# File lib/browser.rb, line 59 +# File lib/browser.rb, line 61 def self.instance(options = {}) unless @@instance @@instance = new(options) @@ -322,7 +322,7 @@-# File lib/browser.rb, line 66 +# File lib/browser.rb, line 68 def self.reset @@instance = nil end@@ -358,11 +358,11 @@-@@ -391,10 +391,10 @@# File lib/browser.rb, line 166 +# File lib/browser.rb, line 168 def forge_request(url, params = {}) Typhoeus::Request.new( - url.to_s, - merge_request_params(params) + url.to_s, + merge_request_params(params) ) end-@@ -426,7 +426,7 @@ browser object, hydra will not have the new @max_threads and# File lib/browser.rb, line 154 +# File lib/browser.rb, line 156 def get(url, params = {}) run_request( - forge_request(url, params.merge(:method => :get)) + forge_request(url, params.merge(:method => :get)) ) end-# File lib/browser.rb, line 126 +# File lib/browser.rb, line 128 def load_config(config_file = nil) @config_file = config_file || @config_file @@ -464,7 +464,7 @@ browser object, hydra will not have the new @max_threads and-# File lib/browser.rb, line 95 +# File lib/browser.rb, line 97 def max_threads=(max_threads) if max_threads.nil? or max_threads <= 0 max_threads = 1 @@ -497,7 +497,7 @@ browser object, hydra will not have the new @max_threads and-# File lib/browser.rb, line 173 +# File lib/browser.rb, line 175 def merge_request_params(params = {}) if @proxy params = params.merge(:proxy => @proxy) @@ -507,6 +507,14 @@ browser object, hydra will not have the new @max_threads and end end + if @basic_auth + if !params.has_key?(:headers) + params = params.merge(:headers => {'Authorization' => @basic_auth}) + elsif !params[:headers].has_key?('Authorization') + params[:headers]['Authorization'] = @basic_auth + end + end + unless params.has_key?(:disable_ssl_host_verification) params = params.merge(:disable_ssl_host_verification => true) end @@ -554,10 +562,10 @@ browser object, hydra will not have the new @max_threads and-@@ -586,7 +594,7 @@ browser object, hydra will not have the new @max_threads and# File lib/browser.rb, line 160 +# File lib/browser.rb, line 162 def post(url, params = {}) run_request( - forge_request(url, params.merge(:method => :post)) + forge_request(url, params.merge(:method => :post)) ) end-# File lib/browser.rb, line 102 +# File lib/browser.rb, line 104 def proxy_auth=(auth) unless auth.nil? if auth.is_a?(Hash) @@ -631,7 +639,7 @@ browser object, hydra will not have the new @max_threads and-# File lib/browser.rb, line 121 +# File lib/browser.rb, line 123 def raise_invalid_proxy_format raise "Invalid proxy auth format, expected username:password or {:proxy_username => username, :proxy_password => password}" end@@ -661,7 +669,7 @@ browser object, hydra will not have the new @max_threads and-# File lib/browser.rb, line 83 +# File lib/browser.rb, line 85 def user_agent case @user_agent_mode when "semi-static" @@ -699,7 +707,7 @@ browser object, hydra will not have the new @max_threads and-# File lib/browser.rb, line 70 +# File lib/browser.rb, line 72 def user_agent_mode=(ua_mode) ua_mode ||= "static" diff --git a/doc/README.html b/doc/README.html index 549369a5..4f935f99 100644 --- a/doc/README.html +++ b/doc/README.html @@ -218,9 +218,6 @@ href="http://www.gnu.org/licenses/">www.gnu.org/licenses/>. Update cURL to version => 7.21 (may have to install from source) See http:/%rcode.google.com/p/wpscan/issues/detail?id=81 -- If you have one the following errors: "-bash: !t: event not found", "-bash: !u: event not found" - It happens with enumeration : just put the 't' or 'u' before the 'p!' : '-e tp!' instead of '-e p!t' - - Proxy not working: Update cURL to version => 7.21.7 (may have to install from source). diff --git a/doc/WebSite.html b/doc/WebSite.html index 0b4d4e8b..cf6c67a5 100644 --- a/doc/WebSite.html +++ b/doc/WebSite.html @@ -64,13 +64,17 @@+
@@ -200,6 +204,66 @@- #has_basic_auth? + +
- #has_xml_rpc? +
- #is_online?
- #is_wordpress?
- #redirection -
- #xmlrpc_url +
- #xml_rpc_url
Public Instance Methods
++ ++ + ++ has_basic_auth?() + click to toggle source ++ + ++ + + + + ++ + + + +++ +# File lib/wpscan/modules/web_site.rb, line 69 +def has_basic_auth? + Browser.instance.get(@uri.to_s).code == 401 +end++ ++ ++ has_xml_rpc?() + click to toggle source ++ + ++ + + + + ++ + + + +++ +# File lib/wpscan/modules/web_site.rb, line 60 +def has_xml_rpc? + !xml_rpc_url.nil? +end+@@ -216,7 +280,7 @@-diff --git a/doc/WpTarget.html b/doc/WpTarget.html index 5380e072..a72809ff 100644 --- a/doc/WpTarget.html +++ b/doc/WpTarget.html @@ -371,7 +371,7 @@# File lib/wpscan/modules/web_site.rb, line 52 +# File lib/wpscan/modules/web_site.rb, line 65 def is_online? Browser.instance.get(@uri.to_s).code != 0 end@@ -251,15 +315,15 @@ wordpress = false response = Browser.instance.get( - login_url(), - {:follow_location => true, :max_redirects => 2} + login_url(), + {:follow_location => true, :max_redirects => 2} ) if response.body =~ %r{WordPress} wordpress = true else response = Browser.instance.get( - xmlrpc_url(), + xml_rpc_url, {:follow_location => true, :max_redirects => 2} ) @@ -297,7 +361,7 @@ redirection or nil--# File lib/wpscan/modules/web_site.rb, line 58 +# File lib/wpscan/modules/web_site.rb, line 75 def redirection(url = nil) redirection = nil url ||= @uri.to_s @@ -319,10 +383,10 @@ redirection or nil++-- xmlrpc_urlxml_rpc_url() click to toggle source@@ -334,19 +398,28 @@ redirection or nil -++# File lib/wpscan/modules/web_site.rb, line 47 -def xmlrpc_url - @uri.merge("xmlrpc.php").to_s +def xml_rpc_url + unless @xmlrpc_url + headers = Browser.instance.get(@uri.to_s).headers_hash + value = headers["x-pingback"] + if value.nil? or value.empty? + @xmlrpc_url = nil + else + @xmlrpc_url = value + end + end + @xmlrpc_url end-diff --git a/doc/WpVersion.html b/doc/WpVersion.html index b88ea410..c851d514 100644 --- a/doc/WpVersion.html +++ b/doc/WpVersion.html @@ -357,25 +357,14 @@ etc)# File lib/wpscan/wp_target.rb, line 77 def self.valid_response_codes - [200, 403, 301, 302, 500] + [200, 301, 302, 401, 403, 500] endUses data/wp_versions.xml to try to identify a wordpress version.
-It does this by using client side file hashing with a scoring system.
+It does this by using client side file hashing
-The scoring system is a number representing the uniqueness of a client side -file across all versions of wordpress.
- -Example:
- -Score - Hash - File - Versions
- -1 - 3e63c08553696a1dedb24b22ef6783c3 - /wp-content/themes/twentyeleven/style.css - 3.2.1 - 2 - 15fc925fd39bb496871e842b2a754c76 - /wp-includes/js/wp-lists.js - 2.6,2.5.1 - 3 - 3f03bce84d1d2a169b4bf4d8a0126e38 - /wp-includes/js/autosave.js - 2.9.2,2.9.1,2.9 - -/!\ Warning : this method might return false positive if the file used for fingerprinting is part of a theme (they can be updated)+/!\ Warning : this method might return false positive if the file used for fingerprinting is part of a theme (they can be updated)-# File lib/wpscan/wp_version.rb, line 136 +# File lib/wpscan/wp_version.rb, line 124 def self.find_from_advanced_fingerprinting(options) target_uri = options[:base_url] # needed for rpsec tests @@ -394,7 +383,7 @@ file across all versions of wordpress. node.search('hash').each do |hash| if hash.attribute('md5').text == md5sum - return hash.search('versions').text + return hash.search('version').text end end end @@ -460,7 +449,7 @@ source.-@@ -562,7 +551,7 @@ source.# File lib/wpscan/wp_version.rb, line 176 +# File lib/wpscan/wp_version.rb, line 164 def self.find_from_links_opml(options) target_uri = options[:base_url] Browser.instance.get(target_uri.merge("wp-links-opml.php").to_s).body[%r{generator="wordpress/#{WpVersion.version_pattern}"}, 1] @@ -534,7 +523,7 @@ source. target_uri = options[:base_url] response = Browser.instance.get(target_uri.merge("feed/rdf/").to_s, {:follow_location => true, :max_redirects => 2}) - response.body[%r{<admin:generatorAgent rdf:resource="http://wordpress.org/\?v=#{WpVersion.version_pattern}" />}, 1] + response.body[%r{<admin:generatorAgent rdf:resource="http://wordpress.org/\?v=#{WpVersion.version_pattern}" />}, 1] end-# File lib/wpscan/wp_version.rb, line 162 +# File lib/wpscan/wp_version.rb, line 150 def self.find_from_readme(options) target_uri = options[:base_url] Browser.instance.get(target_uri.merge("readme.html").to_s).body[%r{<br />\sversion #{WpVersion.version_pattern}}, 1] @@ -630,7 +619,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=109">code.google.com/p/wp-# File lib/wpscan/wp_version.rb, line 170 +# File lib/wpscan/wp_version.rb, line 158 def self.find_from_sitemap_generator(options) target_uri = options[:base_url] Browser.instance.get(target_uri.merge("sitemap.xml").to_s).body[%r{generator="wordpress/#{WpVersion.version_pattern}"}, 1] @@ -661,7 +650,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=109">code.google.com/p/wp-# File lib/wpscan/wp_version.rb, line 182 +# File lib/wpscan/wp_version.rb, line 170 def self.version_pattern '([^\r\n]+[\.][^\r\n]+)' enddiff --git a/doc/WpscanOptions.html b/doc/WpscanOptions.html index 1a1c37dc..ed6e2529 100644 --- a/doc/WpscanOptions.html +++ b/doc/WpscanOptions.html @@ -82,6 +82,8 @@::option_to_instance_variable_setter + #basic_auth= + #enumerate_all_plugins= #enumerate_all_themes= @@ -270,7 +272,7 @@ href="WpscanOptions.html">WpscanOptions -# File lib/wpscan/wpscan_options.rb, line 159 +# File lib/wpscan/wpscan_options.rb, line 165 def self.load_from_arguments wpscan_options = WpscanOptions.new @@ -308,7 +310,7 @@ href="WpscanOptions.html">WpscanOptions-# File lib/wpscan/wpscan_options.rb, line 51 +# File lib/wpscan/wpscan_options.rb, line 52 def initialize ACCESSOR_OPTIONS.each do |option| instance_variable_set("@#{option}", nil) @@ -349,7 +351,7 @@ any remaining ‘-’ by ‘_’-# File lib/wpscan/wpscan_options.rb, line 256 +# File lib/wpscan/wpscan_options.rb, line 263 def self.clean_option(option) cleaned_option = option.gsub(%r^--?