garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adds simple and full help options

Browse Source
This commit is contained in:
erwanlr
2018-10-11 17:03:31 +01:00
parent 57942e1826
commit d3e0ff1e66
6 changed files with 30 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Rakefile
View File

@@ -12,9 +12,9 @@ rescue LoadError
end end
begin begin
require 'rspec/core/rake_task' #require 'rspec/core/rake_task'
RSpec::Core::RakeTask.new(:spec) #RSpec::Core::RakeTask.new(:spec)
exec << :spec #exec << :spec
rescue LoadError rescue LoadError
end end

8
app/controllers/core.rb
View File

@@ -5,15 +5,15 @@ module WPScan
# @return [ Array<OptParseValidator::Opt> ] # @return [ Array<OptParseValidator::Opt> ]
def cli_options def cli_options
[OptURL.new(['--url URL', 'The URL of the blog to scan'], [OptURL.new(['--url URL', 'The URL of the blog to scan'],
required_unless: %i[update help version], default_protocol: 'http')] + required_unless: %i[update help hh version], default_protocol: 'http')] +
super.drop(1) + # delete the --url from CMSScanner super.drop(1) + # delete the --url from CMSScanner
[ [
OptChoice.new(['--server SERVER', 'Force the supplied server module to be loaded'], OptChoice.new(['--server SERVER', 'Force the supplied server module to be loaded'],
choices: %w[apache iis nginx], choices: %w[apache iis nginx],
normalize: %i[downcase to_sym]), normalize: %i[downcase to_sym],
advanced: true),
OptBoolean.new(['--force', 'Do not check if the target is running WordPress']), OptBoolean.new(['--force', 'Do not check if the target is running WordPress']),
OptBoolean.new(['--[no-]update', 'Wether or not to update the Database'], OptBoolean.new(['--[no-]update', 'Whether or not to update the Database'])
required_unless: %i[url help version])
] ]
end end

