>
<span class="ruby-comment"># File lib/wpscan/modules/web_site.rb, line 58</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">redirection</span>(<span class="ruby-identifier">url</span> = <span class="ruby-keyword">nil</span>)
<span class="ruby-identifier">redirection</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-identifier">url</span> <span class="ruby-operator">||=</span> <span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">url</span>)
@@ -349,7 +354,7 @@ redirection or nil</p>
<div class="method-source-code" id="xmlrpc_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/web_site.rb, line 45</span>
<span class="ruby-comment"># File lib/wpscan/modules/web_site.rb, line 47</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">xmlrpc_url</span>
<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;xmlrpc.php&quot;</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>

11
doc/WpConfigBackup.html
View File

@@ -77,6 +77,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -222,10 +224,11 @@
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_config_backup.rb, line 49</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">config_backup_files</span>
[
<span class="ruby-string">'wp-config.php~'</span>,<span class="ruby-string">'#wp-config.php#'</span>,<span class="ruby-string">'wp-config.php.save'</span>,<span class="ruby-string">'wp-config.php.swp'</span>,<span class="ruby-string">'wp-config.php.swo'</span>,<span class="ruby-string">'wp-config.php_bak'</span>,
<span class="ruby-string">'wp-config.bak'</span>, <span class="ruby-string">'wp-config.php.bak'</span>, <span class="ruby-string">'wp-config.save'</span>
] <span class="ruby-comment"># thanks to Feross.org for these</span>
<span class="ruby-node">%{
wp-config.php~ #wp-config.php# wp-config.php.save wp-config.php.swp wp-config.php.swo wp-config.php_bak
wp-config.bak wp-config.php.bak wp-config.save wp-config.old wp-config.php.old wp-config.php.orig
wp-config.orig wp-config.php.original wp-config.original
}</span> <span class="ruby-comment"># thanks to Feross.org for these</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- config_backup_files-source -->

16
doc/WpDetector.html
View File

@@ -85,6 +85,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -242,12 +244,12 @@
<span class="ruby-identifier">already_present</span> = <span class="ruby-keyword">false</span>
<span class="ruby-identifier">result</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">r</span><span class="ruby-operator">|</span>
<span class="ruby-comment"># Already found via passive detection</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">r</span>[<span class="ruby-value">:name</span>] <span class="ruby-operator">==</span> <span class="ruby-identifier">enum_result</span>[<span class="ruby-value">:name</span>]
<span class="ruby-keyword">if</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">name</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">enum_result</span>.<span class="ruby-identifier">name</span>
<span class="ruby-identifier">already_present</span> = <span class="ruby-keyword">true</span>
<span class="ruby-keyword">break</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">if</span> <span class="ruby-keyword">not</span> <span class="ruby-identifier">already_present</span>
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">already_present</span>
<span class="ruby-identifier">result</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">enum_result</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
@@ -300,12 +302,14 @@
<span class="ruby-identifier">names</span>.<span class="ruby-identifier">uniq!</span>
<span class="ruby-identifier">names</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">item</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">items</span> <span class="ruby-operator">&lt;&lt;</span> {
<span class="ruby-identifier">items</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-constant">WpItem</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-value">:url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">url</span>,
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>,
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-node">&quot;#{type}/#{item}/&quot;</span>,
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">wp_content_dir</span>
}
<span class="ruby-value">:type</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">type</span>,
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-node">&quot;#{item}/&quot;</span>,
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">wp_content_dir</span>,
<span class="ruby-value">:vulns_file</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;&quot;</span>
)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">items</span>
<span class="ruby-keyword">end</span></pre>

37
doc/WpEnumerator.html
View File

@@ -85,6 +85,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -271,11 +273,7 @@
<span class="ruby-identifier">enumerate_size</span> = <span class="ruby-identifier">targets</span>.<span class="ruby-identifier">size</span>
<span class="ruby-identifier">targets</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">target</span><span class="ruby-operator">|</span>
<span class="ruby-comment"># Timthumb files have no /timthumbs/ directory</span>
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:type</span>] <span class="ruby-operator">=~</span> <span class="ruby-regexp">/timthumbs/</span>
<span class="ruby-identifier">target</span>[<span class="ruby-value">:path</span>] = <span class="ruby-node">&quot;#{options[:type]}/#{target[:path]}&quot;</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">url</span> = <span class="ruby-node">&quot;#{target[:url]}#{target[:wp_content_dir]}/#{target[:path]}&quot;</span>
<span class="ruby-identifier">url</span> = <span class="ruby-identifier">target</span>.<span class="ruby-identifier">get_url</span>
<span class="ruby-identifier">request</span> = <span class="ruby-identifier">enum_browser</span>.<span class="ruby-identifier">forge_request</span>(<span class="ruby-identifier">url</span>, { <span class="ruby-value">:cache_timeout</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">0</span>, <span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span> })
<span class="ruby-identifier">request_count</span> <span class="ruby-operator">+=</span> <span class="ruby-value">1</span>
@@ -338,7 +336,7 @@
<div class="method-source-code" id="generate_items-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_enumerator.rb, line 88</span>
<span class="ruby-comment"># File lib/wpscan/wp_enumerator.rb, line 84</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">generate_items</span>(<span class="ruby-identifier">options</span> = {})
<span class="ruby-identifier">only_vulnerable</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:only_vulnerable_ones</span>]
<span class="ruby-identifier">file</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:file</span>]
@@ -346,18 +344,22 @@
<span class="ruby-identifier">wp_content_dir</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>]
<span class="ruby-identifier">url</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>]
<span class="ruby-identifier">type</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:type</span>]
<span class="ruby-identifier">plugins_dir</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_plugins_dir</span>]
<span class="ruby-identifier">targets_url</span> = []
<span class="ruby-keyword">if</span> <span class="ruby-identifier">only_vulnerable</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">false</span>
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">only_vulnerable</span>
<span class="ruby-comment"># Open and parse the 'most popular' plugin list...</span>
<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-identifier">file</span>, <span class="ruby-string">'r'</span>) <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">f</span><span class="ruby-operator">|</span>
<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-identifier">file</span>, <span class="ruby-string">&quot;r&quot;</span>) <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">f</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">f</span>.<span class="ruby-identifier">readlines</span>.<span class="ruby-identifier">collect</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">line</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">targets_url</span> <span class="ruby-operator">&lt;&lt;</span> {
<span class="ruby-identifier">targets_url</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-constant">WpItem</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-value">:url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">url</span>,
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">line</span>.<span class="ruby-identifier">strip</span>,
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">wp_content_dir</span>,
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-constant">File</span>.<span class="ruby-identifier">dirname</span>(<span class="ruby-identifier">line</span>.<span class="ruby-identifier">strip</span>)
}
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-constant">File</span>.<span class="ruby-identifier">dirname</span>(<span class="ruby-identifier">line</span>.<span class="ruby-identifier">strip</span>),
<span class="ruby-value">:vulns_file</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">vulns_file</span>,
<span class="ruby-value">:type</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">type</span>,
<span class="ruby-value">:wp_plugins_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">plugins_dir</span>
)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
@@ -371,17 +373,20 @@
<span class="ruby-comment"># We check if the plugin name from the plugin_vulns_file is already in targets, otherwise we add it</span>
<span class="ruby-identifier">xml</span>.<span class="ruby-identifier">xpath</span>(<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath_2</span>]).<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">node</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">name</span> = <span class="ruby-identifier">node</span>.<span class="ruby-identifier">attribute</span>(<span class="ruby-string">&quot;name&quot;</span>).<span class="ruby-identifier">text</span>
<span class="ruby-identifier">targets_url</span> <span class="ruby-operator">&lt;&lt;</span> {
<span class="ruby-identifier">targets_url</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-constant">WpItem</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-value">:url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">url</span>,
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">name</span>,
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">wp_content_dir</span>,
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">name</span>
}
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">name</span>,
<span class="ruby-value">:vulns_file</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">vulns_file</span>,
<span class="ruby-value">:type</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">type</span>,
<span class="ruby-value">:wp_plugins_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">plugins_dir</span>
)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">targets_url</span>.<span class="ruby-identifier">flatten!</span>
<span class="ruby-identifier">targets_url</span>.<span class="ruby-identifier">uniq!</span>
<span class="ruby-identifier">targets_url</span>.<span class="ruby-identifier">flatten!</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">t</span><span class="ruby-operator">|</span> <span class="ruby-identifier">t</span>.<span class="ruby-identifier">name</span> }
<span class="ruby-identifier">targets_url</span>.<span class="ruby-identifier">uniq!</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">t</span><span class="ruby-operator">|</span> <span class="ruby-identifier">t</span>.<span class="ruby-identifier">name</span> }
<span class="ruby-comment"># randomize the plugins array to *maybe* help in some crappy IDS/IPS/WAF detection</span>
<span class="ruby-identifier">targets_url</span>.<span class="ruby-identifier">sort_by!</span> { <span class="ruby-identifier">rand</span> }
<span class="ruby-keyword">end</span></pre>