/, '') cleaned_option.gsub(%r-/, '_') @@ -381,25 +383,26 @@ any remaining ‘-’ by ‘_’-@@ -428,7 +431,7 @@ any remaining ‘-’ by ‘_’# File lib/wpscan/wpscan_options.rb, line 226 +# File lib/wpscan/wpscan_options.rb, line 232 def self.get_opt_long GetoptLong.new( - ["--url", "-u", GetoptLong::REQUIRED_ARGUMENT], - ["--enumerate", "-e", GetoptLong::OPTIONAL_ARGUMENT], - ["--username", "-U", GetoptLong::REQUIRED_ARGUMENT], - ["--wordlist", "-w", GetoptLong::REQUIRED_ARGUMENT], - ["--threads", "-t", GetoptLong::REQUIRED_ARGUMENT], - ["--force", "-f", GetoptLong::NO_ARGUMENT], - ["--help", "-h", GetoptLong::NO_ARGUMENT], - ["--verbose", "-v", GetoptLong::NO_ARGUMENT], - ["--proxy", GetoptLong::REQUIRED_ARGUMENT], - ["--proxy-auth", GetoptLong::REQUIRED_ARGUMENT], - ["--update", GetoptLong::NO_ARGUMENT], - ["--follow-redirection", GetoptLong::NO_ARGUMENT], - ["--wp-content-dir", GetoptLong::REQUIRED_ARGUMENT], - ["--wp-plugins-dir", GetoptLong::REQUIRED_ARGUMENT], - ["--config-file", "-c", GetoptLong::REQUIRED_ARGUMENT], - ["--exclude-content-based", GetoptLong::REQUIRED_ARGUMENT] + ["--url", "-u", GetoptLong::REQUIRED_ARGUMENT], + ["--enumerate", "-e", GetoptLong::OPTIONAL_ARGUMENT], + ["--username", "-U", GetoptLong::REQUIRED_ARGUMENT], + ["--wordlist", "-w", GetoptLong::REQUIRED_ARGUMENT], + ["--threads", "-t", GetoptLong::REQUIRED_ARGUMENT], + ["--force", "-f", GetoptLong::NO_ARGUMENT], + ["--help", "-h", GetoptLong::NO_ARGUMENT], + ["--verbose", "-v", GetoptLong::NO_ARGUMENT], + ["--proxy", GetoptLong::REQUIRED_ARGUMENT], + ["--proxy-auth", GetoptLong::REQUIRED_ARGUMENT], + ["--update", GetoptLong::NO_ARGUMENT], + ["--follow-redirection", GetoptLong::NO_ARGUMENT], + ["--wp-content-dir", GetoptLong::REQUIRED_ARGUMENT], + ["--wp-plugins-dir", GetoptLong::REQUIRED_ARGUMENT], + ["--config-file", "-c", GetoptLong::REQUIRED_ARGUMENT], + ["--exclude-content-based", GetoptLong::REQUIRED_ARGUMENT], + ["--basic-auth", GetoptLong::REQUIRED_ARGUMENT] ) end-# File lib/wpscan/wpscan_options.rb, line 247 +# File lib/wpscan/wpscan_options.rb, line 254 def self.is_long_option?(option) ACCESSOR_OPTIONS.include?(:"#{WpscanOptions.clean_option(option)}") end@@ -458,7 +461,7 @@ any remaining ‘-’ by ‘_’-# File lib/wpscan/wpscan_options.rb, line 261 +# File lib/wpscan/wpscan_options.rb, line 268 def self.option_to_instance_variable_setter(option) cleaned_option = WpscanOptions.clean_option(option) option_syms = ACCESSOR_OPTIONS.grep(%r{^#{cleaned_option}$}) @@ -481,6 +484,37 @@ any remaining ‘-’ by ‘_’Public Instance Methods
++ ++ ++ basic_auth=(basic_auth) + click to toggle source ++ + ++ + + + + ++ + + + +++ +# File lib/wpscan/wpscan_options.rb, line 140 +def basic_auth=(basic_auth) + raise "Invalid basic authentication format, login:password expected" if basic_auth.index(':').nil? + @basic_auth = "Basic #{Base64.encode64(basic_auth).chomp}" +end+@@ -497,7 +531,7 @@ any remaining ‘-’ by ‘_’-# File lib/wpscan/wpscan_options.rb, line 107 +# File lib/wpscan/wpscan_options.rb, line 108 def enumerate_all_plugins=(enumerate_all_plugins) if enumerate_all_plugins === true and (@enumerate_plugins === true or @enumerate_only_vulnerable_plugins === true) raise "Please choose only one plugin enumeration option" @@ -531,7 +565,7 @@ any remaining ‘-’ by ‘_’-# File lib/wpscan/wpscan_options.rb, line 131 +# File lib/wpscan/wpscan_options.rb, line 132 def enumerate_all_themes=(enumerate_all_themes) if enumerate_all_themes === true and (@enumerate_themes === true or @enumerate_only_vulnerable_themes === true) raise "Please choose only one theme enumeration option" @@ -565,7 +599,7 @@ any remaining ‘-’ by ‘_’-# File lib/wpscan/wpscan_options.rb, line 99 +# File lib/wpscan/wpscan_options.rb, line 100 def enumerate_only_vulnerable_plugins=(enumerate_only_vulnerable_plugins) if enumerate_only_vulnerable_plugins === true and (@enumerate_all_plugins === true or @enumerate_plugins === true) raise "Please choose only one plugin enumeration option" @@ -599,7 +633,7 @@ any remaining ‘-’ by ‘_’-# File lib/wpscan/wpscan_options.rb, line 123 +# File lib/wpscan/wpscan_options.rb, line 124 def enumerate_only_vulnerable_themes=(enumerate_only_vulnerable_themes) if enumerate_only_vulnerable_themes === true and (@enumerate_all_themes === true or @enumerate_themes === true) raise "Please choose only one theme enumeration option" @@ -637,7 +671,7 @@ href="http://1-10">u will enumerate usernames from 1 to 10-# File lib/wpscan/wpscan_options.rb, line 194 +# File lib/wpscan/wpscan_options.rb, line 200 def enumerate_options_from_string(value) # Usage of self is mandatory because there are overridden setters @@ -693,7 +727,7 @@ href="http://1-10">u will enumerate usernames from 1 to 10-# File lib/wpscan/wpscan_options.rb, line 91 +# File lib/wpscan/wpscan_options.rb, line 92 def enumerate_plugins=(enumerate_plugins) if enumerate_plugins === true and (@enumerate_all_plugins === true or @enumerate_only_vulnerable_plugins === true) raise "Please choose only one plugin enumeration option" @@ -727,7 +761,7 @@ href="http://1-10">u will enumerate usernames from 1 to 10-# File lib/wpscan/wpscan_options.rb, line 115 +# File lib/wpscan/wpscan_options.rb, line 116 def enumerate_themes=(enumerate_themes) if enumerate_themes === true and (@enumerate_all_themes === true or @enumerate_only_vulnerable_themes === true) raise "Please choose only one theme enumeration option" @@ -761,7 +795,7 @@ href="http://1-10">u will enumerate usernames from 1 to 10-# File lib/wpscan/wpscan_options.rb, line 139 +# File lib/wpscan/wpscan_options.rb, line 145 def has_options? !to_h.empty? end@@ -791,7 +825,7 @@ href="http://1-10">u will enumerate usernames from 1 to 10-# File lib/wpscan/wpscan_options.rb, line 75 +# File lib/wpscan/wpscan_options.rb, line 76 def proxy=(proxy) if proxy.index(':') == nil raise "Invalid proxy format. Should be host:port." @@ -825,7 +859,7 @@ href="http://1-10">u will enumerate usernames from 1 to 10-# File lib/wpscan/wpscan_options.rb, line 83 +# File lib/wpscan/wpscan_options.rb, line 84 def proxy_auth=(auth) if auth.index(':') == nil raise "Invalid proxy auth format, username:password expected" @@ -860,7 +894,7 @@ value-# File lib/wpscan/wpscan_options.rb, line 173 +# File lib/wpscan/wpscan_options.rb, line 179 def set_option_from_cli(cli_option, cli_value) if WpscanOptions.is_long_option?(cli_option) @@ -903,7 +937,7 @@ value-# File lib/wpscan/wpscan_options.rb, line 63 +# File lib/wpscan/wpscan_options.rb, line 64 def threads=(threads) @threads = threads.is_a?(Integer) ? threads : threads.to_i end@@ -933,7 +967,7 @@ value-# File lib/wpscan/wpscan_options.rb, line 144 +# File lib/wpscan/wpscan_options.rb, line 150 def to_h options = {} @@ -972,7 +1006,7 @@ value-# File lib/wpscan/wpscan_options.rb, line 57 +# File lib/wpscan/wpscan_options.rb, line 58 def url=(url) raise "Empty URL given" if !url @@ -1004,7 +1038,7 @@ value-# File lib/wpscan/wpscan_options.rb, line 67 +# File lib/wpscan/wpscan_options.rb, line 68 def wordlist=(wordlist) if File.exists?(wordlist) @wordlist = wordlist diff --git a/doc/created.rid b/doc/created.rid index 78921cf9..39fb5ca5 100644 --- a/doc/created.rid +++ b/doc/created.rid @@ -1,7 +1,7 @@ -Fri, 07 Dec 2012 20:17:41 +0100 +Thu, 13 Dec 2012 16:46:56 +0100 ./CREDITS Tue, 25 Sep 2012 20:37:12 +0200 ./Gemfile Thu, 06 Dec 2012 19:53:03 +0100 -./lib/browser.rb Fri, 23 Nov 2012 18:46:41 +0100 +./lib/browser.rb Thu, 13 Dec 2012 11:04:19 +0100 ./lib/cache_file_store.rb Tue, 25 Sep 2012 20:37:12 +0200 ./lib/common_helper.rb Sat, 10 Nov 2012 09:50:17 +0100 ./lib/environment.rb Fri, 23 Nov 2012 18:46:41 +0100 @@ -12,7 +12,7 @@ Fri, 07 Dec 2012 20:17:41 +0100 ./lib/wpscan/exploit.rb Tue, 25 Sep 2012 20:37:12 +0200 ./lib/wpscan/modules/brute_force.rb Thu, 06 Dec 2012 19:53:03 +0100 ./lib/wpscan/modules/malwares.rb Sat, 10 Nov 2012 09:50:17 +0100 -./lib/wpscan/modules/web_site.rb Tue, 25 Sep 2012 20:37:12 +0200 +./lib/wpscan/modules/web_site.rb Thu, 13 Dec 2012 16:41:55 +0100 ./lib/wpscan/modules/wp_config_backup.rb Tue, 16 Oct 2012 22:00:10 +0200 ./lib/wpscan/modules/wp_full_path_disclosure.rb Tue, 25 Sep 2012 20:37:12 +0200 ./lib/wpscan/modules/wp_login_protection.rb Tue, 25 Sep 2012 20:37:12 +0200 @@ -28,16 +28,16 @@ Fri, 07 Dec 2012 20:17:41 +0100 ./lib/wpscan/wp_item.rb Sat, 10 Nov 2012 09:50:17 +0100 ./lib/wpscan/wp_options.rb Tue, 25 Sep 2012 20:37:12 +0200 ./lib/wpscan/wp_plugin.rb Tue, 25 Sep 2012 20:37:12 +0200 -./lib/wpscan/wp_target.rb Thu, 06 Dec 2012 21:07:19 +0100 +./lib/wpscan/wp_target.rb Thu, 13 Dec 2012 16:20:41 +0100 ./lib/wpscan/wp_theme.rb Tue, 25 Sep 2012 20:37:12 +0200 ./lib/wpscan/wp_user.rb Thu, 06 Dec 2012 21:07:19 +0100 -./lib/wpscan/wp_version.rb Sat, 10 Nov 2012 09:50:17 +0100 +./lib/wpscan/wp_version.rb Thu, 13 Dec 2012 11:04:19 +0100 ./lib/wpscan/wp_vulnerability.rb Tue, 25 Sep 2012 20:37:12 +0200 ./lib/wpscan/wpscan_helper.rb Thu, 06 Dec 2012 19:53:03 +0100 -./lib/wpscan/wpscan_options.rb Thu, 06 Dec 2012 19:53:03 +0100 +./lib/wpscan/wpscan_options.rb Thu, 13 Dec 2012 11:04:19 +0100 ./lib/wpstools/generate_list.rb Wed, 28 Nov 2012 20:07:48 +0100 ./lib/wpstools/parse_svn.rb Sat, 10 Nov 2012 09:50:17 +0100 ./lib/wpstools/wpstools_helper.rb Fri, 07 Dec 2012 20:17:22 +0100 -./README Thu, 06 Dec 2012 19:53:03 +0100 -./wpscan.rb Thu, 06 Dec 2012 19:53:03 +0100 +./README Thu, 13 Dec 2012 11:04:19 +0100 +./wpscan.rb Thu, 13 Dec 2012 16:23:41 +0100 ./wpstools.rb Fri, 07 Dec 2012 20:17:22 +0100 diff --git a/doc/js/search_index.js b/doc/js/search_index.js index f614fb47..1c3662d4 100644 --- a/doc/js/search_index.js +++ b/doc/js/search_index.js @@ -1 +1 @@ -var search_data = {"index":{"searchIndex":["array","browser","bruteforce","cachefilestore","exploit","generate_list","gitupdater","malwares","object","rpcclient","svnupdater","svn_parser","uri","updater","updaterfactory","vulnerable","website","wpconfigbackup","wpdetector","wpenumerator","wpfullpathdisclosure","wpitem","wploginprotection","wpoptions","wpplugin","wpplugins","wpreadme","wptarget","wptheme","wpthemes","wptimthumbs","wpuser","wpusernames","wpversion","wpvulnerability","wpscanoptions","<=>()","<=>()","==()","===()","===()","===()","_grep_()","add_http_protocol()","add_trailing_slash()","aggressive_detection()","authenticate()","author_url()","available_updaters_classes()","banner()","better_wp_security_url()","bluetrait_event_viewer_url()","brute_force()","changelog_url()","check_options()","choose_session()","clean()","clean_option()","colorize()","config_backup()","config_backup_files()","debug_log_url()","directory_listing?