From 3d7b8592ea2362e46cdd3d51da9278e3e742a251 Mon Sep 17 00:00:00 2001 From: Francesco Marano Date: Wed, 3 Jun 2015 15:32:34 +0200 Subject: [PATCH 1/9] Defined function to get last db update and removed redundant code --- lib/common/common_helper.rb | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/lib/common/common_helper.rb b/lib/common/common_helper.rb index f20e7665..0330c21b 100644 --- a/lib/common/common_helper.rb +++ b/lib/common/common_helper.rb @@ -79,10 +79,17 @@ def missing_db_file? false end +def last_update + date = nil + if File.exists?(LAST_UPDATE_FILE) + content = File.read(LAST_UPDATE_FILE) + date = Time.parse(content) rescue nil + end + return date +end + def update_required? - return true unless File.exist?(LAST_UPDATE_FILE) - content = File.read(LAST_UPDATE_FILE) - date = Time.parse(content) rescue Time.parse("2000-01-01") + date = last_update() or Time.parse('2000-01-01') return date < 5.days.ago end From 9c5196dfec374f277ae3a61656caf8d52cf58d6f Mon Sep 17 00:00:00 2001 From: Francesco Marano Date: Wed, 3 Jun 2015 15:33:14 +0200 Subject: [PATCH 2/9] Added last db update to --version option (see #815) --- wpscan.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wpscan.rb b/wpscan.rb index 78fc15c5..69fca753 100755 --- a/wpscan.rb +++ b/wpscan.rb @@ -36,6 +36,8 @@ def main if wpscan_options.version puts "Current version: #{WPSCAN_VERSION}" + date = last_update() + puts "Last db update: #{date.strftime('%Y-%m-%d')}" unless date.nil? exit(0) end From b6bf306042ebf32e2135843b817dc3b07a300d4d Mon Sep 17 00:00:00 2001 From: Francesco Marano Date: Wed, 3 Jun 2015 15:43:58 +0200 Subject: [PATCH 3/9] Removed unnecessary 'return' and '()' --- lib/common/common_helper.rb | 6 +++--- wpscan.rb | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/common/common_helper.rb b/lib/common/common_helper.rb index 0330c21b..03c5f7dd 100644 --- a/lib/common/common_helper.rb +++ b/lib/common/common_helper.rb @@ -85,12 +85,12 @@ def last_update content = File.read(LAST_UPDATE_FILE) date = Time.parse(content) rescue nil end - return date + date end def update_required? - date = last_update() or Time.parse('2000-01-01') - return date < 5.days.ago + date = last_update or Time.parse('2000-01-01') + date < 5.days.ago end # Define colors diff --git a/wpscan.rb b/wpscan.rb index 69fca753..b2128676 100755 --- a/wpscan.rb +++ b/wpscan.rb @@ -36,7 +36,7 @@ def main if wpscan_options.version puts "Current version: #{WPSCAN_VERSION}" - date = last_update() + date = last_update puts "Last db update: #{date.strftime('%Y-%m-%d')}" unless date.nil? exit(0) end From ae5bae98993120bf8fb1f8aea11c1c014dd93081 Mon Sep 17 00:00:00 2001 From: Francesco Marano Date: Wed, 3 Jun 2015 15:52:33 +0200 Subject: [PATCH 4/9] Capitalised 'Last db update' in 'Last DB update' --- wpscan.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wpscan.rb b/wpscan.rb index b2128676..d5fd6294 100755 --- a/wpscan.rb +++ b/wpscan.rb @@ -37,7 +37,7 @@ def main if wpscan_options.version puts "Current version: #{WPSCAN_VERSION}" date = last_update - puts "Last db update: #{date.strftime('%Y-%m-%d')}" unless date.nil? + puts "Last DB update: #{date.strftime('%Y-%m-%d')}" unless date.nil? exit(0) end From 6c8172c7cf1e1c581e1e19a8ed84d95bcfeaa7eb Mon Sep 17 00:00:00 2001 From: Francesco Marano Date: Wed, 3 Jun 2015 16:03:01 +0200 Subject: [PATCH 5/9] Removed `Time.parse('2000-01-01')` expedient --- lib/common/common_helper.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/common/common_helper.rb b/lib/common/common_helper.rb index 03c5f7dd..3027d695 100644 --- a/lib/common/common_helper.rb +++ b/lib/common/common_helper.rb @@ -89,8 +89,8 @@ def last_update end def update_required? - date = last_update or Time.parse('2000-01-01') - date < 5.days.ago + date = last_update + (true if date.nil?) or (date < 5.days.ago) end # Define colors From bdd6b9727d99b57c43f8ba88e95d1f88757f9d64 Mon Sep 17 00:00:00 2001 From: ethicalhack3r Date: Wed, 3 Jun 2015 16:40:04 +0200 Subject: [PATCH 6/9] Dont update if user chooses default + no DBs exist --- wpscan.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/wpscan.rb b/wpscan.rb index 10722a88..10f3b6bd 100755 --- a/wpscan.rb +++ b/wpscan.rb @@ -58,10 +58,13 @@ def main elsif input =~ /^a/i puts 'Scan aborted' exit(1) + else + puts critical('You can not run a scan without any databases.') if missing_db_file? + exit(1) end end - if wpscan_options.update || missing_db_file? + if wpscan_options.update puts notice('Updating the Database ...') DbUpdater.new(DATA_DIR).update(wpscan_options.verbose) puts notice('Update completed.') From 3d6e5b2b9e1778e328f5d8bf199272dbd61dc863 Mon Sep 17 00:00:00 2001 From: ethicalhack3r Date: Wed, 3 Jun 2015 16:42:23 +0200 Subject: [PATCH 7/9] Continue if user chooses not to update + db exists --- wpscan.