2
doc/WpFullPathDisclosure.html
View File

@@ -77,6 +77,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

137
doc/WpItem.html
View File

@@ -79,6 +79,8 @@
<li><a href="#method-i-extract_name_from_url">#extract_name_from_url</a></li>
<li><a href="#method-i-get_sub_folder">#get_sub_folder</a></li>
<li><a href="#method-i-get_url">#get_url</a></li>
<li><a href="#method-i-get_url_without_filename">#get_url_without_filename</a></li>
@@ -109,6 +111,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -262,6 +266,23 @@
</div>
</div>
<div id="type-attribute-method" class="method-detail">
<a name="type"></a>
<a name="type="></a>
<div class="method-heading attribute-method-heading">
<span class="method-name">type</span><span
class="attribute-access-type">[RW]</span>
</div>
<div class="method-description">
</div>
</div>
@@ -282,13 +303,13 @@
</div>
</div>
<div id="vulns_xml-attribute-method" class="method-detail">
<a name="vulns_xml"></a>
<div id="vulns_file-attribute-method" class="method-detail">
<a name="vulns_file"></a>
<a name="vulns_xml="></a>
<a name="vulns_file="></a>
<div class="method-heading attribute-method-heading">
<span class="method-name">vulns_xml</span><span
<span class="method-name">vulns_file</span><span
class="attribute-access-type">[RW]</span>
</div>
@@ -330,6 +351,23 @@
</div>
</div>
<div id="wp_plugin_dir-attribute-method" class="method-detail">
<a name="wp_plugin_dir"></a>
<a name="wp_plugin_dir="></a>
<div class="method-heading attribute-method-heading">
<span class="method-name">wp_plugin_dir</span><span
class="attribute-access-type">[RW]</span>
</div>
<div class="method-description">
</div>
</div>
@@ -348,7 +386,7 @@
<div class="method-heading">
<span class="method-name">new</span><span
class="method-args">(options = {})</span>
class="method-args">(options)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
@@ -362,19 +400,22 @@
<div class="method-source-code" id="new-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 25</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">options</span> = {})
<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-ivar">@type</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:type</span>]
<span class="ruby-ivar">@wp_content_dir</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>] <span class="ruby-operator">||</span> <span class="ruby-string">&quot;wp-content&quot;</span>
<span class="ruby-ivar">@wp_plugin_dir</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_plugins_dir</span>] <span class="ruby-operator">||</span> <span class="ruby-string">&quot;plugins&quot;</span>
<span class="ruby-ivar">@url</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>]
<span class="ruby-ivar">@path</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:path</span>]
<span class="ruby-ivar">@name</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:name</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">extract_name_from_url</span>
<span class="ruby-ivar">@vulns_xml</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xml</span>]
<span class="ruby-ivar">@vulns_xpath</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath</span>].<span class="ruby-identifier">sub</span>(<span class="ruby-regexp">/\$name\$/</span>, <span class="ruby-ivar">@name</span>)
<span class="ruby-ivar">@vulns_file</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>]
<span class="ruby-ivar">@vulns_xpath</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath</span>].<span class="ruby-identifier">sub</span>(<span class="ruby-regexp">/\$name\$/</span>, <span class="ruby-ivar">@name</span>) <span class="ruby-keyword">unless</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath</span>] <span class="ruby-operator">==</span> <span class="ruby-keyword">nil</span>
<span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;url not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@url</span>
<span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;path not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@path</span>
<span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;wp_content_dir not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@wp_content_dir</span>
<span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;name not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@name</span>
<span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;vulns_xml not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@vulns_xml</span>
<span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;vulns_file not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@vulns_file</span>
<span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;type not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@type</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- new-source -->
@@ -411,7 +452,7 @@
<div class="method-source-code" id="3C-3D-3E-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 97</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 121</span>
<span class="ruby-keyword">def</span> <span class="ruby-operator">&lt;=&gt;</span>(<span class="ruby-identifier">other</span>)
<span class="ruby-identifier">other</span>.<span class="ruby-identifier">name</span> <span class="ruby-operator">&lt;=&gt;</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">name</span>
<span class="ruby-keyword">end</span></pre>
@@ -444,7 +485,7 @@
<div class="method-source-code" id="3D-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 87</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 111</span>
<span class="ruby-keyword">def</span> <span class="ruby-operator">==</span>(<span class="ruby-identifier">other</span>)
<span class="ruby-identifier">other</span>.<span class="ruby-identifier">name</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">name</span>
<span class="ruby-keyword">end</span></pre>
@@ -477,7 +518,7 @@
<div class="method-source-code" id="3D-3D-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 92</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 116</span>
<span class="ruby-keyword">def</span> <span class="ruby-operator">===</span>(<span class="ruby-identifier">other</span>)
<span class="ruby-identifier">other</span>.<span class="ruby-identifier">name</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">name</span>
<span class="ruby-keyword">end</span></pre>
@@ -510,7 +551,7 @@
<div class="method-source-code" id="changelog_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 107</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 131</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">changelog_url</span>
<span class="ruby-identifier">get_url_without_filename</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;changelog.txt&quot;</span>)
<span class="ruby-keyword">end</span></pre>
@@ -543,7 +584,7 @@
<div class="method-source-code" id="directory_listing-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 70</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 94</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">directory_listing?</span>
<span class="ruby-comment"># Need to remove to file part from the url</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">get_url_without_filename</span>).<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%{&lt;title&gt;Index of}</span>] <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
@@ -577,7 +618,7 @@
<div class="method-source-code" id="extract_name_from_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 76</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 100</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">extract_name_from_url</span>
<span class="ruby-identifier">get_url</span>.<span class="ruby-identifier">to_s</span>[<span class="ruby-regexp">%{^(https?://.*/([^/]+)/)}</span>, <span class="ruby-value">2</span>]
<span class="ruby-keyword">end</span></pre>
@@ -591,6 +632,50 @@
</div><!-- extract_name_from_url-method -->
<div id="get_sub_folder-method" class="method-detail ">
<a name="method-i-get_sub_folder"></a>
<div class="method-heading">
<span class="method-name">get_sub_folder</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="get_sub_folder-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 43</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_sub_folder</span>
<span class="ruby-keyword">case</span> <span class="ruby-ivar">@type</span>
<span class="ruby-keyword">when</span> <span class="ruby-string">&quot;plugins&quot;</span>
<span class="ruby-identifier">folder</span> = <span class="ruby-ivar">@wp_plugin_dir</span>
<span class="ruby-keyword">when</span> <span class="ruby-string">&quot;themes&quot;</span>
<span class="ruby-identifier">folder</span> = <span class="ruby-string">&quot;themes&quot;</span>
<span class="ruby-keyword">when</span> <span class="ruby-string">&quot;timthumbs&quot;</span>
<span class="ruby-comment"># not needed</span>
<span class="ruby-identifier">folder</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-keyword">else</span>
<span class="ruby-identifier">raise</span>(<span class="ruby-node">&quot;unknown type #@type&quot;</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">folder</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- get_sub_folder-source -->
</div>
</div><!-- get_sub_folder-method -->
<div id="get_url-method" class="method-detail ">
<a name="method-i-get_url"></a>
@@ -610,14 +695,20 @@
<div class="method-source-code" id="get_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 41</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 59</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_url</span>
<span class="ruby-identifier">url</span> = <span class="ruby-ivar">@url</span>.<span class="ruby-identifier">to_s</span>.<span class="ruby-identifier">end_with?</span>(<span class="ruby-string">&quot;/&quot;</span>) <span class="ruby-operator">?</span> <span class="ruby-ivar">@url</span>.<span class="ruby-identifier">to_s</span> <span class="ruby-operator">:</span> <span class="ruby-node">&quot;#@url/&quot;</span>
<span class="ruby-comment"># remove first and last /</span>
<span class="ruby-identifier">wp_content_dir</span> = <span class="ruby-ivar">@wp_content_dir</span>.<span class="ruby-identifier">sub</span>(<span class="ruby-regexp">/^\//</span>, <span class="ruby-string">&quot;&quot;</span>).<span class="ruby-identifier">sub</span>(<span class="ruby-regexp">/\/$/</span>, <span class="ruby-string">&quot;&quot;</span>)
<span class="ruby-comment"># remove first /</span>
<span class="ruby-identifier">path</span> = <span class="ruby-ivar">@path</span>.<span class="ruby-identifier">sub</span>(<span class="ruby-regexp">/^\//</span>, <span class="ruby-string">&quot;&quot;</span>)
<span class="ruby-constant">URI</span>.<span class="ruby-identifier">parse</span>(<span class="ruby-node">&quot;#{url}#{wp_content_dir}/#{path}&quot;</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">type</span> <span class="ruby-operator">==</span> <span class="ruby-string">&quot;timthumbs&quot;</span>
<span class="ruby-comment"># timthumbs have folder in path variable</span>
<span class="ruby-identifier">ret</span> = <span class="ruby-constant">URI</span>.<span class="ruby-identifier">parse</span>(<span class="ruby-node">&quot;#{url}#{wp_content_dir}/#{path}&quot;</span>)
<span class="ruby-keyword">else</span>
<span class="ruby-identifier">ret</span> = <span class="ruby-constant">URI</span>.<span class="ruby-identifier">parse</span>(<span class="ruby-node">&quot;#{url}#{wp_content_dir}/#{get_sub_folder}/#{path}&quot;</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">ret</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- get_url-source -->
@@ -648,7 +739,7 @@
<div class="method-source-code" id="get_url_without_filename-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 51</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 75</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_url_without_filename</span>
<span class="ruby-identifier">location_url</span> = <span class="ruby-identifier">get_url</span>.<span class="ruby-identifier">to_s</span>
<span class="ruby-identifier">valid_location_url</span> = <span class="ruby-identifier">location_url</span>[<span class="ruby-regexp">%{^(https?://.*/)[^.]+\.[^/]+$}</span>, <span class="ruby-value">1</span>]
@@ -686,7 +777,7 @@
<div class="method-source-code" id="has_changelog-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 121</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 145</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_changelog?</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@changelog</span>
<span class="ruby-identifier">status</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">changelog_url</span>).<span class="ruby-identifier">code</span>
@@ -723,7 +814,7 @@
<div class="method-source-code" id="has_readme-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 112</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 136</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_readme?</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@readme</span>
<span class="ruby-identifier">status</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">readme_url</span>).<span class="ruby-identifier">code</span>
@@ -760,7 +851,7 @@
<div class="method-source-code" id="readme_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 102</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 126</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">readme_url</span>
<span class="ruby-identifier">get_url_without_filename</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;readme.txt&quot;</span>)
<span class="ruby-keyword">end</span></pre>
@@ -793,7 +884,7 @@
<div class="method-source-code" id="to_s-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 81</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 105</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">to_s</span>
<span class="ruby-identifier">item_version</span> = <span class="ruby-identifier">version</span>
<span class="ruby-node">&quot;#@name#{' v' + item_version.strip if item_version}&quot;</span>
@@ -827,7 +918,7 @@
<div class="method-source-code" id="version-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 61</span>
<span class="ruby-comment"># File lib/wpscan/wp_item.rb, line 85</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">version</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@version</span>
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">get_url</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;readme.txt&quot;</span>).<span class="ruby-identifier">to_s</span>)

2
doc/WpOptions.html
View File

@@ -83,6 +83,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

11
doc/WpPlugin.html
View File

@@ -87,6 +87,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -232,7 +234,8 @@
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 20</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">options</span> = {})
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xml</span>] = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xml</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">'/plugin_vulns.xml'</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] = (<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">!=</span> <span class="ruby-keyword">nil</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">!=</span> <span class="ruby-string">&quot;&quot;</span>) <span class="ruby-operator">?</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">:</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">&quot;/plugin_vulns.xml&quot;</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath</span>] = <span class="ruby-string">&quot;//plugin[@name='$name$']/vulnerability&quot;</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath_2</span>] = <span class="ruby-string">&quot;//plugin&quot;</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:type</span>] = <span class="ruby-string">&quot;plugins&quot;</span>
@@ -276,9 +279,9 @@ href="http://www.exploit-db.com/ghdb/3714/">www.exploit-db.com/ghdb/3714/</a></p
<div class="method-source-code" id="error_log-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 33</span>
<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 34</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">error_log?</span>
<span class="ruby-identifier">response_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">error_log_url</span>(), <span class="ruby-value">:headers</span> =<span class="ruby-operator">&gt;</span> { <span class="ruby-string">&quot;range&quot;</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;bytes=0-700&quot;</span>}).<span class="ruby-identifier">body</span>
<span class="ruby-identifier">response_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">error_log_url</span>(), <span class="ruby-value">:headers</span> =<span class="ruby-operator">&gt;</span> {<span class="ruby-string">&quot;range&quot;</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;bytes=0-700&quot;</span>}).<span class="ruby-identifier">body</span>
<span class="ruby-identifier">response_body</span>[<span class="ruby-regexp">%{PHP Fatal error}</span>] <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- error_log-3F-source -->
@@ -310,7 +313,7 @@ href="http://www.exploit-db.com/ghdb/3714/">www.exploit-db.com/ghdb/3714/</a></p
<div class="method-source-code" id="error_log_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 38</span>
<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 39</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">error_log_url</span>
<span class="ruby-identifier">get_url</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;error_log&quot;</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>