()","enumerate()","enumerate_all_plugins=()","enumerate_all_themes=()","enumerate_only_vulnerable_plugins=()","enumerate_only_vulnerable_themes=()","enumerate_options_from_string()","enumerate_plugins=()","enumerate_themes=()","eql?()","error_404_hash()","error_log?()","error_log_url()","escape()","exploit()","exploit()","exploit_info()","extract_name_from_url()","extract_nickname_from_body()","find()","find()","find_from_advanced_fingerprinting()","find_from_atom_generator()","find_from_css_link()","find_from_links_opml()","find_from_meta_generator()","find_from_rdf_generator()","find_from_readme()","find_from_rss_generator()","find_from_sitemap_generator()","find_from_wooframework()","forge_request()","full_path_disclosure_url()","generate_full_list()","generate_items()","generate_popular_list()","get()","get_entry_file_path()","get_equal_string_end()","get_exploit_info()","get_full_url()","get_nickname_from_response()","get_nickname_from_url()","get_opt_long()","get_options()","get_payloads()","get_popular_items()","get_sub_folder()","get_updater()","get_url_without_filename()","green()","grep()","has_better_wp_security_protection?()","has_bluetrait_event_viewer_protection?()","has_changelog?()","has_debug_log?()","has_full_path_disclosure?()","has_limit_login_attempts_protection?()","has_login_lock_protection?()","has_login_lockdown_protection?()","has_login_protection?()","has_login_security_solution_protection?()","has_malwares?()","has_options?()","has_readme?()","has_readme?()","has_simple_login_lockdown_protection?()","has_timthumbs?()","help()","id()","id=()","instance()","is_installed?()","is_installed?()","is_installed?()","is_long_option?()","is_multisite?()","is_online?()","is_wordpress?()","job_id()","jobs()","kill_session()","kill_session()","last_session_id()","limit_login_attempts_url()","lines_in_file()","load_config()","load_from_arguments()","local_revision_number()","local_revision_number()","local_revision_number()","login()","login_protection_plugin()","login_security_solution_url()","login_url()","malware_pattern()","malwares()","malwares_file()","max_threads=()","merge_request_params()","meterpreter_read()","meterpreter_read()","meterpreter_write()","meterpreter_write()","name()","name=()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","nickname()","nickname=()","option_to_instance_variable_setter()","parse()","passive_detection()","plugins_from_aggressive_detection()","plugins_from_passive_detection()","post()","proxy=()","proxy_auth=()","proxy_auth=()","raise_invalid_proxy_format()","raise_must_be_implemented()","read_entry()","read_shell()","read_shell()","readme_url()","readme_url()","red()","redirection()","registration_enabled?()","registration_url()","remove_junk_from_nickname()","repo_directory_arguments()","require_files_from_directory()","reset()","save()","search_replace_db_2_exists?()","search_replace_db_2_url()","session_count()","sessions()","sessions()","set_file_name()","set_option_from_cli()","simple_login_lockdown_url()","start()","targets_url_from_theme()","theme()","themes_from_aggressive_detection()","themes_from_passive_detection()","threads=()","timthumbs()","to_h()","to_s()","update()","update()","update()","url()","url=()","usage()","user_agent()","user_agent_mode=()","usernames()","valid_response_codes()","version()","version()","version_pattern()","vulnerabilities()","wordlist=()","wp_content_dir()","wp_plugins_dir()","wp_plugins_dir_exists?()","write_entry()","write_shell()","write_shell()","xmlrpc_url()","credits","gemfile","readme"],"longSearchIndex":["array","browser","bruteforce","cachefilestore","exploit","generate_list","gitupdater","malwares","object","rpcclient","svnupdater","svn_parser","uri","updater","updaterfactory","vulnerable","website","wpconfigbackup","wpdetector","wpenumerator","wpfullpathdisclosure","wpitem","wploginprotection","wpoptions","wpplugin","wpplugins","wpreadme","wptarget","wptheme","wpthemes","wptimthumbs","wpuser","wpusernames","wpversion","wpvulnerability","wpscanoptions","wpitem#<=>()","wpuser#<=>()","wpitem#==()","wpitem#===()","wptheme#===()","wpuser#===()","array#_grep_()","object#add_http_protocol()","object#add_trailing_slash()","wpdetector::aggressive_detection()","rpcclient#authenticate()","wpusernames#author_url()","updaterfactory::available_updaters_classes()","object#banner()","wploginprotection#better_wp_security_url()","wploginprotection#bluetrait_event_viewer_url()","bruteforce#brute_force()","wpitem#changelog_url()","wpoptions::check_options()","exploit#choose_session()","cachefilestore#clean()","wpscanoptions::clean_option()","object#colorize()","wpconfigbackup#config_backup()","wpconfigbackup::config_backup_files()","wptarget#debug_log_url()","wpitem#directory_listing?()","wpenumerator::enumerate()","wpscanoptions#enumerate_all_plugins=()","wpscanoptions#enumerate_all_themes=()","wpscanoptions#enumerate_only_vulnerable_plugins=()","wpscanoptions#enumerate_only_vulnerable_themes=()","wpscanoptions#enumerate_options_from_string()","wpscanoptions#enumerate_plugins=()","wpscanoptions#enumerate_themes=()","wpuser#eql?()","wptarget#error_404_hash()","wpplugin#error_log?()","wpplugin#error_log_url()","uri::escape()","exploit#exploit()","rpcclient#exploit()","exploit#exploit_info()","wpitem#extract_name_from_url()","wpusernames#extract_nickname_from_body()","wptheme::find()","wpversion::find()","wpversion::find_from_advanced_fingerprinting()","wpversion::find_from_atom_generator()","wptheme::find_from_css_link()","wpversion::find_from_links_opml()","wpversion::find_from_meta_generator()","wpversion::find_from_rdf_generator()","wpversion::find_from_readme()","wpversion::find_from_rss_generator()","wpversion::find_from_sitemap_generator()","wptheme::find_from_wooframework()","browser#forge_request()","wpfullpathdisclosure#full_path_disclosure_url()","generate_list#generate_full_list()","wpenumerator::generate_items()","generate_list#generate_popular_list()","browser#get()","cachefilestore#get_entry_file_path()","object#get_equal_string_end()","rpcclient#get_exploit_info()","wpitem#get_full_url()","wpusernames#get_nickname_from_response()","wpusernames#get_nickname_from_url()","wpscanoptions::get_opt_long()","rpcclient#get_options()","rpcclient#get_payloads()","generate_list#get_popular_items()","wpitem#get_sub_folder()","updaterfactory::get_updater()","wpitem#get_url_without_filename()","object#green()","array#grep()","wploginprotection#has_better_wp_security_protection?()","wploginprotection#has_bluetrait_event_viewer_protection?()","wpitem#has_changelog?()","wptarget#has_debug_log?()","wpfullpathdisclosure#has_full_path_disclosure?()","wploginprotection#has_limit_login_attempts_protection?()","wploginprotection#has_login_lock_protection?()","wploginprotection#has_login_lockdown_protection?()","wploginprotection#has_login_protection?()","wploginprotection#has_login_security_solution_protection?()","malwares#has_malwares?()","wpscanoptions#has_options?()","wpitem#has_readme?()","wpreadme#has_readme?()","wploginprotection#has_simple_login_lockdown_protection?()","wptimthumbs#has_timthumbs?()","object#help()","wpuser#id()","wpuser#id=()","browser::instance()","gitupdater#is_installed?()","svnupdater#is_installed?()","updater#is_installed?()","wpscanoptions::is_long_option?()","wptarget#is_multisite?()","website#is_online?()","website#is_wordpress?