From a87a261b80eb9153f5e4e469b7167a6d10a408db Mon Sep 17 00:00:00 2001 From: Peter Date: Fri, 2 May 2014 15:31:09 +0200 Subject: [PATCH] Markup the command help --- lib/wpscan/wpscan_helper.rb | 57 +++++++++++++++++++------------------ 1 file changed, 30 insertions(+), 27 deletions(-) diff --git a/lib/wpscan/wpscan_helper.rb b/lib/wpscan/wpscan_helper.rb index 19ab0d2c..4103152d 100644 --- a/lib/wpscan/wpscan_helper.rb +++ b/lib/wpscan/wpscan_helper.rb @@ -62,10 +62,10 @@ def help puts puts 'Some values are settable in a config file, see the example.conf.json' puts - puts '--update Update to the latest revision' - puts '--url | -u The WordPress URL/domain to scan.' - puts '--force | -f Forces WPScan to not check if the remote site is running WordPress.' - puts '--enumerate | -e [option(s)] Enumeration.' + puts '--update Update to the latest revision.' + puts '--url | -u The WordPress URL/domain to scan.' + puts '--force | -f Forces WPScan to not check if the remote site is running WordPress.' + puts '--enumerate | -e [option(s)] Enumeration.' puts ' option :' puts ' u usernames from id 1 to 10' puts ' u[10-20] usernames from id 10 to 20 (you must write [] chars)' @@ -79,28 +79,31 @@ def help puts ' Multiple values are allowed : "-e tt,p" will enumerate timthumbs and plugins' puts ' If no option is supplied, the default is "vt,tt,u,vp"' puts - puts '--exclude-content-based "" Used with the enumeration option, will exclude all occurrences based on the regexp or string supplied' - puts ' You do not need to provide the regexp delimiters, but you must write the quotes (simple or double)' - puts '--config-file | -c Use the specified config file, see the example.conf.json' - puts '--user-agent | -a Use the specified User-Agent' - puts '--random-agent | -r Use a random User-Agent' - puts '--follow-redirection If the target url has a redirection, it will be followed without asking if you wanted to do so or not' - puts '--wp-content-dir WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specified it. Subdirectories are allowed' - puts '--wp-plugins-dir Same thing than --wp-content-dir but for the plugins directory. If not supplied, WPScan will use wp-content-dir/plugins. Subdirectories are allowed' - puts '--proxy <[protocol://]host:port> Supply a proxy.' - puts ' HTTP, SOCKS4 SOCKS4A and SOCKS5 are supported. If no protocol is given (format host:port), HTTP will be used' - puts '--proxy-auth Supply the proxy login credentials.' - puts '--basic-auth Set the HTTP Basic authentication' - puts '--wordlist | -w Supply a wordlist for the password bruter and do the brute.' - puts '--threads | -t The number of threads to use when multi-threading requests.' - puts '--username | -U Only brute force the supplied username.' - puts '--cache-ttl Typhoeus cache TTL.' - puts '--request-timeout Request Timeout.' - puts '--connect-timeout Connect Timeout.' - puts '--max-threads Maximum Threads.' - puts '--help | -h This help screen.' - puts '--verbose | -v Verbose output.' - puts '--batch Never ask for user input, use the default behaviour.' - puts '--no-color Do not use colors in the output.' + puts '--exclude-content-based ""' + puts ' Used with the enumeration option, will exclude all occurrences based on the regexp or string supplied.' + puts ' You do not need to provide the regexp delimiters, but you must write the quotes (simple or double).' + puts '--config-file | -c Use the specified config file, see the example.conf.json.' + puts '--user-agent | -a Use the specified User-Agent.' + puts '--random-agent | -r Use a random User-Agent.' + puts '--follow-redirection If the target url has a redirection, it will be followed without asking if you wanted to do so or not' + puts '--batch Never ask for user input, use the default behaviour.' + puts '--no-color Do not use colors in the output.' + puts '--wp-content-dir WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specified it.' + puts ' Subdirectories are allowed.' + puts '--wp-plugins-dir Same thing than --wp-content-dir but for the plugins directory.' + puts ' If not supplied, WPScan will use wp-content-dir/plugins. Subdirectories are allowed' + puts '--proxy <[protocol://]host:port> Supply a proxy. HTTP, SOCKS4 SOCKS4A and SOCKS5 are supported.' + puts ' If no protocol is given (format host:port), HTTP will be used.' + puts '--proxy-auth Supply the proxy login credentials.' + puts '--basic-auth Set the HTTP Basic authentication.' + puts '--wordlist | -w Supply a wordlist for the password bruter and do the brute.' + puts '--username | -U Only brute force the supplied username.' + puts '--threads | -t The number of threads to use when multi-threading requests.' + puts '--cache-ttl Typhoeus cache TTL.' + puts '--request-timeout Request Timeout.' + puts '--connect-timeout Connect Timeout.' + puts '--max-threads Maximum Threads.' + puts '--help | -h This help screen.' + puts '--verbose | -v Verbose output.' puts end