24
doc/WpPlugins.html
View File

@@ -77,6 +77,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -233,10 +235,12 @@
<span class="ruby-identifier">plugins</span> = []
<span class="ruby-identifier">result</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">r</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">plugins</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-constant">WpPlugin</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-value">:url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>[<span class="ruby-value">:url</span>],
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>[<span class="ruby-value">:path</span>],
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>[<span class="ruby-value">:wp_content_dir</span>],
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>[<span class="ruby-value">:name</span>]
<span class="ruby-value">:url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">url</span>,
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">path</span>,
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">wp_content_dir</span>,
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">name</span>,
<span class="ruby-value">:type</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;plugins&quot;</span>,
<span class="ruby-value">:wp_plugins_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">wp_plugin_dir</span>
)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">plugins</span>.<span class="ruby-identifier">sort_by</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">p</span><span class="ruby-operator">|</span> <span class="ruby-identifier">p</span>.<span class="ruby-identifier">name</span> }
@@ -278,17 +282,19 @@ plugins can be found in the source code :</p>
<div class="method-source-code" id="plugins_from_passive_detection-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_plugins.rb, line 49</span>
<span class="ruby-comment"># File lib/wpscan/modules/wp_plugins.rb, line 51</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">plugins_from_passive_detection</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">plugins</span> = []
<span class="ruby-identifier">temp</span> = <span class="ruby-constant">WpDetector</span>.<span class="ruby-identifier">passive_detection</span>(<span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>], <span class="ruby-string">&quot;plugins&quot;</span>, <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>])
<span class="ruby-identifier">temp</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">item</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">plugins</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-constant">WpPlugin</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-value">:url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>[<span class="ruby-value">:url</span>],
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>[<span class="ruby-value">:name</span>],
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>[<span class="ruby-value">:path</span>],
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>]
<span class="ruby-value">:url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>.<span class="ruby-identifier">url</span>,
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>.<span class="ruby-identifier">name</span>,
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>.<span class="ruby-identifier">path</span>,
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>],
<span class="ruby-value">:type</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;plugins&quot;</span>,
<span class="ruby-value">:wp_plugins_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_plugin_dir</span>]
)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">plugins</span>.<span class="ruby-identifier">sort_by</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">p</span><span class="ruby-operator">|</span> <span class="ruby-identifier">p</span>.<span class="ruby-identifier">name</span> }

2
doc/WpReadme.html
View File

@@ -77,6 +77,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

6
doc/WpTarget.html
View File

@@ -159,6 +159,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -493,7 +495,7 @@
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 112</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_debug_log?</span>
<span class="ruby-comment"># We only get the first 700 bytes of the file to avoid loading huge file (like 2Go)</span>
<span class="ruby-identifier">response_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">debug_log_url</span>(), <span class="ruby-value">:headers</span> =<span class="ruby-operator">&gt;</span> { <span class="ruby-string">&quot;range&quot;</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;bytes=0-700&quot;</span>}).<span class="ruby-identifier">body</span>
<span class="ruby-identifier">response_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">debug_log_url</span>(), <span class="ruby-value">:headers</span> =<span class="ruby-operator">&gt;</span> {<span class="ruby-string">&quot;range&quot;</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;bytes=0-700&quot;</span>}).<span class="ruby-identifier">body</span>
<span class="ruby-identifier">response_body</span>[<span class="ruby-regexp">%{\[[^\]]+\] PHP (?:Warning|Error|Notice):}</span>] <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_debug_log-3F-source -->
@@ -778,7 +780,7 @@
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 105</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">wp_plugins_dir</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@wp_plugins_dir</span>
<span class="ruby-ivar">@wp_plugins_dir</span> = <span class="ruby-identifier">wp_content_dir</span>() <span class="ruby-operator">+</span> <span class="ruby-string">&quot;/plugins&quot;</span>
<span class="ruby-ivar">@wp_plugins_dir</span> = <span class="ruby-string">&quot;plugins&quot;</span>
<span class="ruby-keyword">end</span>
<span class="ruby-ivar">@wp_plugins_dir</span>
<span class="ruby-keyword">end</span></pre>

22
doc/WpTheme.html
View File

@@ -91,6 +91,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -286,7 +288,7 @@
<div class="method-source-code" id="find-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 42</span>
<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 44</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find</span>(<span class="ruby-identifier">target_uri</span>)
<span class="ruby-keyword">self</span>.<span class="ruby-identifier">methods</span>.<span class="ruby-identifier">grep</span>(<span class="ruby-regexp">/find_from_/</span>).<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">method_to_call</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">theme</span> = <span class="ruby-keyword">self</span>.<span class="ruby-identifier">send</span>(<span class="ruby-identifier">method_to_call</span>, <span class="ruby-identifier">target_uri</span>)
@@ -326,8 +328,10 @@
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 25</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">options</span> = {})
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xml</span>] = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xml</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">'/wp_theme_vulns.xml'</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] = (<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">!=</span> <span class="ruby-keyword">nil</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">!=</span> <span class="ruby-string">&quot;&quot;</span>) <span class="ruby-operator">?</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">:</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">&quot;/wp_theme_vulns.xml&quot;</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath</span>] = <span class="ruby-string">&quot;//theme[@name='$name$']/vulnerability&quot;</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:type</span>] = <span class="ruby-string">&quot;themes&quot;</span>
<span class="ruby-ivar">@version</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:version</span>]
<span class="ruby-ivar">@style_url</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:style_url</span>]
<span class="ruby-keyword">super</span>(<span class="ruby-identifier">options</span>)
@@ -367,11 +371,12 @@
<div class="method-source-code" id="find_from_css_link-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 58</span>
<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 60</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_css_link</span>(<span class="ruby-identifier">target_uri</span>)
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">to_s</span>, { <span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span> })
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">to_s</span>, {<span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>})
<span class="ruby-keyword">if</span> <span class="ruby-identifier">matches</span> = <span class="ruby-regexp">%{https?://[^&quot;']+/themes/([^&quot;']+)/style.css}</span>.<span class="ruby-identifier">match</span>(<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>)
<span class="ruby-identifier">matches</span> = <span class="ruby-regexp">%{https?://[^&quot;']+/themes/([^&quot;']+)/style.css}</span>.<span class="ruby-identifier">match</span>(<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">matches</span>
<span class="ruby-identifier">style_url</span> = <span class="ruby-identifier">matches</span>[<span class="ruby-value">0</span>]
<span class="ruby-identifier">theme_name</span> = <span class="ruby-identifier">matches</span>[<span class="ruby-value">1</span>]
@@ -413,12 +418,13 @@ href="http://code.google.com/p/wpscan/issues/detail?id=141">code.google.com/p/wp
<div class="method-source-code" id="find_from_wooframework-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 75</span>
<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 78</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_wooframework</span>(<span class="ruby-identifier">target_uri</span>)
<span class="ruby-identifier">body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>
<span class="ruby-identifier">regexp</span> = <span class="ruby-regexp">%{&lt;meta name=&quot;generator&quot; content=&quot;([^\s&quot;]+)\s?([^&quot;]+)?&quot; /&gt;\s+&lt;meta name=&quot;generator&quot; content=&quot;WooFramework\s?([^&quot;]+)?&quot; /&gt;}</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">matches</span> = <span class="ruby-identifier">regexp</span>.<span class="ruby-identifier">match</span>(<span class="ruby-identifier">body</span>)
<span class="ruby-identifier">matches</span> = <span class="ruby-identifier">regexp</span>.<span class="ruby-identifier">match</span>(<span class="ruby-identifier">body</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">matches</span>
<span class="ruby-identifier">woo_theme_name</span> = <span class="ruby-identifier">matches</span>[<span class="ruby-value">1</span>]
<span class="ruby-identifier">woo_theme_version</span> = <span class="ruby-identifier">matches</span>[<span class="ruby-value">2</span>]
<span class="ruby-identifier">woo_framework_version</span> = <span class="ruby-identifier">matches</span>[<span class="ruby-value">3</span>] <span class="ruby-comment"># Not used at this time</span>
@@ -466,7 +472,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=141">code.google.com/p/wp
<div class="method-source-code" id="3D-3D-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 51</span>
<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 53</span>
<span class="ruby-keyword">def</span> <span class="ruby-operator">===</span>(<span class="ruby-identifier">wp_theme</span>)
<span class="ruby-identifier">wp_theme</span>.<span class="ruby-identifier">name</span> <span class="ruby-operator">===</span> <span class="ruby-ivar">@name</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">wp_theme</span>.<span class="ruby-identifier">version</span> <span class="ruby-operator">===</span> <span class="ruby-ivar">@version</span>
<span class="ruby-keyword">end</span></pre>

11
doc/WpTimthumbs.html
View File

@@ -79,6 +79,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -319,12 +321,15 @@
timthumb.php lib/timthumb.php inc/timthumb.php includes/timthumb.php
scripts/timthumb.php tools/timthumb.php functions/timthumb.php
}</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">file</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">targets</span> <span class="ruby-operator">&lt;&lt;</span> {
<span class="ruby-identifier">targets</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-constant">WpItem</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-value">:url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>],
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-node">&quot;themes/#{theme_name}/#{file}&quot;</span>,
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>],
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:name</span>]
}
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">theme_name</span>,
<span class="ruby-value">:vulns_file</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;XX&quot;</span>,
<span class="ruby-value">:type</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;timthumbs&quot;</span>,
<span class="ruby-value">:wp_plugins_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_plugins_dir</span>]
)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">targets</span>
<span class="ruby-keyword">end</span></pre>

4
doc/WpUsernames.html
View File

@@ -85,6 +85,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -333,7 +335,7 @@
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 60</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_nickname_from_url</span>(<span class="ruby-identifier">url</span>)
<span class="ruby-identifier">resp</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">url</span>, { <span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span> })
<span class="ruby-identifier">resp</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">url</span>, {<span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>})
<span class="ruby-identifier">nickname</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">200</span>
<span class="ruby-identifier">nickname</span> = <span class="ruby-identifier">extract_nickname_from_body</span>(<span class="ruby-identifier">resp</span>.<span class="ruby-identifier">body</span>)