()","exploit#job_id()","rpcclient#jobs()","exploit#kill_session()","rpcclient#kill_session()","exploit#last_session_id()","wploginprotection#limit_login_attempts_url()","bruteforce::lines_in_file()","browser#load_config()","wpscanoptions::load_from_arguments()","gitupdater#local_revision_number()","svnupdater#local_revision_number()","updater#local_revision_number()","rpcclient#login()","wploginprotection#login_protection_plugin()","wploginprotection#login_security_solution_url()","wptarget#login_url()","malwares::malware_pattern()","malwares#malwares()","malwares::malwares_file()","browser#max_threads=()","browser#merge_request_params()","exploit#meterpreter_read()","rpcclient#meterpreter_read()","exploit#meterpreter_write()","rpcclient#meterpreter_write()","wpuser#name()","wpuser#name=()","cachefilestore::new()","exploit::new()","generate_list::new()","rpcclient::new()","svn_parser::new()","updater::new()","wpitem::new()","wpplugin::new()","wptarget::new()","wptheme::new()","wpuser::new()","wpversion::new()","wpvulnerability::new()","wpscanoptions::new()","wpuser#nickname()","wpuser#nickname=()","wpscanoptions::option_to_instance_variable_setter()","svn_parser#parse()","wpdetector::passive_detection()","wpplugins#plugins_from_aggressive_detection()","wpplugins#plugins_from_passive_detection()","browser#post()","wpscanoptions#proxy=()","browser#proxy_auth=()","wpscanoptions#proxy_auth=()","browser#raise_invalid_proxy_format()","updater#raise_must_be_implemented()","cachefilestore#read_entry()","exploit#read_shell()","rpcclient#read_shell()","wpitem#readme_url()","wpreadme#readme_url()","object#red()","website#redirection()","wptarget#registration_enabled?()","wptarget#registration_url()","wpusernames#remove_junk_from_nickname()","gitupdater#repo_directory_arguments()","object#require_files_from_directory()","browser::reset()","generate_list#save()","wptarget#search_replace_db_2_exists?()","wptarget#search_replace_db_2_url()","exploit#session_count()","exploit#sessions()","rpcclient#sessions()","generate_list#set_file_name()","wpscanoptions#set_option_from_cli()","wploginprotection#simple_login_lockdown_url()","exploit#start()","wptimthumbs#targets_url_from_theme()","wptarget#theme()","wpthemes#themes_from_aggressive_detection()","wpthemes#themes_from_passive_detection()","wpscanoptions#threads=()","wptimthumbs#timthumbs()","wpscanoptions#to_h()","wpitem#to_s()","gitupdater#update()","svnupdater#update()","updater#update()","wptarget#url()","wpscanoptions#url=()","object#usage()","browser#user_agent()","browser#user_agent_mode=()","wpusernames#usernames()","wptarget::valid_response_codes()","wpitem#version()","wptarget#version()","wpversion::version_pattern()","vulnerable#vulnerabilities()","wpscanoptions#wordlist=()","wptarget#wp_content_dir()","wptarget#wp_plugins_dir()","wptarget#wp_plugins_dir_exists?()","cachefilestore#write_entry()","exploit#write_shell()","rpcclient#write_shell()","website#xmlrpc_url()","","",""],"info":[["Array","","Array.html","",""],["Browser","","Browser.html","",""],["BruteForce","","BruteForce.html","",""],["CacheFileStore","","CacheFileStore.html","",""],["Exploit","","Exploit.html","","This library should contain all methods for exploitation.\n"],["Generate_List","","Generate_List.html","","
This tool generates a list to use for plugin and theme enumeration\n"],["GitUpdater","","GitUpdater.html","",""],["Malwares","","Malwares.html","",""],["Object","","Object.html","",""],["RpcClient","","RpcClient.html","","
This library should contain all methods to communicate with msfrpc. See\nframework/documentation/msfrpc.txt …\n"],["SvnUpdater","","SvnUpdater.html","",""],["Svn_Parser","","Svn_Parser.html","","
This Class Parses SVN Repositories via HTTP\n"],["URI","","URI.html","",""],["Updater","","Updater.html","","
This class act as an absract one\n"],["UpdaterFactory","","UpdaterFactory.html","",""],["Vulnerable","","Vulnerable.html","",""],["WebSite","","WebSite.html","",""],["WpConfigBackup","","WpConfigBackup.html","",""],["WpDetector","","WpDetector.html","",""],["WpEnumerator","","WpEnumerator.html","","
Enumerate over a given set of items and check if they exist\n"],["WpFullPathDisclosure","","WpFullPathDisclosure.html","",""],["WpItem","","WpItem.html","",""],["WpLoginProtection","","WpLoginProtection.html","",""],["WpOptions","","WpOptions.html","","
Options Hash\n
Options\n
url- The base URL of the WordPress site\n"],["WpPlugin","","WpPlugin.html","",""],["WpPlugins","","WpPlugins.html","",""],["WpReadme","","WpReadme.html","",""],["WpTarget","","WpTarget.html","",""],["WpTheme","","WpTheme.html","",""],["WpThemes","","WpThemes.html","",""],["WpTimthumbs","","WpTimthumbs.html","",""],["WpUser","","WpUser.html","",""],["WpUsernames","","WpUsernames.html","",""],["WpVersion","","WpVersion.html","",""],["WpVulnerability","","WpVulnerability.html","",""],["WpscanOptions","","WpscanOptions.html","",""],["<=>","WpItem","WpItem.html#method-i-3C-3D-3E","(other)","Compare\n"],["<=>","WpUser","WpUser.html#method-i-3C-3D-3E","(item)",""],["==","WpItem","WpItem.html#method-i-3D-3D","(other)","
Compare\n"],["===","WpItem","WpItem.html#method-i-3D-3D-3D","(other)","
Compare\n"],["===","WpTheme","WpTheme.html#method-i-3D-3D-3D","(wp_theme)",""],["===","WpUser","WpUser.html#method-i-3D-3D-3D","(item)",""],["_grep_","Array","Array.html#method-i-_grep_","(regexp)","
Fix for grep with symbols in ruby <= 1.8.7\n"],["add_http_protocol","Object","Object.html#method-i-add_http_protocol","(url)","
Add protocol\n"],["add_trailing_slash","Object","Object.html#method-i-add_trailing_slash","(url)",""],["aggressive_detection","WpDetector","WpDetector.html#method-c-aggressive_detection","(options, items = [])",""],["authenticate","RpcClient","RpcClient.html#method-i-authenticate","()","
check authentication\n"],["author_url","WpUsernames","WpUsernames.html#method-i-author_url","(author_id)",""],["available_updaters_classes","UpdaterFactory","UpdaterFactory.html#method-c-available_updaters_classes","()","
return array of class symbols\n"],["banner","Object","Object.html#method-i-banner","()","
our 1337 banner\n"],["better_wp_security_url","WpLoginProtection","WpLoginProtection.html#method-i-better_wp_security_url","()",""],["bluetrait_event_viewer_url","WpLoginProtection","WpLoginProtection.html#method-i-bluetrait_event_viewer_url","()",""],["brute_force","BruteForce","BruteForce.html#method-i-brute_force","(logins, wordlist_path)","
param array of string logins param string wordlist_path\n"],["changelog_url","WpItem","WpItem.html#method-i-changelog_url","()","
Url for changelog.txt\n"],["check_options","WpOptions","WpOptions.html#method-c-check_options","(options)",""],["choose_session","Exploit","Exploit.html#method-i-choose_session","()","
if there is more than 1 session, allow the user to choose one.\n"],["clean","CacheFileStore","CacheFileStore.html#method-i-clean","()",""],["clean_option","WpscanOptions","WpscanOptions.html#method-c-clean_option","(option)","
Will removed the ‘-’ or ‘–’ chars at the beginning of option and replace\nany remaining ‘-’ by ‘_’\n
param …\n"],["colorize","Object","Object.html#method-i-colorize","(text, color_code)",""],["config_backup","WpConfigBackup","WpConfigBackup.html#method-i-config_backup","()","
Checks to see if wp-config.php has a backup See www.feross.org/cmsploit/\nreturn an array of backup config …\n"],["config_backup_files","WpConfigBackup","WpConfigBackup.html#method-c-config_backup_files","()","
@return Array\n"],["debug_log_url","WpTarget","WpTarget.html#method-i-debug_log_url","()",""],["directory_listing?","WpItem","WpItem.html#method-i-directory_listing-3F","()","
Is directory listing enabled?\n"],["enumerate","WpEnumerator","WpEnumerator.html#method-c-enumerate","(options = {}, items = nil)","
Enumerate the given Targets\n
Attributes\n
targets- targets to enumerate\n"],["enumerate_all_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_all_plugins-3D","(enumerate_all_plugins)",""],["enumerate_all_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_all_themes-3D","(enumerate_all_themes)",""],["enumerate_only_vulnerable_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_only_vulnerable_plugins-3D","(enumerate_only_vulnerable_plugins)",""],["enumerate_only_vulnerable_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_only_vulnerable_themes-3D","(enumerate_only_vulnerable_themes)",""],["enumerate_options_from_string","WpscanOptions","WpscanOptions.html#method-i-enumerate_options_from_string","(value)","Will set enumerate_* from the string value IE : if value = vp =>\n:enumerate_only_vulnerable_plugins …\n"],["enumerate_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_plugins-3D","(enumerate_plugins)",""],["enumerate_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_themes-3D","(enumerate_themes)",""],["eql?","WpUser","WpUser.html#method-i-eql-3F","(item)",""],["error_404_hash","WpTarget","WpTarget.html#method-i-error_404_hash","()","
Return the MD5 hash of a 404 page\n"],["error_log?","WpPlugin","WpPlugin.html#method-i-error_log-3F","()","
Discover any error_log files created by WordPress These are created by the\nWordPress error_log() function …\n"],["error_log_url","WpPlugin","WpPlugin.html#method-i-error_log_url","()",""],["escape","URI","URI.html#method-c-escape","(str)",""],["exploit","Exploit","Exploit.html#method-i-exploit","(msf_module, payload)","
exploit\n"],["exploit","RpcClient","RpcClient.html#method-i-exploit","(name, opts)","
execute exploit\n"],["exploit_info","Exploit","Exploit.html#method-i-exploit_info","(msf_module,payload)","
output our exploit data\n"],["extract_name_from_url","WpItem","WpItem.html#method-i-extract_name_from_url","()","
Extract item name from a url\n"],["extract_nickname_from_body","WpUsernames","WpUsernames.html#method-i-extract_nickname_from_body","(body)",""],["find","WpTheme","WpTheme.html#method-c-find","(target_uri)",""],["find","WpVersion","WpVersion.html#method-c-find","(target_uri, wp_content_dir)","
Will use all method self.find_from_* to try to detect the version Once the\nversion is found, it will …\n"],["find_from_advanced_fingerprinting","WpVersion","WpVersion.html#method-c-find_from_advanced_fingerprinting","(options)","
Uses data/wp_versions.xml to try to identify a wordpress version.\n
