Add random-agent

2014-03-01 09:01:52 +01:00
parent bbce082ec2
commit c4ca7e471a
9 changed files with 75 additions and 12 deletions
--- a/lib/common/browser.rb
+++ b/lib/common/browser.rb
@@ -12,7 +12,7 @@ class Browser
    :basic_auth,
    :cache_ttl,
    :max_threads,
-    :useragent,
+    :user_agent,
    :proxy,
    :proxy_auth,
    :request_timeout,
@@ -66,7 +66,7 @@ class Browser
    @cache_ttl = 600 # 10 minutes, at this time the cache is cleaned before each scan. If this value is set to 0, the cache will be disabled
    @request_timeout = 2000 # 2s
    @connect_timeout = 1000 # 1s
-    @useragent = "WPScan v#{WPSCAN_VERSION} (http://wpscan.org)"
+    @user_agent = "WPScan v#{WPSCAN_VERSION} (http://wpscan.org)"
  end

  # @param [ String ] url
@@ -84,7 +84,7 @@ class Browser
    params = Browser.append_params_header_field(
      params,
      'User-Agent',
-      @useragent
+      @user_agent
    )

    if @proxy
--- a/lib/common/browser/options.rb
+++ b/lib/common/browser/options.rb
@@ -5,7 +5,7 @@ class Browser

    attr_accessor :cache_ttl, :request_timeout, :connect_timeout
    attr_reader   :basic_auth, :proxy, :proxy_auth
-    attr_writer   :useragent
+    attr_writer   :user_agent

    # Sets the Basic Authentification credentials
    # Accepted format:
--- a/lib/common/common_helper.rb
+++ b/lib/common/common_helper.rb
@@ -32,6 +32,7 @@ LOCAL_FILES_FILE    = DATA_DIR + '/local_vulnerable_files.xml'
 VULNS_XSD           = DATA_DIR + '/vuln.xsd'
 WP_VERSIONS_XSD     = DATA_DIR + '/wp_versions.xsd'
 LOCAL_FILES_XSD     = DATA_DIR + '/local_vulnerable_files.xsd'
+USER_AGENTS_FILE    = DATA_DIR + '/user-agents.txt'

 WPSCAN_VERSION       = '2.3'

@@ -187,3 +188,19 @@ def truncate(input, size, trailing = '...')
      trailing.length >= input.length or size-trailing.length-1 >= input.length
  return "#{input[0..size-trailing.length-1]}#{trailing}"
 end
+
+# Gets a random User-Agent
+#
+# @return [ String ] A random user-agent from data/user-agents.txt
+def get_random_user_agent
+  user_agents = []
+  f = File.open(USER_AGENTS_FILE, 'r')
+  f.each_line do |line|
+    # ignore comments
+    next if line.empty? or line =~ /^\s*(#|\/\/)/
+    user_agents << line.strip
+  end
+  f.close
+  # return ransom user-agent
+  user_agents.sample
+end
--- a/lib/wpscan/wpscan_helper.rb
+++ b/lib/wpscan/wpscan_helper.rb
@@ -82,7 +82,8 @@ def help
  puts
  puts '--exclude-content-based "<regexp or string>" Used with the enumeration option, will exclude all occurrences based on the regexp or string supplied'
  puts '                                             You do not need to provide the regexp delimiters, but you must write the quotes (simple or double)'
-  puts '--config-file | -c <config file> Use the specified config file'
+  puts '--user-agent | -a <User-Agent> Use the specified User-Agent'
+  puts '--random-agent | -r Use a random User-Agent'
  puts '--follow-redirection  If the target url has a redirection, it will be followed without asking if you wanted to do so or not'
  puts '--wp-content-dir <wp content dir>  WPScan try to find the content directory (ie wp-content) by scanning the index page, however you can specified it. Subdirectories are allowed'
  puts '--wp-plugins-dir <wp plugins dir>  Same thing than --wp-content-dir but for the plugins directory. If not supplied, WPScan will use wp-content-dir/plugins. Subdirectories are allowed'
--- a/lib/wpscan/wpscan_options.rb
+++ b/lib/wpscan/wpscan_options.rb
@@ -31,7 +31,8 @@ class WpscanOptions
    :basic_auth,
    :debug_output,
    :version,
-    :useragent
+    :user_agent,
+    :random_agent
  ]

  attr_accessor *ACCESSOR_OPTIONS
@@ -137,6 +138,10 @@ class WpscanOptions
    !to_h.empty?
  end

+  def random_agent=(a)
+    @user_agent = get_random_user_agent
+  end
+
  # return Hash
  def to_h
    options = {}
@@ -228,7 +233,8 @@ class WpscanOptions
      ['--wordlist', '-w', GetoptLong::REQUIRED_ARGUMENT],
      ['--threads', '-t', GetoptLong::REQUIRED_ARGUMENT],
      ['--force', '-f', GetoptLong::NO_ARGUMENT],
-      ['--useragent', '-a', GetoptLong::REQUIRED_ARGUMENT],
+      ['--user-agent', '-a', GetoptLong::REQUIRED_ARGUMENT],
+      ['--random-agent', '-r', GetoptLong::NO_ARGUMENT],
      ['--help', '-h', GetoptLong::NO_ARGUMENT],
      ['--verbose', '-v', GetoptLong::NO_ARGUMENT],
      ['--proxy', GetoptLong::REQUIRED_ARGUMENT],
@@ -237,7 +243,6 @@ class WpscanOptions
      ['--follow-redirection', GetoptLong::NO_ARGUMENT],
      ['--wp-content-dir', GetoptLong::REQUIRED_ARGUMENT],
      ['--wp-plugins-dir', GetoptLong::REQUIRED_ARGUMENT],
-      ['--config-file', '-c', GetoptLong::REQUIRED_ARGUMENT],
      ['--exclude-content-based', GetoptLong::REQUIRED_ARGUMENT],
      ['--basic-auth', GetoptLong::REQUIRED_ARGUMENT],
      ['--debug-output', GetoptLong::NO_ARGUMENT],