18
doc/WpVersion.html
View File

@@ -97,6 +97,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -336,7 +338,7 @@ etc)</p>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">number</span>, <span class="ruby-identifier">options</span> = {})
<span class="ruby-ivar">@number</span> = <span class="ruby-identifier">number</span>
<span class="ruby-ivar">@discovery_method</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:discovery_method</span>]
<span class="ruby-ivar">@vulns_xml</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xml</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">'/wp_vulns.xml'</span>
<span class="ruby-ivar">@vulns_file</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">'/wp_vulns.xml'</span>
<span class="ruby-ivar">@vulns_xpath</span> = <span class="ruby-node">&quot;//wordpress[@version='#{@number}']/vulnerability&quot;</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- new-source -->
@@ -392,7 +394,9 @@ file across all versions of wordpress.</p>
<span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 94</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_advanced_fingerprinting</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>]
<span class="ruby-identifier">xml</span> = <span class="ruby-constant">Nokogiri</span><span class="ruby-operator">::</span><span class="ruby-constant">XML</span>(<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">'/wp_versions.xml'</span>)) <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">config</span><span class="ruby-operator">|</span>
<span class="ruby-comment"># needed for rpsec tests</span>
<span class="ruby-identifier">version_xml</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:version_xml</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">&quot;/wp_versions.xml&quot;</span>
<span class="ruby-identifier">xml</span> = <span class="ruby-constant">Nokogiri</span><span class="ruby-operator">::</span><span class="ruby-constant">XML</span>(<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-identifier">version_xml</span>)) <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">config</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">config</span>.<span class="ruby-identifier">noblanks</span>
<span class="ruby-keyword">end</span>
@@ -448,7 +452,7 @@ upgrade.</p>
<span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 61</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_meta_generator</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>]
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">to_s</span>, { <span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span> })
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">to_s</span>, {<span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>})
<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%{name=&quot;generator&quot; content=&quot;wordpress ([^&quot;]+)&quot;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
@@ -481,7 +485,7 @@ upgrade.</p>
<div class="method-source-code" id="find_from_readme-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 117</span>
<span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 119</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_readme</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>]
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;readme.html&quot;</span>).<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>[<span class="ruby-node">%{&lt;br /&gt;\sversion #{WpVersion.version_pattern}}</span>, <span class="ruby-value">1</span>]
@@ -518,7 +522,7 @@ upgrade.</p>
<span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 68</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_rss_generator</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>]
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;feed/&quot;</span>).<span class="ruby-identifier">to_s</span>, { <span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span> })
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;feed/&quot;</span>).<span class="ruby-identifier">to_s</span>, {<span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>})
<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%{&lt;generator&gt;http://wordpress.org/\?v=([^&lt;]+)&lt;/generator&gt;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
@@ -552,7 +556,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=109">code.google.com/p/wp
<div class="method-source-code" id="find_from_sitemap_generator-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 123</span>
<span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 125</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_sitemap_generator</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>]
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;sitemap.xml&quot;</span>).<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>[<span class="ruby-node">%{generator=&quot;wordpress/#{WpVersion.version_pattern}&quot;}</span>, <span class="ruby-value">1</span>]
@@ -587,7 +591,7 @@ one .</p>
<div class="method-source-code" id="version_pattern-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 129</span>
<span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 131</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">version_pattern</span>
<span class="ruby-string">'(.*(?=.)(?=.*\d)(?=.*[.]).*)'</span>
<span class="ruby-keyword">end</span></pre>

2
doc/WpVulnerability.html
View File

@@ -83,6 +83,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>

19
doc/WpscanOptions.html
View File

@@ -117,6 +117,8 @@
<li class="file"><a href="./CREDITS.html">CREDITS</a></li>
<li class="file"><a href="./Gemfile.html">Gemfile</a></li>
<li class="file"><a href="./README.html">README</a></li>
</ul>
@@ -357,7 +359,7 @@ any remaining - by _</p>
<div class="method-source-code" id="clean_option-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 216</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 217</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">clean_option</span>(<span class="ruby-identifier">option</span>)
<span class="ruby-identifier">cleaned_option</span> = <span class="ruby-identifier">option</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp">/^--?/</span>, <span class="ruby-string">''</span>)
<span class="ruby-identifier">cleaned_option</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp">/-/</span>, <span class="ruby-string">'_'</span>)
@@ -392,17 +394,17 @@ any remaining - by _</p>
<div class="method-source-code" id="get_opt_long-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 188</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 189</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">get_opt_long</span>
<span class="ruby-constant">GetoptLong</span>.<span class="ruby-identifier">new</span>(
[<span class="ruby-string">&quot;--url&quot;</span>, <span class="ruby-string">&quot;-u&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--enumerate&quot;</span>, <span class="ruby-string">&quot;-e&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">OPTIONAL_ARGUMENT</span>],
[<span class="ruby-string">&quot;--username&quot;</span>, <span class="ruby-string">&quot;-U&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--wordlist&quot;</span>, <span class="ruby-string">&quot;-w&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--threads&quot;</span>, <span class="ruby-string">&quot;-t&quot;</span>,<span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--force&quot;</span>, <span class="ruby-string">&quot;-f&quot;</span>,<span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">&quot;--threads&quot;</span>, <span class="ruby-string">&quot;-t&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
[<span class="ruby-string">&quot;--force&quot;</span>, <span class="ruby-string">&quot;-f&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">&quot;--help&quot;</span>, <span class="ruby-string">&quot;-h&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">&quot;--verbose&quot;</span>, <span class="ruby-string">&quot;-v&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>] ,
[<span class="ruby-string">&quot;--verbose&quot;</span>, <span class="ruby-string">&quot;-v&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">&quot;--proxy&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">OPTIONAL_ARGUMENT</span>],
[<span class="ruby-string">&quot;--update&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
[<span class="ruby-string">&quot;--follow-redirection&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">NO_ARGUMENT</span>],
@@ -440,7 +442,7 @@ any remaining - by _</p>
<div class="method-source-code" id="is_long_option-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 207</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 208</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">is_long_option?</span>(<span class="ruby-identifier">option</span>)
<span class="ruby-constant">ACCESSOR_OPTIONS</span>.<span class="ruby-identifier">include?</span>(<span class="ruby-value">:&quot;#{WpscanOptions.clean_option(option)}&quot;</span>)
<span class="ruby-keyword">end</span></pre>
@@ -473,7 +475,7 @@ any remaining - by _</p>
<div class="method-source-code" id="option_to_instance_variable_setter-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 221</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 222</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">option_to_instance_variable_setter</span>(<span class="ruby-identifier">option</span>)
<span class="ruby-identifier">cleaned_option</span> = <span class="ruby-constant">WpscanOptions</span>.<span class="ruby-identifier">clean_option</span>(<span class="ruby-identifier">option</span>)
<span class="ruby-identifier">option_syms</span> = <span class="ruby-constant">ACCESSOR_OPTIONS</span>.<span class="ruby-identifier">grep</span>(<span class="ruby-node">%{^#{cleaned_option}}</span>)
@@ -609,7 +611,8 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">value</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/u/</span>
<span class="ruby-ivar">@enumerate_usernames</span> = <span class="ruby-keyword">true</span>
<span class="ruby-comment"># Check for usernames range</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">matches</span> = <span class="ruby-regexp">%{\[([\d]+)-([\d]+)\]}</span>.<span class="ruby-identifier">match</span>(<span class="ruby-identifier">value</span>)
<span class="ruby-identifier">matches</span> = <span class="ruby-regexp">%{\[([\d]+)-([\d]+)\]}</span>.<span class="ruby-identifier">match</span>(<span class="ruby-identifier">value</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">matches</span>
<span class="ruby-ivar">@enumerate_usernames_range</span> = (<span class="ruby-identifier">matches</span>[<span class="ruby-value">1</span>].<span class="ruby-identifier">to_i</span><span class="ruby-operator">..</span><span class="ruby-identifier">matches</span>[<span class="ruby-value">2</span>].<span class="ruby-identifier">to_i</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>

69
doc/created.rid
View File

@@ -1,42 +1,43 @@
Fri, 21 Sep 2012 22:09:53 +0200
Sat, 22 Sep 2012 23:49:14 +0200
./CREDITS Mon, 17 Sep 2012 20:18:24 +0200
./lib/browser.rb Sun, 16 Sep 2012 15:18:58 +0200
./lib/cache_file_store.rb Sat, 15 Sep 2012 08:04:03 +0200
./lib/common_helper.rb Fri, 21 Sep 2012 19:02:49 +0200
./lib/environment.rb Thu, 20 Sep 2012 22:12:57 +0200
./Gemfile Sat, 22 Sep 2012 00:14:07 +0200
./lib/browser.rb Sat, 22 Sep 2012 15:51:15 +0200
./lib/cache_file_store.rb Sat, 22 Sep 2012 15:00:03 +0200
./lib/common_helper.rb Sat, 22 Sep 2012 16:08:50 +0200
./lib/environment.rb Sat, 22 Sep 2012 09:22:22 +0200
./lib/updater/git_updater.rb Sat, 15 Sep 2012 08:00:23 +0200
./lib/updater/svn_updater.rb Sat, 15 Sep 2012 08:00:34 +0200
./lib/updater/svn_updater.rb Sat, 22 Sep 2012 15:04:12 +0200
./lib/updater/updater.rb Sat, 15 Sep 2012 08:00:40 +0200
./lib/updater/updater_factory.rb Sat, 15 Sep 2012 08:00:46 +0200
./lib/wpscan/exploit.rb Sat, 15 Sep 2012 08:02:16 +0200
./lib/wpscan/modules/brute_force.rb Fri, 21 Sep 2012 20:51:52 +0200
./lib/wpscan/modules/malwares.rb Thu, 20 Sep 2012 22:23:58 +0200
./lib/wpscan/modules/web_site.rb Wed, 19 Sep 2012 21:33:46 +0200
./lib/wpscan/modules/wp_config_backup.rb Sat, 15 Sep 2012 08:01:11 +0200
./lib/wpscan/exploit.rb Fri, 21 Sep 2012 23:23:55 +0200
./lib/wpscan/modules/brute_force.rb Sat, 22 Sep 2012 00:10:17 +0200
./lib/wpscan/modules/malwares.rb Sat, 22 Sep 2012 15:01:32 +0200
./lib/wpscan/modules/web_site.rb Sat, 22 Sep 2012 16:18:55 +0200
./lib/wpscan/modules/wp_config_backup.rb Sat, 22 Sep 2012 15:01:32 +0200
./lib/wpscan/modules/wp_full_path_disclosure.rb Sat, 15 Sep 2012 08:01:17 +0200
./lib/wpscan/modules/wp_login_protection.rb Tue, 18 Sep 2012 17:51:20 +0200
./lib/wpscan/modules/wp_plugins.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/modules/wp_login_protection.rb Sat, 22 Sep 2012 16:18:32 +0200
./lib/wpscan/modules/wp_plugins.rb Sat, 22 Sep 2012 21:05:32 +0200
./lib/wpscan/modules/wp_readme.rb Sat, 15 Sep 2012 08:01:52 +0200
./lib/wpscan/modules/wp_themes.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/modules/wp_timthumbs.rb Wed, 19 Sep 2012 15:03:22 +0200
./lib/wpscan/modules/wp_usernames.rb Fri, 21 Sep 2012 18:48:29 +0200
./lib/wpscan/msfrpc_client.rb Sat, 15 Sep 2012 08:02:28 +0200
./lib/wpscan/vulnerable.rb Wed, 19 Sep 2012 22:21:47 +0200
./lib/wpscan/wp_detector.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_enumerator.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_item.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_options.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_plugin.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_target.rb Thu, 20 Sep 2012 22:16:44 +0200
./lib/wpscan/wp_theme.rb Fri, 21 Sep 2012 15:27:28 +0200
./lib/wpscan/wp_user.rb Fri, 21 Sep 2012 18:00:14 +0200
./lib/wpscan/wp_version.rb Wed, 19 Sep 2012 21:33:07 +0200
./lib/wpscan/wp_vulnerability.rb Sat, 15 Sep 2012 08:03:09 +0200
./lib/wpscan/modules/wp_themes.rb Sat, 22 Sep 2012 21:32:34 +0200
./lib/wpscan/modules/wp_timthumbs.rb Sat, 22 Sep 2012 23:24:13 +0200
./lib/wpscan/modules/wp_usernames.rb Sat, 22 Sep 2012 15:01:32 +0200
./lib/wpscan/msfrpc_client.rb Fri, 21 Sep 2012 23:32:27 +0200
./lib/wpscan/vulnerable.rb Sat, 22 Sep 2012 21:23:01 +0200
./lib/wpscan/wp_detector.rb Sat, 22 Sep 2012 21:23:10 +0200
./lib/wpscan/wp_enumerator.rb Sat, 22 Sep 2012 23:22:53 +0200
./lib/wpscan/wp_item.rb Sat, 22 Sep 2012 23:38:11 +0200
./lib/wpscan/wp_options.rb Sat, 22 Sep 2012 20:33:35 +0200
./lib/wpscan/wp_plugin.rb Sat, 22 Sep 2012 21:24:14 +0200
./lib/wpscan/wp_target.rb Sat, 22 Sep 2012 23:47:42 +0200
./lib/wpscan/wp_theme.rb Sat, 22 Sep 2012 21:24:57 +0200
./lib/wpscan/wp_user.rb Sat, 22 Sep 2012 16:12:25 +0200
./lib/wpscan/wp_version.rb Sat, 22 Sep 2012 21:25:11 +0200
./lib/wpscan/wp_vulnerability.rb Sat, 22 Sep 2012 16:11:58 +0200
./lib/wpscan/wpscan_helper.rb Sat, 15 Sep 2012 21:19:30 +0200
./lib/wpscan/wpscan_options.rb Fri, 21 Sep 2012 22:04:11 +0200
./lib/wpstools/generate_list.rb Sat, 15 Sep 2012 08:03:43 +0200
./lib/wpstools/parse_svn.rb Sat, 15 Sep 2012 23:36:25 +0200
./lib/wpstools/wpstools_helper.rb Sat, 15 Sep 2012 08:03:49 +0200
./lib/wpscan/wpscan_options.rb Sat, 22 Sep 2012 15:01:32 +0200
./lib/wpstools/generate_list.rb Sat, 22 Sep 2012 16:10:07 +0200
./lib/wpstools/parse_svn.rb Sat, 22 Sep 2012 16:10:30 +0200
./lib/wpstools/wpstools_helper.rb Sat, 22 Sep 2012 15:00:03 +0200
./README Thu, 13 Sep 2012 22:54:08 +0200
./wpscan.rb Fri, 21 Sep 2012 18:13:48 +0200
./wpstools.rb Sat, 15 Sep 2012 08:06:35 +0200
./wpscan.rb Sat, 22 Sep 2012 23:46:46 +0200
./wpstools.rb Sat, 22 Sep 2012 14:59:30 +0200