It does this by using client side file …\n"],["find_from_atom_generator","WpVersion","WpVersion.html#method-c-find_from_atom_generator","(options)","
Attempts to find the WordPress version from, the generator tag in the Atom\nsource.\n"],["find_from_css_link","WpTheme","WpTheme.html#method-c-find_from_css_link","(target_uri)","
Discover the wordpress theme name by parsing the css link rel\n"],["find_from_links_opml","WpVersion","WpVersion.html#method-c-find_from_links_opml","(options)","
Attempts to find the WordPress version from the p-links-opml.php file.\n"],["find_from_meta_generator","WpVersion","WpVersion.html#method-c-find_from_meta_generator","(options)","
Attempts to find the wordpress version from, the generator meta tag in the\nhtml source.\n
The meta tag can …\n"],["find_from_rdf_generator","WpVersion","WpVersion.html#method-c-find_from_rdf_generator","(options)","
Attempts to find WordPress version from, the generator tag in the RDF feed\nsource.\n"],["find_from_readme","WpVersion","WpVersion.html#method-c-find_from_readme","(options)","
Attempts to find the WordPress version from the readme.html file.\n"],["find_from_rss_generator","WpVersion","WpVersion.html#method-c-find_from_rss_generator","(options)","
Attempts to find the WordPress version from, the generator tag in the RSS\nfeed source.\n"],["find_from_sitemap_generator","WpVersion","WpVersion.html#method-c-find_from_sitemap_generator","(options)","
Attempts to find the WordPress version from the sitemap.xml file.\n
See: code.google.com/p/wpscan/issues/detail?id=109 …\n"],["find_from_wooframework","WpTheme","WpTheme.html#method-c-find_from_wooframework","(target_uri)","
code.google.com/p/wpscan/issues/detail?id=141\n"],["forge_request","Browser","Browser.html#method-i-forge_request","(url, params = {})",""],["full_path_disclosure_url","WpFullPathDisclosure","WpFullPathDisclosure.html#method-i-full_path_disclosure_url","()",""],["generate_full_list","Generate_List","Generate_List.html#method-i-generate_full_list","()",""],["generate_items","WpEnumerator","WpEnumerator.html#method-c-generate_items","(options = {})",""],["generate_popular_list","Generate_List","Generate_List.html#method-i-generate_popular_list","(pages)",""],["get","Browser","Browser.html#method-i-get","(url, params = {})",""],["get_entry_file_path","CacheFileStore","CacheFileStore.html#method-i-get_entry_file_path","(key)",""],["get_equal_string_end","Object","Object.html#method-i-get_equal_string_end","(stringarray = [\"\"])","
Gets the string all elements in stringarray ends with\n"],["get_exploit_info","RpcClient","RpcClient.html#method-i-get_exploit_info","(name)","
retrieve information about the exploit\n"],["get_full_url","WpItem","WpItem.html#method-i-get_full_url","()","
Get the full url for this item\n"],["get_nickname_from_response","WpUsernames","WpUsernames.html#method-i-get_nickname_from_response","(resp)",""],["get_nickname_from_url","WpUsernames","WpUsernames.html#method-i-get_nickname_from_url","(url)",""],["get_opt_long","WpscanOptions","WpscanOptions.html#method-c-get_opt_long","()","
Even if a short option is given (IE : -u), the long one will be returned\n(IE : –url)\n"],["get_options","RpcClient","RpcClient.html#method-i-get_options","(name)","
retrieve exploit options\n"],["get_payloads","RpcClient","RpcClient.html#method-i-get_payloads","(name)","
retrieve the exploit payloads\n"],["get_popular_items","Generate_List","Generate_List.html#method-i-get_popular_items","(pages)","
Send a HTTP request to the WordPress most popular theme or plugin webpage\nparse the response for the …\n"],["get_sub_folder","WpItem","WpItem.html#method-i-get_sub_folder","()",""],["get_updater","UpdaterFactory","UpdaterFactory.html#method-c-get_updater","(repo_directory)",""],["get_url_without_filename","WpItem","WpItem.html#method-i-get_url_without_filename","()","
Gets the full url for this item without filenames\n"],["green","Object","Object.html#method-i-green","(text)",""],["grep","Array","Array.html#method-i-grep","(regexp)",""],["has_better_wp_security_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_better_wp_security_protection-3F","()","
wordpress.org/extend/plugins/better-wp-security/\n"],["has_bluetrait_event_viewer_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_bluetrait_event_viewer_protection-3F","()","
wordpress.org/extend/plugins/bluetrait-event-viewer/\n"],["has_changelog?","WpItem","WpItem.html#method-i-has_changelog-3F","()","
changelog.txt present?\n"],["has_debug_log?","WpTarget","WpTarget.html#method-i-has_debug_log-3F","()",""],["has_full_path_disclosure?","WpFullPathDisclosure","WpFullPathDisclosure.html#method-i-has_full_path_disclosure-3F","()","
Check for Full Path Disclosure (FPD)\n"],["has_limit_login_attempts_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_limit_login_attempts_protection-3F","()","
wordpress.org/extend/plugins/limit-login-attempts/\n"],["has_login_lock_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_lock_protection-3F","()","
wordpress.org/extend/plugins/login-lock/\n"],["has_login_lockdown_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_lockdown_protection-3F","()","
Thanks to Alip Aswalid for providing this method.\nwordpress.org/extend/plugins/login-lockdown/\n"],["has_login_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_protection-3F","()",""],["has_login_security_solution_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_security_solution_protection-3F","()","
wordpress.org/extend/plugins/login-security-solution/\n"],["has_malwares?","Malwares","Malwares.html#method-i-has_malwares-3F","(malwares_file_path = nil)",""],["has_options?","WpscanOptions","WpscanOptions.html#method-i-has_options-3F","()",""],["has_readme?","WpItem","WpItem.html#method-i-has_readme-3F","()","
readme.txt present?\n"],["has_readme?","WpReadme","WpReadme.html#method-i-has_readme-3F","()","
Checks to see if the readme.html file exists\n
This file comes by default in a wordpress installation, and …\n"],["has_simple_login_lockdown_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_simple_login_lockdown_protection-3F","()","
wordpress.org/extend/plugins/simple-login-lockdown/\n"],["has_timthumbs?","WpTimthumbs","WpTimthumbs.html#method-i-has_timthumbs-3F","(theme_name, options = {})",""],["help","Object","Object.html#method-i-help","()","
command help\n"],["id","WpUser","WpUser.html#method-i-id","()",""],["id=","WpUser","WpUser.html#method-i-id-3D","(new_id)",""],["instance","Browser","Browser.html#method-c-instance","(options = {})",""],["is_installed?","GitUpdater","GitUpdater.html#method-i-is_installed-3F","()",""],["is_installed?","SvnUpdater","SvnUpdater.html#method-i-is_installed-3F","()",""],["is_installed?","Updater","Updater.html#method-i-is_installed-3F","()",""],["is_long_option?","WpscanOptions","WpscanOptions.html#method-c-is_long_option-3F","(option)",""],["is_multisite?","WpTarget","WpTarget.html#method-i-is_multisite-3F","()",""],["is_online?","WebSite","WebSite.html#method-i-is_online-3F","()","
Checks if the remote website is up.\n"],["is_wordpress?","WebSite","WebSite.html#method-i-is_wordpress-3F","()","
check if the remote website is actually running wordpress.\n"],["job_id","Exploit","Exploit.html#method-i-job_id","()","
not sure if this is needed?! not used.\n"],["jobs","RpcClient","RpcClient.html#method-i-jobs","()","
list msf jobs\n"],["kill_session","Exploit","Exploit.html#method-i-kill_session","(id)","
kill a session by session id\n"],["kill_session","RpcClient","RpcClient.html#method-i-kill_session","(id)","
kill msf session\n"],["last_session_id","Exploit","Exploit.html#method-i-last_session_id","()","
the last active session id created\n"],["limit_login_attempts_url","WpLoginProtection","WpLoginProtection.html#method-i-limit_login_attempts_url","()",""],["lines_in_file","BruteForce","BruteForce.html#method-c-lines_in_file","(file_path)","
Counts the number of lines in the wordlist It can take a couple of minutes\non large wordlists, although …\n"],["load_config","Browser","Browser.html#method-i-load_config","(config_file = nil)","
TODO reload hydra (if the .load_config is called on a browser object, hydra\nwill not have the new @max_threads …\n"],["load_from_arguments","WpscanOptions","WpscanOptions.html#method-c-load_from_arguments","()","
Will load the options from ARGV return WpscanOptions\n"],["local_revision_number","GitUpdater","GitUpdater.html#method-i-local_revision_number","()","
Git has not a revsion number like SVN, so we will take the 7 first chars of\nthe last commit hash\n"],["local_revision_number","SvnUpdater","SvnUpdater.html#method-i-local_revision_number","()",""],["local_revision_number","Updater","Updater.html#method-i-local_revision_number","()",""],["login","RpcClient","RpcClient.html#method-i-login","()","
login to msfrpcd\n"],["login_protection_plugin","WpLoginProtection","WpLoginProtection.html#method-i-login_protection_plugin","()","
Checks if a login protection plugin is enabled\ncode.google.com/p/wpscan/issues/detail?id=111 return a …\n"],["login_security_solution_url","WpLoginProtection","WpLoginProtection.html#method-i-login_security_solution_url","()",""],["login_url","WpTarget","WpTarget.html#method-i-login_url","()",""],["malware_pattern","Malwares","Malwares.html#method-c-malware_pattern","(url_regex)",""],["malwares","Malwares","Malwares.html#method-i-malwares","(malwares_file_path = nil)","
