From c1074223537c4b03d653d625d10bd458948b206b Mon Sep 17 00:00:00 2001
From: Christian Mehlmauer <firefart@gmail.com>
Date: Sun, 8 Dec 2013 00:52:07 +0100
Subject: [PATCH] verbose output

---
 dev/pre-commit-hook.rb                    |  2 +-
 lib/common/common_helper.rb               |  7 +++++++
 lib/common/models/vulnerability/output.rb |  2 +-
 lib/common/models/wp_item/output.rb       |  4 ++--
 lib/common/models/wp_theme/info.rb        |  2 +-
 lib/common/models/wp_theme/output.rb      | 14 ++++++++------
 lib/common/models/wp_timthumb/output.rb   |  2 +-
 lib/common/models/wp_version/output.rb    |  2 +-
 wpscan.rb                                 | 14 +++++++-------
 9 files changed, 29 insertions(+), 20 deletions(-)

diff --git a/dev/pre-commit-hook.rb b/dev/pre-commit-hook.rb
index abebf44c..16826b6b 100755
--- a/dev/pre-commit-hook.rb
+++ b/dev/pre-commit-hook.rb
@@ -35,4 +35,4 @@ else
 	puts
 	puts "#{errors} failed! #{examples} run, #{pending} pending"
 	exit 1
-end
\ No newline at end of file
+end
diff --git a/lib/common/common_helper.rb b/lib/common/common_helper.rb
index 39ed7990..c3647108 100644
--- a/lib/common/common_helper.rb
+++ b/lib/common/common_helper.rb
@@ -177,3 +177,10 @@ end
 def count_file_lines(file)
   `wc -l #{file.shellescape}`.split[0].to_i
 end
+
+# Truncates a string to a specific length and adds ... at the end
+def truncate(input, size, trailing = '...')
+  padded_length = size - trailing.length - 2 # ... + space + index 0
+  return input if input.nil? or size <= trailing.length or size <= 0 or input.length <= size
+  return "#{input[0...padded_length]}#{trailing}"
+end
diff --git a/lib/common/models/vulnerability/output.rb b/lib/common/models/vulnerability/output.rb
index 1a71051b..8f4aac2c 100644
--- a/lib/common/models/vulnerability/output.rb
+++ b/lib/common/models/vulnerability/output.rb
@@ -4,7 +4,7 @@ class Vulnerability
   module Output
 
     # output the vulnerability
-    def output
+    def output(verbose = false)
       puts ' |'
       puts ' | ' + red("* Title: #{title}")
       references.each do |key, urls|
diff --git a/lib/common/models/wp_item/output.rb b/lib/common/models/wp_item/output.rb
index 6605b04d..80c6daf7 100644
--- a/lib/common/models/wp_item/output.rb
+++ b/lib/common/models/wp_item/output.rb
@@ -4,7 +4,7 @@ class WpItem
   module Output
 
     # @return [ Void ]
-    def output
+    def output(verbose = false)
       puts
       puts " | Name: #{self}" #this will also output the version number if detected
       puts " | Location: #{url}"
@@ -14,7 +14,7 @@ class WpItem
       puts " | Changelog: #{changelog_url}" if has_changelog?
 
 			if respond_to?(:additional_output)
-				additional_output
+				additional_output(verbose)
 			end
 
       vulnerabilities.output
diff --git a/lib/common/models/wp_theme/info.rb b/lib/common/models/wp_theme/info.rb
index 370927da..3c456c89 100644
--- a/lib/common/models/wp_theme/info.rb
+++ b/lib/common/models/wp_theme/info.rb
@@ -31,4 +31,4 @@ class WpTheme < WpItem
     end
 
   end
-end
\ No newline at end of file
+end
diff --git a/lib/common/models/wp_theme/output.rb b/lib/common/models/wp_theme/output.rb
index 0f5937fa..fd3c6f25 100644
--- a/lib/common/models/wp_theme/output.rb
+++ b/lib/common/models/wp_theme/output.rb
@@ -4,17 +4,19 @@ class WpTheme
   module Output
 