86
doc/index.html
View File

@@ -32,6 +32,8 @@
<li class="file"><a href="CREDITS.html">CREDITS</a></li>
<li class="file"><a href="Gemfile.html">Gemfile</a></li>
<li class="file"><a href="README.html">README</a></li>
</ul>
@@ -163,34 +165,34 @@
<li><a href="Malwares.html#method-c-malwares_file">::malwares_file &mdash; Malwares</a></li>
<li><a href="WpVersion.html#method-c-new">::new &mdash; WpVersion</a></li>
<li><a href="RpcClient.html#method-c-new">::new &mdash; RpcClient</a></li>
<li><a href="WpPlugin.html#method-c-new">::new &mdash; WpPlugin</a></li>
<li><a href="Exploit.html#method-c-new">::new &mdash; Exploit</a></li>
<li><a href="WpTheme.html#method-c-new">::new &mdash; WpTheme</a></li>
<li><a href="Svn_Parser.html#method-c-new">::new &mdash; Svn_Parser</a></li>
<li><a href="WpUser.html#method-c-new">::new &mdash; WpUser</a></li>
<li><a href="Generate_List.html#method-c-new">::new &mdash; Generate_List</a></li>
<li><a href="Updater.html#method-c-new">::new &mdash; Updater</a></li>
<li><a href="WpItem.html#method-c-new">::new &mdash; WpItem</a></li>
<li><a href="CacheFileStore.html#method-c-new">::new &mdash; CacheFileStore</a></li>
<li><a href="WpVulnerability.html#method-c-new">::new &mdash; WpVulnerability</a></li>
<li><a href="WpTheme.html#method-c-new">::new &mdash; WpTheme</a></li>
<li><a href="WpVersion.html#method-c-new">::new &mdash; WpVersion</a></li>
<li><a href="WpscanOptions.html#method-c-new">::new &mdash; WpscanOptions</a></li>
<li><a href="WpItem.html#method-c-new">::new &mdash; WpItem</a></li>
<li><a href="WpTarget.html#method-c-new">::new &mdash; WpTarget</a></li>
<li><a href="CacheFileStore.html#method-c-new">::new &mdash; CacheFileStore</a></li>
<li><a href="RpcClient.html#method-c-new">::new &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-c-new">::new &mdash; Exploit</a></li>
<li><a href="Updater.html#method-c-new">::new &mdash; Updater</a></li>
<li><a href="Generate_List.html#method-c-new">::new &mdash; Generate_List</a></li>
<li><a href="WpPlugin.html#method-c-new">::new &mdash; WpPlugin</a></li>
<li><a href="WpUser.html#method-c-new">::new &mdash; WpUser</a></li>
<li><a href="WpscanOptions.html#method-c-option_to_instance_variable_setter">::option_to_instance_variable_setter &mdash; WpscanOptions</a></li>
<li><a href="WpDetector.html#method-c-passive_detection">::passive_detection &mdash; WpDetector</a></li>
@@ -201,18 +203,18 @@
<li><a href="WpVersion.html#method-c-version_pattern">::version_pattern &mdash; WpVersion</a></li>
<li><a href="WpItem.html#method-i-3C-3D-3E">#<=> &mdash; WpItem</a></li>
<li><a href="WpUser.html#method-i-3C-3D-3E">#<=> &mdash; WpUser</a></li>
<li><a href="WpItem.html#method-i-3D-3D">#== &mdash; WpItem</a></li>
<li><a href="WpItem.html#method-i-3C-3D-3E">#<=> &mdash; WpItem</a></li>
<li><a href="WpUser.html#method-i-3D-3D-3D">#=== &mdash; WpUser</a></li>
<li><a href="WpItem.html#method-i-3D-3D">#== &mdash; WpItem</a></li>
<li><a href="WpItem.html#method-i-3D-3D-3D">#=== &mdash; WpItem</a></li>
<li><a href="WpTheme.html#method-i-3D-3D-3D">#=== &mdash; WpTheme</a></li>
<li><a href="WpUser.html#method-i-3D-3D-3D">#=== &mdash; WpUser</a></li>
<li><a href="Array.html#method-i-_grep_">#_grep_ &mdash; Array</a></li>
<li><a href="Object.html#method-i-add_http_protocol">#add_http_protocol &mdash; Object</a></li>
@@ -237,6 +239,8 @@
<li><a href="CacheFileStore.html#method-i-clean">#clean &mdash; CacheFileStore</a></li>
<li><a href="Object.html#method-i-colorize">#colorize &mdash; Object</a></li>
<li><a href="WpConfigBackup.html#method-i-config_backup">#config_backup &mdash; WpConfigBackup</a></li>
<li><a href="WpTarget.html#method-i-debug_log_url">#debug_log_url &mdash; WpTarget</a></li>
@@ -297,10 +301,14 @@
<li><a href="Generate_List.html#method-i-get_popular_items">#get_popular_items &mdash; Generate_List</a></li>
<li><a href="WpItem.html#method-i-get_sub_folder">#get_sub_folder &mdash; WpItem</a></li>
<li><a href="WpItem.html#method-i-get_url">#get_url &mdash; WpItem</a></li>
<li><a href="WpItem.html#method-i-get_url_without_filename">#get_url_without_filename &mdash; WpItem</a></li>
<li><a href="Object.html#method-i-green">#green &mdash; Object</a></li>
<li><a href="Array.html#method-i-grep">#grep &mdash; Array</a></li>
<li><a href="WpLoginProtection.html#method-i-has_better_wp_security_protection-3F">#has_better_wp_security_protection? &mdash; WpLoginProtection</a></li>
@@ -327,22 +335,22 @@
<li><a href="WpscanOptions.html#method-i-has_options-3F">#has_options? &mdash; WpscanOptions</a></li>
<li><a href="WpReadme.html#method-i-has_readme-3F">#has_readme? &mdash; WpReadme</a></li>
<li><a href="WpItem.html#method-i-has_readme-3F">#has_readme? &mdash; WpItem</a></li>
<li><a href="WpReadme.html#method-i-has_readme-3F">#has_readme? &mdash; WpReadme</a></li>
<li><a href="WpLoginProtection.html#method-i-has_simple_login_lockdown_protection-3F">#has_simple_login_lockdown_protection? &mdash; WpLoginProtection</a></li>
<li><a href="WpTimthumbs.html#method-i-has_timthumbs-3F">#has_timthumbs? &mdash; WpTimthumbs</a></li>
<li><a href="Object.html#method-i-help">#help &mdash; Object</a></li>
<li><a href="SvnUpdater.html#method-i-is_installed-3F">#is_installed? &mdash; SvnUpdater</a></li>
<li><a href="Updater.html#method-i-is_installed-3F">#is_installed? &mdash; Updater</a></li>
<li><a href="GitUpdater.html#method-i-is_installed-3F">#is_installed? &mdash; GitUpdater</a></li>
<li><a href="SvnUpdater.html#method-i-is_installed-3F">#is_installed? &mdash; SvnUpdater</a></li>
<li><a href="WebSite.html#method-i-is_online-3F">#is_online? &mdash; WebSite</a></li>
<li><a href="WebSite.html#method-i-is_wordpress-3F">#is_wordpress? &mdash; WebSite</a></li>
@@ -351,22 +359,22 @@
<li><a href="RpcClient.html#method-i-jobs">#jobs &mdash; RpcClient</a></li>
<li><a href="RpcClient.html#method-i-kill_session">#kill_session &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-i-kill_session">#kill_session &mdash; Exploit</a></li>
<li><a href="RpcClient.html#method-i-kill_session">#kill_session &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-i-last_session_id">#last_session_id &mdash; Exploit</a></li>
<li><a href="WpLoginProtection.html#method-i-limit_login_attempts_url">#limit_login_attempts_url &mdash; WpLoginProtection</a></li>
<li><a href="Browser.html#method-i-load_config">#load_config &mdash; Browser</a></li>
<li><a href="GitUpdater.html#method-i-local_revision_number">#local_revision_number &mdash; GitUpdater</a></li>
<li><a href="Updater.html#method-i-local_revision_number">#local_revision_number &mdash; Updater</a></li>
<li><a href="SvnUpdater.html#method-i-local_revision_number">#local_revision_number &mdash; SvnUpdater</a></li>
<li><a href="GitUpdater.html#method-i-local_revision_number">#local_revision_number &mdash; GitUpdater</a></li>
<li><a href="RpcClient.html#method-i-login">#login &mdash; RpcClient</a></li>
<li><a href="WpLoginProtection.html#method-i-login_protection_plugin">#login_protection_plugin &mdash; WpLoginProtection</a></li>
@@ -385,10 +393,10 @@
<li><a href="Exploit.html#method-i-meterpreter_read">#meterpreter_read &mdash; Exploit</a></li>
<li><a href="Exploit.html#method-i-meterpreter_write">#meterpreter_write &mdash; Exploit</a></li>
<li><a href="RpcClient.html#method-i-meterpreter_write">#meterpreter_write &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-i-meterpreter_write">#meterpreter_write &mdash; Exploit</a></li>
<li><a href="Svn_Parser.html#method-i-parse">#parse &mdash; Svn_Parser</a></li>
<li><a href="WpPlugins.html#method-i-plugins_from_aggressive_detection">#plugins_from_aggressive_detection &mdash; WpPlugins</a></li>
@@ -403,14 +411,16 @@
<li><a href="CacheFileStore.html#method-i-read_entry">#read_entry &mdash; CacheFileStore</a></li>
<li><a href="Exploit.html#method-i-read_shell">#read_shell &mdash; Exploit</a></li>
<li><a href="RpcClient.html#method-i-read_shell">#read_shell &mdash; RpcClient</a></li>
<li><a href="Exploit.html#method-i-read_shell">#read_shell &mdash; Exploit</a></li>
<li><a href="WpReadme.html#method-i-readme_url">#readme_url &mdash; WpReadme</a></li>
<li><a href="WpItem.html#method-i-readme_url">#readme_url &mdash; WpItem</a></li>
<li><a href="Object.html#method-i-red">#red &mdash; Object</a></li>
<li><a href="WebSite.html#method-i-redirection">#redirection &mdash; WebSite</a></li>
<li><a href="WpTarget.html#method-i-registration_enabled-3F">#registration_enabled? &mdash; WpTarget</a></li>
@@ -453,10 +463,10 @@
<li><a href="WpItem.html#method-i-to_s">#to_s &mdash; WpItem</a></li>
<li><a href="Updater.html#method-i-update">#update &mdash; Updater</a></li>
<li><a href="SvnUpdater.html#method-i-update">#update &mdash; SvnUpdater</a></li>
<li><a href="Updater.html#method-i-update">#update &mdash; Updater</a></li>
<li><a href="GitUpdater.html#method-i-update">#update &mdash; GitUpdater</a></li>
<li><a href="WpTarget.html#method-i-url">#url &mdash; WpTarget</a></li>
@@ -471,10 +481,10 @@
<li><a href="WpUsernames.html#method-i-usernames">#usernames &mdash; WpUsernames</a></li>
<li><a href="WpTarget.html#method-i-version">#version &mdash; WpTarget</a></li>
<li><a href="WpItem.html#method-i-version">#version &mdash; WpItem</a></li>
<li><a href="WpTarget.html#method-i-version">#version &mdash; WpTarget</a></li>
<li><a href="Vulnerable.html#method-i-vulnerabilities">#vulnerabilities &mdash; Vulnerable</a></li>
<li><a href="WpscanOptions.html#method-i-wordlist-3D">#wordlist= &mdash; WpscanOptions</a></li>