return array of string (url of malwares found)\n"],["malwares_file","Malwares","Malwares.html#method-c-malwares_file","(malwares_file_path)",""],["max_threads=","Browser","Browser.html#method-i-max_threads-3D","(max_threads)",""],["merge_request_params","Browser","Browser.html#method-i-merge_request_params","(params = {})",""],["meterpreter_read","Exploit","Exploit.html#method-i-meterpreter_read","(id)","
read data from a meterpreter session data must be base64 decoded.\n"],["meterpreter_read","RpcClient","RpcClient.html#method-i-meterpreter_read","(id)",""],["meterpreter_write","Exploit","Exploit.html#method-i-meterpreter_write","(id, data)","
write data to a meterpreter session data must be base64 encoded.\n"],["meterpreter_write","RpcClient","RpcClient.html#method-i-meterpreter_write","(id, data)",""],["name","WpUser","WpUser.html#method-i-name","()",""],["name=","WpUser","WpUser.html#method-i-name-3D","(new_name)",""],["new","CacheFileStore","CacheFileStore.html#method-c-new","(storage_path, serializer = Marshal)","
The serializer must have the 2 methods .load and .dump (Marshal and YAML\nhave them) YAML is Human Readable …\n"],["new","Exploit","Exploit.html#method-c-new","(wp_url, type, uri, postdata, use_proxy, proxy_addr, proxy_port)",""],["new","Generate_List","Generate_List.html#method-c-new","(type, verbose)","
type = themes | plugins\n"],["new","RpcClient","RpcClient.html#method-c-new","()",""],["new","Svn_Parser","Svn_Parser.html#method-c-new","(svn_root, verbose, keep_empty_dirs = false)",""],["new","Updater","Updater.html#method-c-new","(repo_directory = nil)","
TODO : add a last ‘/ to repo_directory if it’s not present\n"],["new","WpItem","WpItem.html#method-c-new","(options)",""],["new","WpPlugin","WpPlugin.html#method-c-new","(options = {})",""],["new","WpTarget","WpTarget.html#method-c-new","(target_url, options = {})",""],["new","WpTheme","WpTheme.html#method-c-new","(options = {})",""],["new","WpUser","WpUser.html#method-c-new","(name, id, nickname)",""],["new","WpVersion","WpVersion.html#method-c-new","(number, options = {})",""],["new","WpVulnerability","WpVulnerability.html#method-c-new","(title, reference, type)",""],["new","WpscanOptions","WpscanOptions.html#method-c-new","()",""],["nickname","WpUser","WpUser.html#method-i-nickname","()",""],["nickname=","WpUser","WpUser.html#method-i-nickname-3D","(new_nickname)",""],["option_to_instance_variable_setter","WpscanOptions","WpscanOptions.html#method-c-option_to_instance_variable_setter","(option)",""],["parse","Svn_Parser","Svn_Parser.html#method-i-parse","(dirs=nil)",""],["passive_detection","WpDetector","WpDetector.html#method-c-passive_detection","(url, type, wp_content_dir)","
plugins and themes can be found in the source code :\n\n
<script src='http://example.com/wp-content/plugins/s2member/...' ...\n"],["plugins_from_aggressive_detection","WpPlugins","WpPlugins.html#method-i-plugins_from_aggressive_detection","(options)","Enumerate installed plugins.\n
return array of WpPlugin\n"],["plugins_from_passive_detection","WpPlugins","WpPlugins.html#method-i-plugins_from_passive_detection","(options)","
code.google.com/p/wpscan/issues/detail?id=42 plugins can be found in the\nsource code :\n\n
<script src='http://example.com/wp-content/plugins/s2member/...' ...\n"],["post","Browser","Browser.html#method-i-post","(url, params = {})",""],["proxy=","WpscanOptions","WpscanOptions.html#method-i-proxy-3D","(proxy)",""],["proxy_auth=","Browser","Browser.html#method-i-proxy_auth-3D","(auth)",""],["proxy_auth=","WpscanOptions","WpscanOptions.html#method-i-proxy_auth-3D","(auth)",""],["raise_invalid_proxy_format","Browser","Browser.html#method-i-raise_invalid_proxy_format","()",""],["raise_must_be_implemented","Updater","Updater.html#method-i-raise_must_be_implemented","()",""],["read_entry","CacheFileStore","CacheFileStore.html#method-i-read_entry","(key)",""],["read_shell","Exploit","Exploit.html#method-i-read_shell","(id)","read data from a shell, meterpreter is not classed as a shell.\n"],["read_shell","RpcClient","RpcClient.html#method-i-read_shell","(id)","
reads any pending output from session\n"],["readme_url","WpItem","WpItem.html#method-i-readme_url","()","
Url for readme.txt\n"],["readme_url","WpReadme","WpReadme.html#method-i-readme_url","()",""],["red","Object","Object.html#method-i-red","(text)",""],["redirection","WebSite","WebSite.html#method-i-redirection","(url = nil)","
see if the remote url returns 30x redirect return a string with the\nredirection or nil\n"],["registration_enabled?","WpTarget","WpTarget.html#method-i-registration_enabled-3F","()","
Should check wp-login.php if registration is enabled or not\n"],["registration_url","WpTarget","WpTarget.html#method-i-registration_url","()",""],["remove_junk_from_nickname","WpUsernames","WpUsernames.html#method-i-remove_junk_from_nickname","(usernames)",""],["repo_directory_arguments","GitUpdater","GitUpdater.html#method-i-repo_directory_arguments","()",""],["require_files_from_directory","Object","Object.html#method-i-require_files_from_directory","(absolute_dir_path, files_pattern = \"*.rb\")","
TODO : add an exclude pattern ?\n"],["reset","Browser","Browser.html#method-c-reset","()",""],["save","Generate_List","Generate_List.html#method-i-save","(items)","
Save the file\n"],["search_replace_db_2_exists?","WpTarget","WpTarget.html#method-i-search_replace_db_2_exists-3F","()",""],["search_replace_db_2_url","WpTarget","WpTarget.html#method-i-search_replace_db_2_url","()","
Script for replacing strings in wordpress databases reveals databse\ncredentials after hitting submit …\n"],["session_count","Exploit","Exploit.html#method-i-session_count","()","
a count of the amount of active sessions\n"],["sessions","Exploit","Exploit.html#method-i-sessions","()","
all sessions and related session data\n"],["sessions","RpcClient","RpcClient.html#method-i-sessions","()","
list msf sessions\n"],["set_file_name","Generate_List","Generate_List.html#method-i-set_file_name","(type)",""],["set_option_from_cli","WpscanOptions","WpscanOptions.html#method-i-set_option_from_cli","(cli_option, cli_value)","
string cli_option : –url, -u, –proxy etc string cli_value : the option\nvalue\n"],["simple_login_lockdown_url","WpLoginProtection","WpLoginProtection.html#method-i-simple_login_lockdown_url","()",""],["start","Exploit","Exploit.html#method-i-start","()","
figure out what to exploit\n"],["targets_url_from_theme","WpTimthumbs","WpTimthumbs.html#method-i-targets_url_from_theme","(theme_name, options)",""],["theme","WpTarget","WpTarget.html#method-i-theme","()","
return WpTheme\n"],["themes_from_aggressive_detection","WpThemes","WpThemes.html#method-i-themes_from_aggressive_detection","(options)",""],["themes_from_passive_detection","WpThemes","WpThemes.html#method-i-themes_from_passive_detection","(options)",""],["threads=","WpscanOptions","WpscanOptions.html#method-i-threads-3D","(threads)",""],["timthumbs","WpTimthumbs","WpTimthumbs.html#method-i-timthumbs","(theme_name = nil, options = {})",""],["to_h","WpscanOptions","WpscanOptions.html#method-i-to_h","()","
return Hash\n"],["to_s","WpItem","WpItem.html#method-i-to_s","()","
To string. Adds a version number if detected\n"],["update","GitUpdater","GitUpdater.html#method-i-update","()",""],["update","SvnUpdater","SvnUpdater.html#method-i-update","()",""],["update","Updater","Updater.html#method-i-update","()",""],["url","WpTarget","WpTarget.html#method-i-url","()","
Alias of @uri.to_s\n"],["url=","WpscanOptions","WpscanOptions.html#method-i-url-3D","(url)",""],["usage","Object","Object.html#method-i-usage","()","
wpscan usage\n"],["user_agent","Browser","Browser.html#method-i-user_agent","()","
return the user agent, according to the user_agent_mode\n"],["user_agent_mode=","Browser","Browser.html#method-i-user_agent_mode-3D","(ua_mode)",""],["usernames","WpUsernames","WpUsernames.html#method-i-usernames","(options = {})","
Enumerate wordpress usernames by using Veronica Valeros’s technique:\nseclists.org/fulldisclosure/2011/May/493 …\n"],["valid_response_codes","WpTarget","WpTarget.html#method-c-valid_response_codes","()","
Valid HTTP return codes\n"],["version","WpItem","WpItem.html#method-i-version","()","
Returns version number from readme.txt if it exists\n"],["version","WpTarget","WpTarget.html#method-i-version","()","
return WpVersion\n"],["version_pattern","WpVersion","WpVersion.html#method-c-version_pattern","()","
Used to check if the version is correct: must contain at least one dot.\n"],["vulnerabilities","Vulnerable","Vulnerable.html#method-i-vulnerabilities","()","
@return an array of WpVulnerability (can be empty)\n"],["wordlist=","WpscanOptions","WpscanOptions.html#method-i-wordlist-3D","(wordlist)",""],["wp_content_dir","WpTarget","WpTarget.html#method-i-wp_content_dir","()",""],["wp_plugins_dir","WpTarget","WpTarget.html#method-i-wp_plugins_dir","()",""],["wp_plugins_dir_exists?","WpTarget","WpTarget.html#method-i-wp_plugins_dir_exists-3F","()",""],["write_entry","CacheFileStore","CacheFileStore.html#method-i-write_entry","(key, data_to_store, cache_timeout)",""],["write_shell","Exploit","Exploit.html#method-i-write_shell","(id, data)","
write data to a shell, meterpreter is not classed as a shell.\n"],["write_shell","RpcClient","RpcClient.html#method-i-write_shell","(id, data)","
writes the specified input into the session\n"],["xmlrpc_url","WebSite","WebSite.html#method-i-xmlrpc_url","()",""],["CREDITS","","CREDITS.html","","
*CREDITS*\n
This file is to give credit to WPScan’s contributors. If you feel your name\nshould be in here, …\n"],["Gemfile","","Gemfile.html","","