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/wpscan.rb b/wpscan.rb index 10f3b6bd..a382cf94 100755 --- a/wpscan.rb +++ b/wpscan.rb @@ -59,8 +59,10 @@ def main puts 'Scan aborted' exit(1) else - puts critical('You can not run a scan without any databases.') if missing_db_file? - exit(1) + if missing_db_file? + puts critical('You can not run a scan without any databases.') + exit(1) + end end end From ac3409e3764e91b3a764ab42ac56b8a0605a6507 Mon Sep 17 00:00:00 2001 From: Peter Date: Thu, 18 Jun 2015 21:07:12 +0200 Subject: [PATCH 8/9] Update CHANGELOG --- CHANGELOG.md | 48 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cc600ff5..299c13ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,52 @@ # Changelog ## Master -[Work in progress](https://github.com/wpscanteam/wpscan/compare/2.7...master) +[Work in progress](https://github.com/wpscanteam/wpscan/compare/2.8...master) + +## Version 2.8 +Released: 2015-06-XX + +New +* Warn the user to update his DB files +* Added last db update to --version option (see #815) +* Add db checksum to verbose logging during update +* Option to hide banner +* Continue if user chooses not to update + db exists +* Don't update if user chooses default + no DBs exist +* Updates request timeout values to realistic ones (and in seconds) + +Removed +* Removed `Time.parse('2000-01-01')` expedient +* Removed unnecessary 'return' and '()' +* Removed debug output +* Removed wpstools + +General core +* Update to Ruby 2.2.2 +* Switch to mitre +* Install bundler gem README +* Switch from gnutls to openssl + +Fixed issues +* Fix #789 - Add blackarch to readme +* Fix #790 - Consider the target down after 30 requests timed out requests instead of 10 +* Fix #791 - Rogue character causing the scan of non-wordpress site to crash +* Fix #792 - Adds the HttpError exception +* Fix #795 - Remove GHOST warning +* Fix #796 - Do not swallow exit code +* Fix #797 - Increases the timeout values +* Fix #801 - Forces UTF-8 encoding when enumerating usernames +* Fix #803 - Increases default connect-timeout to 10s +* Fix #804 - Updates the Theme detection pattern +* Fix #816 - Ignores potential non version chars in theme version detection +* Fix #819 - Removes potential spaces in robots.txt entries + +WPScan Database Statistics: +* Total vulnerable versions: 98 +* Total vulnerable plugins: 1076 +* Total vulnerable themes: 361 +* Total version vulnerabilities: 1104 +* Total plugin vulnerabilities: 1763 +* Total theme vulnerabilities: 443 ## Version 2.7 Released: 2015-03-16 From 14115761f9c3a97468aafc0bd04bbce34fe3457c Mon Sep 17 00:00:00 2001 From: erwanlr Date: Thu, 18 Jun 2015 20:48:43 +0100 Subject: [PATCH 9/9] Uses the URI.join to determine the redirection URL - Fix #829 --- lib/wpscan/web_site.rb | 5 +---- spec/lib/wpscan/web_site_spec.rb | 16 ++++++++++++++-- spec/spec_helper.rb | 2 ++ 3 files changed, 17 insertions(+), 6 deletions(-) diff --git a/lib/wpscan/web_site.rb b/lib/wpscan/web_site.rb index 271949eb..bb520c63 100644 --- a/lib/wpscan/web_site.rb +++ b/lib/wpscan/web_site.rb @@ -54,10 +54,7 @@ class WebSite redirected_uri = URI.parse(add_trailing_slash(add_http_protocol(url))) if response.code == 301 || response.code == 302 - redirection = response.headers_hash['location'] - if redirection[0] == '/' - redirection = "#{redirected_uri.scheme}://#{redirected_uri.host}#{redirection}" - end + redirection = redirected_uri.merge(response.headers_hash['location']).to_s return redirection if url == redirection # prevents infinite loop diff --git a/spec/lib/wpscan/web_site_spec.rb b/spec/lib/wpscan/web_site_spec.rb index 83e4168b..7cbb0a70 100644 --- a/spec/lib/wpscan/web_site_spec.rb +++ b/spec/lib/wpscan/web_site_spec.rb @@ -116,12 +116,24 @@ describe 'WebSite' do expect(web_site.redirection).to eql absolute_location end + + context 'when starts with a ?' do + it 'returns the absolute URI' do + relative_location = '?p=blog' + absolute_location = web_site.uri.merge(relative_location).to_s + + stub_request(:get, web_site.url).to_return(status: 301, headers: { location: relative_location }) + stub_request(:get, absolute_location) + + expect(web_site.redirection).to eql absolute_location + end + end end context 'when multiple redirections' do it 'returns the last redirection' do - first_redirection = 'www.redirection.com' - last_redirection = 'redirection.com' + first_redirection = 'http://www.redirection.com' + last_redirection = 'http://redirection.com' stub_request(:get, web_site.url).to_return(status: 301, headers: { location: first_redirection }) stub_request(:get, first_redirection).to_return(status: 302, headers: { location: last_redirection }) diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 9ceffe53..4f2a9df4 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -5,6 +5,8 @@ require 'webmock/rspec' # Code Coverage (only works with ruby >= 1.9) require 'simplecov' if RUBY_VERSION >= '1.9' +RSpec::Expectations.configuration.warn_about_potential_false_positives = false + require File.expand_path(File.dirname(__FILE__) + '/../lib/common/common_helper') SPEC_DIR = ROOT_DIR + '/spec'