2
doc/lib/browser_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-16 15:18:58 +0200</dd>
<dd class="modified-date">2012-09-22 15:51:15 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/cache_file_store_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-15 08:04:03 +0200</dd>
<dd class="modified-date">2012-09-22 15:00:03 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/common_helper_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 19:02:49 +0200</dd>
<dd class="modified-date">2012-09-22 16:08:50 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/environment_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-20 22:12:57 +0200</dd>
<dd class="modified-date">2012-09-22 09:22:22 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/updater/svn_updater_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-15 08:00:34 +0200</dd>
<dd class="modified-date">2012-09-22 15:04:12 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/exploit_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-15 08:02:16 +0200</dd>
<dd class="modified-date">2012-09-21 23:23:55 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/modules/brute_force_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 20:51:52 +0200</dd>
<dd class="modified-date">2012-09-22 00:10:17 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/modules/malwares_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-20 22:23:58 +0200</dd>
<dd class="modified-date">2012-09-22 15:01:32 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/modules/web_site_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-19 21:33:46 +0200</dd>
<dd class="modified-date">2012-09-22 16:18:55 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/modules/wp_config_backup_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-15 08:01:11 +0200</dd>
<dd class="modified-date">2012-09-22 15:01:32 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/modules/wp_plugins_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dd class="modified-date">2012-09-22 21:05:32 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/modules/wp_timthumbs_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-19 15:03:22 +0200</dd>
<dd class="modified-date">2012-09-22 23:24:13 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/modules/wp_usernames_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 18:48:29 +0200</dd>
<dd class="modified-date">2012-09-22 15:01:32 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/msfrpc_client_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-15 08:02:28 +0200</dd>
<dd class="modified-date">2012-09-21 23:32:27 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/vulnerable_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-19 22:21:47 +0200</dd>
<dd class="modified-date">2012-09-22 21:23:01 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_detector_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dd class="modified-date">2012-09-22 21:23:10 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_enumerator_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dd class="modified-date">2012-09-22 23:22:53 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_options_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dd class="modified-date">2012-09-22 20:33:35 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_plugin_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dd class="modified-date">2012-09-22 21:24:14 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_target_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-20 22:16:44 +0200</dd>
<dd class="modified-date">2012-09-22 23:47:42 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_theme_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 15:27:28 +0200</dd>
<dd class="modified-date">2012-09-22 21:24:57 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_version_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-19 21:33:07 +0200</dd>
<dd class="modified-date">2012-09-22 21:25:11 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wp_vulnerability_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-15 08:03:09 +0200</dd>
<dd class="modified-date">2012-09-22 16:11:58 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpscan/wpscan_options_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 22:04:11 +0200</dd>
<dd class="modified-date">2012-09-22 15:01:32 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpstools/generate_list_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-15 08:03:43 +0200</dd>
<dd class="modified-date">2012-09-22 16:10:07 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpstools/parse_svn_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-15 23:36:25 +0200</dd>
<dd class="modified-date">2012-09-22 16:10:30 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/lib/wpstools/wpstools_helper_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-15 08:03:49 +0200</dd>
<dd class="modified-date">2012-09-22 15:00:03 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/wpscan_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-21 18:13:48 +0200</dd>
<dd class="modified-date">2012-09-22 23:46:46 +0200</dd>
<dt class="requires">Requires</dt>

2
doc/wpstools_rb.html
View File

@@ -24,7 +24,7 @@
<div id="metadata">
<dl>
<dt class="modified-date">Last Modified</dt>
<dd class="modified-date">2012-09-15 08:06:35 +0200</dd>
<dd class="modified-date">2012-09-22 14:59:30 +0200</dd>
<dt class="requires">Requires</dt>

20
lib/wpscan/modules/wp_plugins.rb
View File

@@ -31,10 +31,12 @@ module WpPlugins
plugins = []
result.each do |r|
plugins << WpPlugin.new(
:url => r[:url],
:path => r[:path],
:wp_content_dir => r[:wp_content_dir],
:name => r[:name]
:url => r.url,
:path => r.path,
:wp_content_dir => r.wp_content_dir,
:name => r.name,
:type => "plugins",
:wp_plugins_dir => r.wp_plugin_dir
)
end
plugins.sort_by { |p| p.name }
@@ -52,10 +54,12 @@ module WpPlugins
temp.each do |item|
plugins << WpPlugin.new(
:url => item[:url],
:name => item[:name],
:path => item[:path],
:wp_content_dir => options[:wp_content_dir]
:url => item.url,
:name => item.name,
:path => item.path,
:wp_content_dir => options[:wp_content_dir],
:type => "plugins",
:wp_plugins_dir => options[:wp_plugin_dir]
)
end
plugins.sort_by { |p| p.name }

17
lib/wpscan/modules/wp_themes.rb
View File

@@ -20,7 +20,8 @@ module WpThemes
def themes_from_aggressive_detection(options)
options[:file] = options[:file] || "#{DATA_DIR}/themes.txt"
options[:vulns_file] = options[:vulns_file] || "#{DATA_DIR}/wp_theme_vulns.xml"
options[:vulns_file] = (options[:vulns_file] != nil and options[:vulns_file] != "") ?
options[:vulns_file] : DATA_DIR + "/wp_theme_vulns.xml"
options[:vulns_xpath] = "//theme[@name='#{@name}']/vulnerability"
options[:vulns_xpath_2] = "//theme"
options[:type] = "themes"
@@ -28,10 +29,10 @@ module WpThemes
themes = []
result.each do |r|
themes << WpTheme.new(
:url => r[:url],
:path => r[:path],
:wp_content_dir => r[:wp_content_dir],
:name => r[:name]
:url => r.url,
:path => r.path,
:wp_content_dir => r.wp_content_dir,
:name => r.name
)
end
themes.sort_by { |t| t.name }
@@ -43,9 +44,9 @@ module WpThemes
temp.each do |item|
themes << WpTheme.new(
:url => item[:url],
:name => item[:name],
:path => item[:path],
:url => item.url,
:name => item.name,
:path => item.path,
:wp_content_dir => options[:wp_content_dir]
)
end

9
lib/wpscan/modules/wp_timthumbs.rb
View File

@@ -54,12 +54,15 @@ module WpTimthumbs
timthumb.php lib/timthumb.php inc/timthumb.php includes/timthumb.php
scripts/timthumb.php tools/timthumb.php functions/timthumb.php
}.each do |file|
targets << {
targets << WpItem.new(
:url => options[:url],
:path => "themes/#{theme_name}/#{file}",
:wp_content_dir => options[:wp_content_dir],
:name => options[:name]
}
:name => theme_name,
:vulns_file => "XX",
:type => "timthumbs",
:wp_plugins_dir => options[:wp_plugins_dir]
)
end
targets
end

4
lib/wpscan/vulnerable.rb
View File

@@ -18,13 +18,13 @@
class Vulnerable
attr_reader :vulns_xml, :vulns_xpath
attr_reader :vulns_file, :vulns_xpath
# @return an array of WpVulnerability (can be empty)
def vulnerabilities
vulnerabilities = []
xml = Nokogiri::XML(File.open(@vulns_xml)) do |config|
xml = Nokogiri::XML(File.open(@vulns_file)) do |config|
config.noblanks
end

12
lib/wpscan/wp_detector.rb
View File

@@ -31,7 +31,7 @@ class WpDetector
already_present = false
result.each do |r|
# Already found via passive detection
if r[:name] == enum_result[:name]
if r.name == enum_result.name
already_present = true
break
end
@@ -60,12 +60,14 @@ class WpDetector
names.uniq!
names.each do |item|
items << {
items << WpItem.new(
:url => url,
:name => item,
:path => "#{type}/#{item}/",
:wp_content_dir => wp_content_dir
}
:type => type,
:path => "#{item}/",
:wp_content_dir => wp_content_dir,
:vulns_file => ""
)
end
items
end

31
lib/wpscan/wp_enumerator.rb
View File

@@ -50,11 +50,7 @@ class WpEnumerator
enumerate_size = targets.size
targets.each do |target|
# Timthumb files have no /timthumbs/ directory
unless options[:type] =~ /timthumbs/i
target[:path] = "#{options[:type]}/#{target[:path]}"
end
url = "#{target[:url]}#{target[:wp_content_dir]}/#{target[:path]}"
url = target.get_url
request = enum_browser.forge_request(url, { :cache_timeout => 0, :follow_location => true })
request_count += 1
@@ -92,18 +88,22 @@ class WpEnumerator
wp_content_dir = options[:wp_content_dir]
url = options[:url]
type = options[:type]
plugins_dir = options[:wp_plugins_dir]
targets_url = []
unless only_vulnerable
# Open and parse the 'most popular' plugin list...
File.open(file, 'r') do |f|
File.open(file, "r") do |f|
f.readlines.collect do |line|
targets_url << {
targets_url << WpItem.new(
:url => url,
:path => line.strip,
:wp_content_dir => wp_content_dir,
:name => File.dirname(line.strip)
}
:name => File.dirname(line.strip),
:vulns_file => vulns_file,
:type => type,
:wp_plugins_dir => plugins_dir
)
end
end
end
@@ -117,17 +117,20 @@ class WpEnumerator
# We check if the plugin name from the plugin_vulns_file is already in targets, otherwise we add it
xml.xpath(options[:vulns_xpath_2]).each do |node|
name = node.attribute("name").text
targets_url << {
targets_url << WpItem.new(
:url => url,
:path => name,
:wp_content_dir => wp_content_dir,
:name => name
}
:name => name,
:vulns_file => vulns_file,
:type => type,
:wp_plugins_dir => plugins_dir
)
end
end
targets_url.flatten!
targets_url.uniq!
targets_url.flatten! { |t| t.name }
targets_url.uniq! { |t| t.name }
# randomize the plugins array to *maybe* help in some crappy IDS/IPS/WAF detection
targets_url.sort_by! { rand }
end