source “rubygems.org”\n
gem “typhoeus”, “0.4.2” gem “rspec”, :require …\n"],["README","","README.html","","
__\n\n
__ _______ _____\n\\ \\ / / __ \\ / ____|\n \\ \\ /\\ / /| |__) | (___ ___ __ _ _ __ ...\n"]]}} \ No newline at end of file +var search_data = {"index":{"searchIndex":["array","browser","bruteforce","cachefilestore","exploit","generate_list","gitupdater","malwares","object","rpcclient","svnupdater","svn_parser","uri","updater","updaterfactory","vulnerable","website","wpconfigbackup","wpdetector","wpenumerator","wpfullpathdisclosure","wpitem","wploginprotection","wpoptions","wpplugin","wpplugins","wpreadme","wptarget","wptheme","wpthemes","wptimthumbs","wpuser","wpusernames","wpversion","wpvulnerability","wpscanoptions","<=>()","<=>()","==()","===()","===()","===()","_grep_()","add_http_protocol()","add_trailing_slash()","aggressive_detection()","authenticate()","author_url()","available_updaters_classes()","banner()","basic_auth=()","better_wp_security_url()","bluetrait_event_viewer_url()","brute_force()","changelog_url()","check_options()","choose_session()","clean()","clean_option()","colorize()","config_backup()","config_backup_files()","debug_log_url()","directory_listing?()","enumerate()","enumerate_all_plugins=()","enumerate_all_themes=()","enumerate_only_vulnerable_plugins=()","enumerate_only_vulnerable_themes=()","enumerate_options_from_string()","enumerate_plugins=()","enumerate_themes=()","eql?()","error_404_hash()","error_log?()","error_log_url()","escape()","exploit()","exploit()","exploit_info()","extract_name_from_url()","extract_nickname_from_body()","find()","find()","find_from_advanced_fingerprinting()","find_from_atom_generator()","find_from_css_link()","find_from_links_opml()","find_from_meta_generator()","find_from_rdf_generator()","find_from_readme()","find_from_rss_generator()","find_from_sitemap_generator()","find_from_wooframework()","forge_request()","full_path_disclosure_url()","generate_full_list()","generate_items()","generate_popular_list()","get()","get_entry_file_path()","get_equal_string_end()","get_exploit_info()","get_full_url()","get_nickname_from_response()","get_nickname_from_url()","get_opt_long()","get_options()","get_payloads()","get_popular_items()","get_sub_folder()","get_updater()","get_url_without_filename()","green()","grep()","has_basic_auth?()","has_better_wp_security_protection?()","has_bluetrait_event_viewer_protection?()","has_changelog?()","has_debug_log?()","has_full_path_disclosure?()","has_limit_login_attempts_protection?()","has_login_lock_protection?()","has_login_lockdown_protection?()","has_login_protection?()","has_login_security_solution_protection?()","has_malwares?()","has_options?()","has_readme?()","has_readme?()","has_simple_login_lockdown_protection?()","has_timthumbs?()","has_xml_rpc?()","help()","id()","id=()","instance()","is_installed?()","is_installed?()","is_installed?()","is_long_option?()","is_multisite?()","is_online?()","is_wordpress?()","job_id()","jobs()","kill_session()","kill_session()","last_session_id()","limit_login_attempts_url()","lines_in_file()","load_config()","load_from_arguments()","local_revision_number()","local_revision_number()","local_revision_number()","login()","login_protection_plugin()","login_security_solution_url()","login_url()","malware_pattern()","malwares()","malwares_file()","max_threads=()","merge_request_params()","meterpreter_read()","meterpreter_read()","meterpreter_write()","meterpreter_write()","name()","name=()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","new()","nickname()","nickname=()","option_to_instance_variable_setter()","parse()","passive_detection()","plugins_from_aggressive_detection()","plugins_from_passive_detection()","post()","proxy=()","proxy_auth=()","proxy_auth=()","raise_invalid_proxy_format()","raise_must_be_implemented()","read_entry()","read_shell()","read_shell()","readme_url()","readme_url()","red()","redirection()","registration_enabled?()","registration_url()","remove_junk_from_nickname()","repo_directory_arguments()","require_files_from_directory()","reset()","save()","search_replace_db_2_exists?()","search_replace_db_2_url()","session_count()","sessions()","sessions()","set_file_name()","set_option_from_cli()","simple_login_lockdown_url()","start()","targets_url_from_theme()","theme()","themes_from_aggressive_detection()","themes_from_passive_detection()","threads=()","timthumbs()","to_h()","to_s()","update()","update()","update()","url()","url=()","usage()","user_agent()","user_agent_mode=()","usernames()","valid_response_codes()","version()","version()","version_pattern()","vulnerabilities()","wordlist=()","wp_content_dir()","wp_plugins_dir()","wp_plugins_dir_exists?()","write_entry()","write_shell()","write_shell()","xml_rpc_url()","credits","gemfile","readme"],"longSearchIndex":["array","browser","bruteforce","cachefilestore","exploit","generate_list","gitupdater","malwares","object","rpcclient","svnupdater","svn_parser","uri","updater","updaterfactory","vulnerable","website","wpconfigbackup","wpdetector","wpenumerator","wpfullpathdisclosure","wpitem","wploginprotection","wpoptions","wpplugin","wpplugins","wpreadme","wptarget","wptheme","wpthemes","wptimthumbs","wpuser","wpusernames","wpversion","wpvulnerability","wpscanoptions","wpitem#<=>()","wpuser#<=>()","wpitem#==()","wpitem#===()","wptheme#===()","wpuser#===()","array#_grep_()","object#add_http_protocol()","object#add_trailing_slash()","wpdetector::aggressive_detection()","rpcclient#authenticate()","wpusernames#author_url()","updaterfactory::available_updaters_classes()","object#banner()","wpscanoptions#basic_auth=()","wploginprotection#better_wp_security_url()","wploginprotection#bluetrait_event_viewer_url()","bruteforce#brute_force()","wpitem#changelog_url()","wpoptions::check_options()","exploit#choose_session()","cachefilestore#clean()","wpscanoptions::clean_option()","object#colorize()","wpconfigbackup#config_backup()","wpconfigbackup::config_backup_files()","wptarget#debug_log_url()","wpitem#directory_listing?()","wpenumerator::enumerate()","wpscanoptions#enumerate_all_plugins=()","wpscanoptions#enumerate_all_themes=()","wpscanoptions#enumerate_only_vulnerable_plugins=()","wpscanoptions#enumerate_only_vulnerable_themes=()","wpscanoptions#enumerate_options_from_string()","wpscanoptions#enumerate_plugins=()","wpscanoptions#enumerate_themes=()","wpuser#eql?()","wptarget#error_404_hash()","wpplugin#error_log?()","wpplugin#error_log_url()","uri::escape()","exploit#exploit()","rpcclient#exploit()","exploit#exploit_info()","wpitem#extract_name_from_url()","wpusernames#extract_nickname_from_body()","wptheme::find()","wpversion::find()","wpversion::find_from_advanced_fingerprinting()","wpversion::find_from_atom_generator()","wptheme::find_from_css_link()","wpversion::find_from_links_opml()","wpversion::find_from_meta_generator()","wpversion::find_from_rdf_generator()","wpversion::find_from_readme()","wpversion::find_from_rss_generator()","wpversion::find_from_sitemap_generator()","wptheme::find_from_wooframework()","browser#forge_request()","wpfullpathdisclosure#full_path_disclosure_url()","generate_list#generate_full_list()","wpenumerator::generate_items()","generate_list#generate_popular_list()","browser#get()","cachefilestore#get_entry_file_path()","object#get_equal_string_end()","rpcclient#get_exploit_info()","wpitem#get_full_url()","wpusernames#get_nickname_from_response()","wpusernames#get_nickname_from_url()","wpscanoptions::get_opt_long()","rpcclient#get_options()","rpcclient#get_payloads()","generate_list#get_popular_items()","wpitem#get_sub_folder()","updaterfactory::get_updater()","wpitem#get_url_without_filename()","object#green()","array#grep()","website#has_basic_auth?()","wploginprotection#has_better_wp_security_protection?()","wploginprotection#has_bluetrait_event_viewer_protection?()","wpitem#has_changelog?()","wptarget#has_debug_log?()","wpfullpathdisclosure#has_full_path_disclosure?()","wploginprotection#has_limit_login_attempts_protection?()","wploginprotection#has_login_lock_protection?()","wploginprotection#has_login_lockdown_protection?()","wploginprotection#has_login_protection?()","wploginprotection#has_login_security_solution_protection?()","malwares#has_malwares?()","wpscanoptions#has_options?()","wpitem#has_readme?()","wpreadme#has_readme?()","wploginprotection#has_simple_login_lockdown_protection?()","wptimthumbs#has_timthumbs?()","website#has_xml_rpc?()","object#help()","wpuser#id()","wpuser#id=()","browser::instance()","gitupdater#is_installed?()","svnupdater#is_installed?()","updater#is_installed?()","wpscanoptions::is_long_option?()","wptarget#is_multisite?()","website#is_online?()","website#is_wordpress?