     # @return [ Void ]
-    def additional_output
+    def additional_output(verbose = false)
       puts " | Style URL: #{style_url}"
       puts " | Theme Name: #@theme_name" if @theme_name
       puts " | Theme URI: #@theme_uri" if @theme_uri
-      puts " | Description: #@theme_description" if @theme_description
+      theme_desc = verbose ? @theme_description : truncate(@theme_description, 100)
+      puts " | Description: #{theme_desc}"
       puts " | Author: #@theme_author" if @theme_author
       puts " | Author URI: #@theme_author_uri" if @theme_author_uri
-      puts " | Template: #@theme_template" if @theme_template
-      puts " | License: #@theme_license" if @theme_license_uri
-      puts " | Tags: #@theme_tags" if @theme_tags
-      puts " | Text Domain: #@theme_text_domain" if @theme_text_domain
+      puts " | Template: #@theme_template" if @theme_template and verbose
+      puts " | License: #@theme_license" if @theme_license and verbose
+      puts " | License URI: #@theme_license_uri" if @theme_license_uri and verbose
+      puts " | Tags: #@theme_tags" if @theme_tags and verbose
+      puts " | Text Domain: #@theme_text_domain" if @theme_text_domain and verbose
     end
 
   end
diff --git a/lib/common/models/wp_timthumb/output.rb b/lib/common/models/wp_timthumb/output.rb
index 3d4f07a1..4b523164 100644
--- a/lib/common/models/wp_timthumb/output.rb
+++ b/lib/common/models/wp_timthumb/output.rb
@@ -3,7 +3,7 @@
 class WpTimthumb < WpItem
   module Output
 
-    def output
+    def output(verbose = false)
       puts ' | ' + red('[!]') + " #{self}"
     end
 
diff --git a/lib/common/models/wp_version/output.rb b/lib/common/models/wp_version/output.rb
index 1154a295..979f1e75 100644
--- a/lib/common/models/wp_version/output.rb
+++ b/lib/common/models/wp_version/output.rb
@@ -3,7 +3,7 @@
 class WpVersion < WpItem
   module Output
 
-    def output
+    def output(verbose = false)
       puts green('[+]') + " WordPress version #{self.number} identified from #{self.found_from}"
 
       vulnerabilities = self.vulnerabilities
diff --git a/wpscan.rb b/wpscan.rb
index 5477171c..263322d8 100755
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -186,21 +186,21 @@ def main
     }
 
     if wp_version = wp_target.version(WP_VERSIONS_FILE)
-      wp_version.output
+      wp_version.output(wpscan_options.verbose)
     end
 
     if wp_theme = wp_target.theme
       puts
       # Theme version is handled in #to_s
       puts green('[+]') + " WordPress theme in use: #{wp_theme}"
-      wp_theme.output
+      wp_theme.output(wpscan_options.verbose)
 
       # Check for parent Themes
       while wp_theme.is_child_theme?
         parent = wp_theme.get_parent_theme
         puts
         puts green('[+]') + " Detected parent theme: #{parent}"
-        parent.output
+        parent.output(wpscan_options.verbose)
         wp_theme = parent
       end
 
@@ -214,7 +214,7 @@ def main
       if !wp_plugins.empty?
         puts " |  #{wp_plugins.size} plugins found:"
 
-        wp_plugins.output
+        wp_plugins.output(wpscan_options.verbose)
       else
         puts 'No plugins found'
       end
@@ -236,7 +236,7 @@ def main
       if !wp_plugins.empty?
         puts green('[+]') + " We found #{wp_plugins.size} plugins:"
 
-        wp_plugins.output
+        wp_plugins.output(wpscan_options.verbose)
       else
         puts 'No plugins found'
       end
@@ -258,7 +258,7 @@ def main
       if !wp_themes.empty?
         puts green('[+]') + " We found #{wp_themes.size} themes:"
 
-        wp_themes.output
+        wp_themes.output(wpscan_options.verbose)
       else
         puts 'No themes found'
       end
@@ -280,7 +280,7 @@ def main
         puts green('[+]') + " We found #{wp_timthumbs.size} timthumb file/s:"
         puts
 
-        wp_timthumbs.output
+        wp_timthumbs.output(wpscan_options.verbose)
 
         puts
         puts red(' * Reference: http://www.exploit-db.com/exploits/17602/')