36
lib/wpscan/wp_item.rb
View File

@@ -19,22 +19,40 @@
require "#{WPSCAN_LIB_DIR}/vulnerable"
class WpItem < Vulnerable
attr_accessor :path, :url, :wp_content_dir, :name, :vulns_xml, :vulns_xpath
attr_accessor :path, :url, :wp_content_dir, :name, :vulns_file, :vulns_xpath, :wp_plugin_dir, :type
@version = nil
def initialize(options = {})
def initialize(options)
@type = options[:type]
@wp_content_dir = options[:wp_content_dir] || "wp-content"
@wp_plugin_dir = options[:wp_plugins_dir] || "plugins"
@url = options[:url]
@path = options[:path]
@name = options[:name] || extract_name_from_url
@vulns_xml = options[:vulns_xml]
@vulns_xpath = options[:vulns_xpath].sub(/\$name\$/, @name)
@vulns_file = options[:vulns_file]
@vulns_xpath = options[:vulns_xpath].sub(/\$name\$/, @name) unless options[:vulns_xpath] == nil
raise("url not set") unless @url
raise("path not set") unless @path
raise("wp_content_dir not set") unless @wp_content_dir
raise("name not set") unless @name
raise("vulns_xml not set") unless @vulns_xml
raise("vulns_file not set") unless @vulns_file
raise("type not set") unless @type
end
def get_sub_folder
case @type
when "plugins"
folder = @wp_plugin_dir
when "themes"
folder = "themes"
when "timthumbs"
# not needed
folder = nil
else
raise("unknown type #@type")
end
folder
end
# Get the full url for this item
@@ -44,7 +62,13 @@ class WpItem < Vulnerable
wp_content_dir = @wp_content_dir.sub(/^\//, "").sub(/\/$/, "")
# remove first /
path = @path.sub(/^\//, "")
URI.parse("#{url}#{wp_content_dir}/#{path}")
if type == "timthumbs"
# timthumbs have folder in path variable
ret = URI.parse("#{url}#{wp_content_dir}/#{path}")
else
ret = URI.parse("#{url}#{wp_content_dir}/#{get_sub_folder}/#{path}")
end
ret
end
# Gets the full url for this item without filenames

3
lib/wpscan/wp_plugin.rb
View File

@@ -18,7 +18,8 @@
class WpPlugin < WpItem
def initialize(options = {})
options[:vulns_xml] = options[:vulns_xml] || DATA_DIR + '/plugin_vulns.xml'
options[:vulns_file] = (options[:vulns_file] != nil and options[:vulns_file] != "") ?
options[:vulns_file] : DATA_DIR + "/plugin_vulns.xml"
options[:vulns_xpath] = "//plugin[@name='$name$']/vulnerability"
options[:vulns_xpath_2] = "//plugin"
options[:type] = "plugins"

2
lib/wpscan/wp_target.rb
View File

@@ -104,7 +104,7 @@ class WpTarget
def wp_plugins_dir
unless @wp_plugins_dir
@wp_plugins_dir = wp_content_dir() + "/plugins"
@wp_plugins_dir = "plugins"
end
@wp_plugins_dir
end

4
lib/wpscan/wp_theme.rb
View File

@@ -23,8 +23,10 @@ class WpTheme < WpItem
attr_reader :name, :style_url, :version
def initialize(options = {})
options[:vulns_xml] = options[:vulns_xml] || DATA_DIR + '/wp_theme_vulns.xml'
options[:vulns_file] = (options[:vulns_file] != nil and options[:vulns_file] != "") ?
options[:vulns_file] : DATA_DIR + "/wp_theme_vulns.xml"
options[:vulns_xpath] = "//theme[@name='$name$']/vulnerability"
options[:type] = "themes"
@version = options[:version]
@style_url = options[:style_url]
super(options)

2
lib/wpscan/wp_version.rb
View File

@@ -25,7 +25,7 @@ class WpVersion < Vulnerable
def initialize(number, options = {})
@number = number
@discovery_method = options[:discovery_method]
@vulns_xml = options[:vulns_xml] || DATA_DIR + '/wp_vulns.xml'
@vulns_file = options[:vulns_file] || DATA_DIR + '/wp_vulns.xml'
@vulns_xpath = "//wordpress[@version='#{@number}']/vulnerability"
end

12
spec/lib/wpscan/modules/wp_plugins_spec.rb
View File

@@ -44,27 +44,27 @@ shared_examples_for "WpPlugins" do
File.exist?(@plugin_vulns_file).should == true
File.exist?(@plugins_file).should == true
@targets = [WpPlugin.new({:url => "http://example.localhost/",
:path => "plugins/exclude-pages/exclude_pages.php",
:path => "exclude-pages/exclude_pages.php",
:wp_content_dir => "wp-content",
:name => "exclude-pages"}),
WpPlugin.new({:url => "http://example.localhost/",
:path => "plugins/display-widgets/display-widgets.php",
:path => "display-widgets/display-widgets.php",
:wp_content_dir => "wp-content",
:name => "display-widgets"}),
WpPlugin.new({:url => "http://example.localhost/",
:path => "plugins/media-library",
:path => "media-library",
:wp_content_dir => "wp-content",
:name => "media-library"}),
WpPlugin.new({:url => "http://example.localhost/",
:path => "plugins/deans",
:path => "deans",
:wp_content_dir => "wp-content",
:name => "deans"}),
WpPlugin.new({:url => "http://example.localhost/",
:path => "plugins/formidable/formidable.php",
:path => "formidable/formidable.php",
:wp_content_dir => "wp-content",
:name => "formidable"}),
WpPlugin.new({:url => "http://example.localhost/",
:path => "plugins/regenerate-thumbnails/readme.txt",
:path => "regenerate-thumbnails/readme.txt",
:wp_content_dir => "wp-content",
:name => "regenerate-thumbnails"})]
end

26
spec/lib/wpscan/modules/wp_themes_spec.rb
View File

@@ -44,55 +44,55 @@ shared_examples_for "WpThemes" do
File.exist?(@theme_vulns_file).should == true
File.exist?(@themes_file).should == true
@targets = [WpTheme.new({:url => "http://example.localhost/",
:path => "themes/zenpro/404.php",
:path => "zenpro/404.php",
:wp_content_dir => "wp-content",
:name => "zenpro"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/zeta-zip/404.php",
:path => "zeta-zip/404.php",
:wp_content_dir => "wp-content",
:name => "zeta-zip"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/zfirst/404.php",
:path => "zfirst/404.php",
:wp_content_dir => "wp-content",
:name => "zfirst"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/zgrey/404.php",
:path => "zgrey/404.php",
:wp_content_dir => "wp-content",
:name => "zgrey"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/zindi-ii/404.php",
:path => "zindi-ii/404.php",
:wp_content_dir => "wp-content",
:name => "zindi-ii"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/zindi/404.php",
:path => "zindi/404.php",
:wp_content_dir => "wp-content",
:name => "zindi"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/zombie-apocalypse/404.php",
:path => "zombie-apocalypse/404.php",
:wp_content_dir => "wp-content",
:name => "zombie-apocalypse"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/zsofa/404.php",
:path => "zsofa/404.php",
:wp_content_dir => "wp-content",
:name => "zsofa"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/zwei-seiten/404.php",
:path => "zwei-seiten/404.php",
:wp_content_dir => "wp-content",
:name => "zwei-seiten"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/twentyten/404.php",
:path => "twentyten/404.php",
:wp_content_dir => "wp-content",
:name => "twentyten"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/shopperpress",
:path => "shopperpress",
:wp_content_dir => "wp-content",
:name => "shopperpress"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/wise",
:path => "wise",
:wp_content_dir => "wp-content",
:name => "wise"}),
WpTheme.new({:url => "http://example.localhost/",
:path => "themes/webfolio",
:path => "webfolio",
:wp_content_dir => "wp-content",
:name => "webfolio"})]
end

12
spec/lib/wpscan/modules/wp_timthumbs_spec.rb
View File

@@ -28,6 +28,8 @@ shared_examples_for "WpTimthumbs" do
@options[:error_404_hash] = "xx"
@options[:show_progress_bar] = false
@options[:only_vulnerable_ones] = false
@options[:vulns_file] = "xx"
@options[:type] = "timthumbs"
@module = WpScanModuleSpec.new(@url)
@fixtures_dir = SPEC_FIXTURES_WPSCAN_MODULES_DIR + "/wp_timthumbs"
@timthumbs_file = @fixtures_dir + "/timthumbs.txt"
@@ -58,8 +60,7 @@ shared_examples_for "WpTimthumbs" do
targets.length.should > 0
temp = []
targets.each do |t|
url = "#{t[:url]}#{t[:wp_content_dir]}/#{t[:path]}"
temp << url
temp << t.get_url.to_s
end
temp.sort.should === @targets_from_theme.sort
end
@@ -68,8 +69,6 @@ shared_examples_for "WpTimthumbs" do
describe "#timthumbs and #has_timthumbs?" do
before :each do
@options[:file] = @timthumbs_file
@options[:vulns_file] = "xxx"
@options[:type] = "timthumbs"
@targets_from_file.each do |url|
stub_request(:get, url).to_return(:status => 404)
end
@@ -92,7 +91,7 @@ shared_examples_for "WpTimthumbs" do
urls = []
urls_hash = WpEnumerator.generate_items(@options)
urls_hash.each do |u|
url = "#{u[:url]}#{u[:wp_content_dir]}/#{u[:path]}"
url = u.get_url.to_s
urls << url
stub_request(:get, url).to_return(:status => 404)
end
@@ -107,8 +106,7 @@ shared_examples_for "WpTimthumbs" do
temp = []
timthumbs.each do |t|
url = "#{t[:url]}#{t[:wp_content_dir]}/#{t[:path]}"
temp << url
temp << t.get_url.to_s
end
temp.sort.should === expected.sort
@module.has_timthumbs?(nil).should be_true