35
app/controllers/enumeration/cli_options.rb
View File

@@ -13,7 +13,7 @@ module WPScan
def cli_enum_choices def cli_enum_choices
[ [
OptMultiChoices.new( OptMultiChoices.new(
['--enumerate [OPTS]', '-e', 'Enumeration Process'], ['-e', '--enumerate [OPTS]', 'Enumeration Process'],
choices: { choices: {
vp: OptBoolean.new(['--vulnerable-plugins']), vp: OptBoolean.new(['--vulnerable-plugins']),
ap: OptBoolean.new(['--all-plugins']), ap: OptBoolean.new(['--all-plugins']),
@@ -45,7 +45,7 @@ module WPScan
# @return [ Array<OptParseValidator::OptBase> ] # @return [ Array<OptParseValidator::OptBase> ]
def cli_plugins_opts def cli_plugins_opts
[ [
OptSmartList.new(['--plugins-list LIST', 'List of plugins to enumerate']), OptSmartList.new(['--plugins-list LIST', 'List of plugins to enumerate'], advanced: true),
OptChoice.new( OptChoice.new(
['--plugins-detection MODE', ['--plugins-detection MODE',
'Use the supplied mode to enumerate Plugins, instead of the global (--detection-mode) mode.'], 'Use the supplied mode to enumerate Plugins, instead of the global (--detection-mode) mode.'],
@@ -54,7 +54,8 @@ module WPScan
OptBoolean.new( OptBoolean.new(
['--plugins-version-all', ['--plugins-version-all',
'Check all the plugins version locations according to the choosen mode (--detection-mode, ' \ 'Check all the plugins version locations according to the choosen mode (--detection-mode, ' \
'--plugins-detection and --plugins-version-detection)'] '--plugins-detection and --plugins-version-detection)'],
advanced: true
), ),
OptChoice.new( OptChoice.new(
['--plugins-version-detection MODE', ['--plugins-version-detection MODE',
@@ -68,22 +69,23 @@ module WPScan
# @return [ Array<OptParseValidator::OptBase> ] # @return [ Array<OptParseValidator::OptBase> ]
def cli_themes_opts def cli_themes_opts
[ [
OptSmartList.new(['--themes-list LIST', 'List of themes to enumerate']), OptSmartList.new(['--themes-list LIST', 'List of themes to enumerate'], advanced: true),
OptChoice.new( OptChoice.new(
['--themes-detection MODE', ['--themes-detection MODE',
'Use the supplied mode to enumerate Themes, instead of the global (--detection-mode) mode.'], 'Use the supplied mode to enumerate Themes, instead of the global (--detection-mode) mode.'],
choices: %w[mixed passive aggressive], normalize: :to_sym choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
), ),
OptBoolean.new( OptBoolean.new(
['--themes-version-all', ['--themes-version-all',
'Check all the themes version locations according to the choosen mode (--detection-mode, ' \ 'Check all the themes version locations according to the choosen mode (--detection-mode, ' \
'--themes-detection and --themes-version-detection)'] '--themes-detection and --themes-version-detection)'],
advanced: true
), ),
OptChoice.new( OptChoice.new(
['--themes-version-detection MODE', ['--themes-version-detection MODE',
'Use the supplied mode to check themes versions instead of the --detection-mode ' \ 'Use the supplied mode to check themes versions instead of the --detection-mode ' \
'or --themes-detection modes.'], 'or --themes-detection modes.'],
choices: %w[mixed passive aggressive], normalize: :to_sym choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
) )
] ]
end end
@@ -93,12 +95,12 @@ module WPScan
[ [
OptFilePath.new( OptFilePath.new(
['--timthumbs-list FILE-PATH', 'List of timthumbs\' location to use'], ['--timthumbs-list FILE-PATH', 'List of timthumbs\' location to use'],
exists: true, default: File.join(DB_DIR, 'timthumbs-v3.txt') exists: true, default: File.join(DB_DIR, 'timthumbs-v3.txt'), advanced: true
), ),
OptChoice.new( OptChoice.new(
['--timthumbs-detection MODE', ['--timthumbs-detection MODE',
'Use the supplied mode to enumerate Timthumbs, instead of the global (--detection-mode) mode.'], 'Use the supplied mode to enumerate Timthumbs, instead of the global (--detection-mode) mode.'],
choices: %w[mixed passive aggressive], normalize: :to_sym choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
) )
] ]
end end
@@ -108,12 +110,12 @@ module WPScan
[ [
OptFilePath.new( OptFilePath.new(
['--config-backups-list FILE-PATH', 'List of config backups\' filenames to use'], ['--config-backups-list FILE-PATH', 'List of config backups\' filenames to use'],
exists: true, default: File.join(DB_DIR, 'config_backups.txt') exists: true, default: File.join(DB_DIR, 'config_backups.txt'), advanced: true
), ),
OptChoice.new( OptChoice.new(
['--config-backups-detection MODE', ['--config-backups-detection MODE',
'Use the supplied mode to enumerate Config Backups, instead of the global (--detection-mode) mode.'], 'Use the supplied mode to enumerate Config Backups, instead of the global (--detection-mode) mode.'],
choices: %w[mixed passive aggressive], normalize: :to_sym choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
) )
] ]
end end
@@ -123,12 +125,12 @@ module WPScan
[ [
OptFilePath.new( OptFilePath.new(
['--db-exports-list FILE-PATH', 'List of DB exports\' paths to use'], ['--db-exports-list FILE-PATH', 'List of DB exports\' paths to use'],
exists: true, default: File.join(DB_DIR, 'db_exports.txt') exists: true, default: File.join(DB_DIR, 'db_exports.txt'), advanced: true
), ),
OptChoice.new( OptChoice.new(
['--db-exports-detection MODE', ['--db-exports-detection MODE',
'Use the supplied mode to enumerate DB Exports, instead of the global (--detection-mode) mode.'], 'Use the supplied mode to enumerate DB Exports, instead of the global (--detection-mode) mode.'],
choices: %w[mixed passive aggressive], normalize: :to_sym choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
) )
] ]
end end
@@ -139,7 +141,7 @@ module WPScan
OptChoice.new( OptChoice.new(
['--medias-detection MODE', ['--medias-detection MODE',
'Use the supplied mode to enumerate Medias, instead of the global (--detection-mode) mode.'], 'Use the supplied mode to enumerate Medias, instead of the global (--detection-mode) mode.'],
choices: %w[mixed passive aggressive], normalize: :to_sym choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
) )
] ]
end end
@@ -149,12 +151,13 @@ module WPScan
[ [
OptSmartList.new( OptSmartList.new(
['--users-list LIST', ['--users-list LIST',
'List of users to check during the users enumeration from the Login Error Messages'] 'List of users to check during the users enumeration from the Login Error Messages'],
advanced: true
), ),
OptChoice.new( OptChoice.new(
['--users-detection MODE', ['--users-detection MODE',
'Use the supplied mode to enumerate Users, instead of the global (--detection-mode) mode.'], 'Use the supplied mode to enumerate Users, instead of the global (--detection-mode) mode.'],
choices: %w[mixed passive aggressive], normalize: :to_sym choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
) )
] ]
end end

3
app/controllers/main_theme.rb
View File

@@ -7,8 +7,7 @@ module WPScan
OptChoice.new( OptChoice.new(
['--main-theme-detection MODE', ['--main-theme-detection MODE',
'Use the supplied mode for the Main theme detection, instead of the global (--detection-mode) mode.'], 'Use the supplied mode for the Main theme detection, instead of the global (--detection-mode) mode.'],
choices: %w[mixed passive aggressive], choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
normalize: :to_sym
) )
] ]
end end

5
app/controllers/wp_version.rb
View File

@@ -4,13 +4,12 @@ module WPScan
class WpVersion < CMSScanner::Controller::Base class WpVersion < CMSScanner::Controller::Base
def cli_options def cli_options
[ [
OptBoolean.new(['--wp-version-all', 'Check all the version locations']), OptBoolean.new(['--wp-version-all', 'Check all the version locations'], advanced: true),
OptChoice.new( OptChoice.new(
['--wp-version-detection MODE', ['--wp-version-detection MODE',
'Use the supplied mode for the WordPress version detection, ' \ 'Use the supplied mode for the WordPress version detection, ' \
'instead of the global (--detection-mode) mode.'], 'instead of the global (--detection-mode) mode.'],
choices: %w[mixed passive aggressive], choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
normalize: :to_sym
) )
] ]
end end

2
wpscan.gemspec
View File

@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
s.executables = ['wpscan'] s.executables = ['wpscan']
s.require_paths = ['lib'] s.require_paths = ['lib']
s.add_dependency 'cms_scanner', '~> 0.0.40.1' s.add_dependency 'cms_scanner', '~> 0.0.40.2'
# Already required by CMSScanner, so version restrictions loosen # Already required by CMSScanner, so version restrictions loosen
s.add_dependency 'activesupport', '~> 5.2' s.add_dependency 'activesupport', '~> 5.2'