122
spec/lib/wpscan/wp_item_spec.rb
View File

@@ -21,10 +21,11 @@ require File.expand_path(File.dirname(__FILE__) + '/wpscan_helper')
describe WpPlugin do
before :each do
@instance = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "plugins/test/asdf.php",
:vulns_xml => "XXX.xml",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX"
:vulns_xpath => "XX",
:type => "plugins"
)
end
@@ -32,7 +33,7 @@ describe WpPlugin do
it "should create a correct instance" do
@instance.wp_content_dir.should == "wp-content"
@instance.url.should == "http://sub.example.com/path/to/wordpress/"
@instance.path.should == "plugins/test/asdf.php"
@instance.path.should == "test/asdf.php"
end
end
@@ -43,13 +44,15 @@ describe WpPlugin do
it "should return the correct url (custom wp_content_dir)" do
@instance.wp_content_dir = "custom"
@instance.type = "plugins"
@instance.get_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/asdf.php"
end
it "should trim / and add missing / before concatenating url" do
@instance.wp_content_dir = "/custom/"
@instance.url = "http://sub.example.com/path/to/wordpress"
@instance.path = "plugins/test/asdf.php"
@instance.path = "test/asdf.php"
@instance.type = "plugins"
@instance.get_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/asdf.php"
end
end
@@ -67,12 +70,14 @@ describe WpPlugin do
it "should trim / and add missing / before concatenating url" do
@instance.wp_content_dir = "/custom/"
@instance.url = "http://sub.example.com/path/to/wordpress"
@instance.path = "plugins/test/asdf.php"
@instance.path = "test/asdf.php"
@instance.type = "plugins"
@instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/"
end
it "should not remove the last foldername" do
@instance.path = "plugins/test/"
@instance.path = "test/"
@instance.type = "plugins"
@instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/"
end
@@ -82,7 +87,8 @@ describe WpPlugin do
end
it "should add the last slash if it's not present" do
@instance.path = "plugins/test-one"
@instance.path = "test-one"
@instance.type = "plugins"
@instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test-one/"
end
end
@@ -145,17 +151,20 @@ describe WpPlugin do
it "should extract the correct name" do
@instance.wp_content_dir = "/custom/"
@instance.url = "http://sub.example.com/path/to/wordpress"
@instance.path = "plugins/test2/asdf.php"
@instance.path = "test2/asdf.php"
@instance.type = "plugins"
@instance.extract_name_from_url.should == "test2"
end
it "should extract the correct plugin name" do
@instance.path = "plugins/testplugin/"
@instance.path = "testplugin/"
@instance.type = "plugins"
@instance.extract_name_from_url.should == "testplugin"
end
it "should extract the correct theme name" do
@instance.path = "themes/testtheme/"
@instance.path = "testtheme/"
@instance.type = "plugins"
@instance.extract_name_from_url.should == "testtheme"
end
end
@@ -175,8 +184,9 @@ describe WpPlugin do
describe "#==" do
it "should return false" do
instance2 = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "plugins/newname/asdf.php",
:vulns_xml => "XXX.xml",
:path => "newname/asdf.php",
:type => "plugins",
:vulns_file => "XXX.xml",
:vulns_xpath => "XX"
)
(@instance==instance2).should == false
@@ -184,14 +194,82 @@ describe WpPlugin do
it "should return true" do
instance2 = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "plugins/test/asdf.php",
:vulns_xml => "XXX.xml",
:path => "test/asdf.php",
:type => "plugins",
:vulns_file => "XXX.xml",
:vulns_xpath => "XX"
)
(@instance==instance2).should == true
end
end
describe "#get_sub_folder" do
it "should return plugins" do
item = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:wp_content_dir => "wp-content",
:wp_plugins_dir => "plugins",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
item.get_sub_folder.should == "plugins"
end
it "should return custom-plugins" do
item = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:wp_content_dir => "wp-content",
:wp_plugins_dir => "custom-plugins",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
item.get_sub_folder.should == "custom-plugins"
end
it "should return themes" do
item = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:wp_content_dir => "wp-content",
:wp_plugins_dir => "plugins",
:name => "test",
:vulns_xpath => "XX",
:type => "themes"
)
item.get_sub_folder.should == "themes"
end
it "should return nil" do
item = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:wp_content_dir => "wp-content",
:wp_plugins_dir => "plugins",
:name => "test",
:vulns_xpath => "XX",
:type => "timthumbs"
)
item.get_sub_folder.should == nil
end
it "should raise an exception" do
item = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:wp_content_dir => "wp-content",
:wp_plugins_dir => "plugins",
:name => "test",
:vulns_xpath => "XX",
:type => "type"
)
expect { item.get_sub_folder }.to raise_error(RuntimeError, "unknown type type")
end
end
describe "#readme_url" do
it "should return the corrent plugin readme url" do
@instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/readme.txt"
@@ -199,17 +277,20 @@ describe WpPlugin do
it "should return the corrent plugin readme url (custom wp_content)" do
@instance.wp_content_dir = "custom"
@instance.type = "plugins"
@instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/readme.txt"
end
it "should return the corrent theme readme url" do
@instance.path = "themes/test/asdf.php"
@instance.path = "test/asdf.php"
@instance.type = "themes"
@instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/themes/test/readme.txt"
end
it "should return the corrent theme readme url (custom wp_content)" do
@instance.wp_content_dir = "custom"
@instance.path = "themes/test/asdf.php"
@instance.path = "test/asdf.php"
@instance.type = "themes"
@instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/themes/test/readme.txt"
end
end
@@ -221,17 +302,20 @@ describe WpPlugin do
it "should return the corrent plugin changelog url (custom wp_content)" do
@instance.wp_content_dir = "custom"
@instance.type = "plugins"
@instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/changelog.txt"
end
it "should return the corrent theme changelog url" do
@instance.path = "themes/test/asdf.php"
@instance.path = "test/asdf.php"
@instance.type = "themes"
@instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/themes/test/changelog.txt"
end
it "should return the corrent theme changelog url (custom wp_content)" do
@instance.wp_content_dir = "custom"
@instance.path = "themes/test/asdf.php"
@instance.path = "test/asdf.php"
@instance.type = "themes"
@instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/themes/test/changelog.txt"
end
end

4
spec/lib/wpscan/wp_plugin_spec.rb
View File

@@ -44,7 +44,7 @@ describe WpPlugin do
describe "#error_log_url" do
it "should return a correct url" do
temp = WpPlugin.new(:url => "http://wordpress.com",
:path => "plugins/test/asdf.php")
:path => "test/asdf.php")
temp.error_log_url.to_s.should == "http://wordpress.com/wp-content/plugins/test/error_log"
end
end
@@ -52,7 +52,7 @@ describe WpPlugin do
describe "#error_log?" do
before :each do
@temp = WpPlugin.new(:url => "http://wordpress.com",
:path => "plugins/test/asdf.php")
:path => "test/asdf.php")
end
it "should return true" do

7
spec/lib/wpscan/wp_target_spec.rb
View File

@@ -26,7 +26,8 @@ describe WpTarget do
{
:config_file => SPEC_FIXTURES_CONF_DIR + '/browser/browser.conf.json',
:cache_timeout => 0,
:wp_plugins_dir => "wp-content/plugins"
:wp_content_dir => "wp-content",
:wp_plugins_dir => "plugins"
}
@wp_target = WpTarget.new("http://example.localhost/", @options)
end
@@ -162,9 +163,9 @@ describe WpTarget do
@expected = "custom-plugins"
end
it "should return 'wp-content/plugins'" do
it "should return 'plugins'" do
@stub_value = "wp-content"
@expected = "wp-content/plugins"
@expected = "plugins"
end
end

16
spec/lib/wpscan/wp_theme_spec.rb
View File

@@ -181,12 +181,12 @@ describe WpTheme do
it "should return false (name not equal)" do
instance = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/name/asdf.php",
:vulns_xml => "XXX.xml",
:vulns_file => "XXX.xml",
:version => "1.0"
)
instance2 = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/newname/asdf.php",
:vulns_xml => "XXX.xml",
:vulns_file => "XXX.xml",
:version => "1.0"
)
(instance===instance2).should == false
@@ -195,12 +195,12 @@ describe WpTheme do
it "should return false (version not equal)" do
instance = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/name/asdf.php",
:vulns_xml => "XXX.xml",
:vulns_file => "XXX.xml",
:version => "1.0"
)
instance2 = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/name/asdf.php",
:vulns_xml => "XXX.xml",
:vulns_file => "XXX.xml",
:version => "2.0"
)
(instance===instance2).should == false
@@ -209,12 +209,12 @@ describe WpTheme do
it "should return false (version and name not equal)" do
instance = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/name/asdf.php",
:vulns_xml => "XXX.xml",
:vulns_file => "XXX.xml",
:version => "1.0"
)
instance2 = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/newname/asdf.php",
:vulns_xml => "XXX.xml",
:vulns_file => "XXX.xml",
:version => "2.0"
)
(instance===instance2).should == false
@@ -223,12 +223,12 @@ describe WpTheme do
it "should return true" do
instance = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/test/asdf.php",
:vulns_xml => "XXX.xml",
:vulns_file => "XXX.xml",
:version => "1.0"
)
instance2 = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/test/asdf.php",
:vulns_xml => "XXX.xml",
:vulns_file => "XXX.xml",
:version => "1.0"
)
(instance===instance2).should == true

2
spec/lib/wpscan/wp_version_spec.rb
View File

@@ -154,7 +154,7 @@ describe WpVersion do
describe "#initialize" do
it "should initialize a WpVersion object" do
v = WpVersion.new(1, {:discovery_method => "method", :vulns_xml => "asdf.xml"})
v = WpVersion.new(1, {:discovery_method => "method", :vulns_file => "asdf.xml"})
v.number.should == 1
v.discovery_method.should == "method"
end

6
spec/lib/wpscan/wp_vulnerability_spec.rb
View File

@@ -3,11 +3,11 @@
describe "#vulnerabilities" do
let(:location_url) { "http://example.localhost/" }
let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_PLUGIN_DIR + "/vulnerabilities" }
let(:vulns_xml) { fixtures_dir + "/plugin_vulns.xml" }
let(:vulns_file) { fixtures_dir + "/plugin_vulns.xml" }
let(:wp_plugin) { WpPlugin.new(:url => location_url,
:name => "spec-plugin",
:path => "plugins/spec-plugin/",
:vulns_xml => vulns_xml)
:vulns_file => vulns_file)
}
@@ -15,7 +15,7 @@ describe "#vulnerabilities" do
WpPlugin.new(:url => "http://example.localhost/",
:name => "no-vulns",
:path => "plugins/no-vulns/",
:vulns_xml => vulns_xml).vulnerabilities.should be_empty
:vulns_file => vulns_file).vulnerabilities.should be_empty
end
it "should return an arry with 2 vulnerabilities" do

5
wpscan.rb
View File

@@ -119,7 +119,7 @@ begin
end
wp_target.config_backup.each do |file_url|
puts red("[!]") + " A wp-config.php backup file has been found '#{file_url}'"
puts red("[!] A wp-config.php backup file has been found '#{file_url}'")
end
if wp_target.has_malwares?
@@ -186,6 +186,7 @@ begin
options[:show_progress_bar] = true
options[:wp_content_dir] = wp_target.wp_content_dir
options[:error_404_hash] = wp_target.error_404_hash
options[:wp_plugins_dir] = wp_target.wp_plugins_dir
plugins = wp_target.plugins_from_aggressive_detection(options)
unless plugins.empty?
@@ -295,7 +296,7 @@ begin
puts
timthumbs.each do |t|
puts " | " + red("[!]") + " #{t[:url]}#{t[:wp_content_dir]}/#{t[:path]}"
puts " | " + red("[!]") + " #{t.get_url.to_s}"
end
puts
puts red(" * Reference: http://www.exploit-db.com/exploits/17602/")