()","exploit#job_id()","rpcclient#jobs()","exploit#kill_session()","rpcclient#kill_session()","exploit#last_session_id()","wploginprotection#limit_login_attempts_url()","bruteforce::lines_in_file()","browser#load_config()","wpscanoptions::load_from_arguments()","gitupdater#local_revision_number()","svnupdater#local_revision_number()","updater#local_revision_number()","rpcclient#login()","wploginprotection#login_protection_plugin()","wploginprotection#login_security_solution_url()","wptarget#login_url()","malwares::malware_pattern()","malwares#malwares()","malwares::malwares_file()","browser#max_threads=()","browser#merge_request_params()","exploit#meterpreter_read()","rpcclient#meterpreter_read()","exploit#meterpreter_write()","rpcclient#meterpreter_write()","wpuser#name()","wpuser#name=()","cachefilestore::new()","exploit::new()","generate_list::new()","rpcclient::new()","svn_parser::new()","updater::new()","wpitem::new()","wpplugin::new()","wptarget::new()","wptheme::new()","wpuser::new()","wpversion::new()","wpvulnerability::new()","wpscanoptions::new()","wpuser#nickname()","wpuser#nickname=()","wpscanoptions::option_to_instance_variable_setter()","svn_parser#parse()","wpdetector::passive_detection()","wpplugins#plugins_from_aggressive_detection()","wpplugins#plugins_from_passive_detection()","browser#post()","wpscanoptions#proxy=()","browser#proxy_auth=()","wpscanoptions#proxy_auth=()","browser#raise_invalid_proxy_format()","updater#raise_must_be_implemented()","cachefilestore#read_entry()","exploit#read_shell()","rpcclient#read_shell()","wpitem#readme_url()","wpreadme#readme_url()","object#red()","website#redirection()","wptarget#registration_enabled?()","wptarget#registration_url()","wpusernames#remove_junk_from_nickname()","gitupdater#repo_directory_arguments()","object#require_files_from_directory()","browser::reset()","generate_list#save()","wptarget#search_replace_db_2_exists?()","wptarget#search_replace_db_2_url()","exploit#session_count()","exploit#sessions()","rpcclient#sessions()","generate_list#set_file_name()","wpscanoptions#set_option_from_cli()","wploginprotection#simple_login_lockdown_url()","exploit#start()","wptimthumbs#targets_url_from_theme()","wptarget#theme()","wpthemes#themes_from_aggressive_detection()","wpthemes#themes_from_passive_detection()","wpscanoptions#threads=()","wptimthumbs#timthumbs()","wpscanoptions#to_h()","wpitem#to_s()","gitupdater#update()","svnupdater#update()","updater#update()","wptarget#url()","wpscanoptions#url=()","object#usage()","browser#user_agent()","browser#user_agent_mode=()","wpusernames#usernames()","wptarget::valid_response_codes()","wpitem#version()","wptarget#version()","wpversion::version_pattern()","vulnerable#vulnerabilities()","wpscanoptions#wordlist=()","wptarget#wp_content_dir()","wptarget#wp_plugins_dir()","wptarget#wp_plugins_dir_exists?()","cachefilestore#write_entry()","exploit#write_shell()","rpcclient#write_shell()","website#xml_rpc_url()","","",""],"info":[["Array","","Array.html","",""],["Browser","","Browser.html","",""],["BruteForce","","BruteForce.html","",""],["CacheFileStore","","CacheFileStore.html","",""],["Exploit","","Exploit.html","","This library should contain all methods for exploitation.\n"],["Generate_List","","Generate_List.html","","
This tool generates a list to use for plugin and theme enumeration\n"],["GitUpdater","","GitUpdater.html","",""],["Malwares","","Malwares.html","",""],["Object","","Object.html","",""],["RpcClient","","RpcClient.html","","
This library should contain all methods to communicate with msfrpc. See\nframework/documentation/msfrpc.txt …\n"],["SvnUpdater","","SvnUpdater.html","",""],["Svn_Parser","","Svn_Parser.html","","
This Class Parses SVN Repositories via HTTP\n"],["URI","","URI.html","",""],["Updater","","Updater.html","","
This class act as an absract one\n"],["UpdaterFactory","","UpdaterFactory.html","",""],["Vulnerable","","Vulnerable.html","",""],["WebSite","","WebSite.html","",""],["WpConfigBackup","","WpConfigBackup.html","",""],["WpDetector","","WpDetector.html","",""],["WpEnumerator","","WpEnumerator.html","","
Enumerate over a given set of items and check if they exist\n"],["WpFullPathDisclosure","","WpFullPathDisclosure.html","",""],["WpItem","","WpItem.html","",""],["WpLoginProtection","","WpLoginProtection.html","",""],["WpOptions","","WpOptions.html","","
Options Hash\n
Options\n
url- The base URL of the WordPress site\n"],["WpPlugin","","WpPlugin.html","",""],["WpPlugins","","WpPlugins.html","",""],["WpReadme","","WpReadme.html","",""],["WpTarget","","WpTarget.html","",""],["WpTheme","","WpTheme.html","",""],["WpThemes","","WpThemes.html","",""],["WpTimthumbs","","WpTimthumbs.html","",""],["WpUser","","WpUser.html","",""],["WpUsernames","","WpUsernames.html","",""],["WpVersion","","WpVersion.html","",""],["WpVulnerability","","WpVulnerability.html","",""],["WpscanOptions","","WpscanOptions.html","",""],["<=>","WpItem","WpItem.html#method-i-3C-3D-3E","(other)","Compare\n"],["<=>","WpUser","WpUser.html#method-i-3C-3D-3E","(item)",""],["==","WpItem","WpItem.html#method-i-3D-3D","(other)","
Compare\n"],["===","WpItem","WpItem.html#method-i-3D-3D-3D","(other)","
Compare\n"],["===","WpTheme","WpTheme.html#method-i-3D-3D-3D","(wp_theme)",""],["===","WpUser","WpUser.html#method-i-3D-3D-3D","(item)",""],["_grep_","Array","Array.html#method-i-_grep_","(regexp)","
Fix for grep with symbols in ruby <= 1.8.7\n"],["add_http_protocol","Object","Object.html#method-i-add_http_protocol","(url)","
Add protocol\n"],["add_trailing_slash","Object","Object.html#method-i-add_trailing_slash","(url)",""],["aggressive_detection","WpDetector","WpDetector.html#method-c-aggressive_detection","(options, items = [])",""],["authenticate","RpcClient","RpcClient.html#method-i-authenticate","()","
check authentication\n"],["author_url","WpUsernames","WpUsernames.html#method-i-author_url","(author_id)",""],["available_updaters_classes","UpdaterFactory","UpdaterFactory.html#method-c-available_updaters_classes","()","
return array of class symbols\n"],["banner","Object","Object.html#method-i-banner","()","
our 1337 banner\n"],["basic_auth=","WpscanOptions","WpscanOptions.html#method-i-basic_auth-3D","(basic_auth)",""],["better_wp_security_url","WpLoginProtection","WpLoginProtection.html#method-i-better_wp_security_url","()",""],["bluetrait_event_viewer_url","WpLoginProtection","WpLoginProtection.html#method-i-bluetrait_event_viewer_url","()",""],["brute_force","BruteForce","BruteForce.html#method-i-brute_force","(logins, wordlist_path)","
param array of string logins param string wordlist_path\n"],["changelog_url","WpItem","WpItem.html#method-i-changelog_url","()","
Url for changelog.txt\n"],["check_options","WpOptions","WpOptions.html#method-c-check_options","(options)",""],["choose_session","Exploit","Exploit.html#method-i-choose_session","()","
if there is more than 1 session, allow the user to choose one.\n"],["clean","CacheFileStore","CacheFileStore.html#method-i-clean","()",""],["clean_option","WpscanOptions","WpscanOptions.html#method-c-clean_option","(option)","
Will removed the ‘-’ or ‘–’ chars at the beginning of option and replace\nany remaining ‘-’ by ‘_’\n
param …\n"],["colorize","Object","Object.html#method-i-colorize","(text, color_code)",""],["config_backup","WpConfigBackup","WpConfigBackup.html#method-i-config_backup","()","
Checks to see if wp-config.php has a backup See www.feross.org/cmsploit/\nreturn an array of backup config …\n"],["config_backup_files","WpConfigBackup","WpConfigBackup.html#method-c-config_backup_files","()","
@return Array\n"],["debug_log_url","WpTarget","WpTarget.html#method-i-debug_log_url","()",""],["directory_listing?","WpItem","WpItem.html#method-i-directory_listing-3F","()","
Is directory listing enabled?\n"],["enumerate","WpEnumerator","WpEnumerator.html#method-c-enumerate","(options = {}, items = nil)","
Enumerate the given Targets\n
Attributes\n
targets- targets to enumerate\n"],["enumerate_all_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_all_plugins-3D","(enumerate_all_plugins)",""],["enumerate_all_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_all_themes-3D","(enumerate_all_themes)",""],["enumerate_only_vulnerable_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_only_vulnerable_plugins-3D","(enumerate_only_vulnerable_plugins)",""],["enumerate_only_vulnerable_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_only_vulnerable_themes-3D","(enumerate_only_vulnerable_themes)",""],["enumerate_options_from_string","WpscanOptions","WpscanOptions.html#method-i-enumerate_options_from_string","(value)","Will set enumerate_* from the string value IE : if value = vp =>\n:enumerate_only_vulnerable_plugins …\n"],["enumerate_plugins=","WpscanOptions","WpscanOptions.html#method-i-enumerate_plugins-3D","(enumerate_plugins)",""],["enumerate_themes=","WpscanOptions","WpscanOptions.html#method-i-enumerate_themes-3D","(enumerate_themes)",""],["eql?","WpUser","WpUser.html#method-i-eql-3F","(item)",""],["error_404_hash","WpTarget","WpTarget.html#method-i-error_404_hash","()","
Return the MD5 hash of a 404 page\n"],["error_log?","WpPlugin","WpPlugin.html#method-i-error_log-3F","()","
Discover any error_log files created by WordPress These are created by the\nWordPress error_log() function …\n"],["error_log_url","WpPlugin","WpPlugin.html#method-i-error_log_url","()",""],["escape","URI","URI.html#method-c-escape","(str)",""],["exploit","Exploit","Exploit.html#method-i-exploit","(msf_module, payload)","
exploit\n"],["exploit","RpcClient","RpcClient.html#method-i-exploit","(name, opts)","
execute exploit\n"],["exploit_info","Exploit","Exploit.html#method-i-exploit_info","(msf_module,payload)","
output our exploit data\n"],["extract_name_from_url","WpItem","WpItem.html#method-i-extract_name_from_url","()","
Extract item name from a url\n"],["extract_nickname_from_body","WpUsernames","WpUsernames.html#method-i-extract_nickname_from_body","(body)",""],["find","WpTheme","WpTheme.html#method-c-find","(target_uri)",""],["find","WpVersion","WpVersion.html#method-c-find","(target_uri, wp_content_dir)","
Will use all method self.find_from_* to try to detect the version Once the\nversion is found, it will …\n"],["find_from_advanced_fingerprinting","WpVersion","WpVersion.html#method-c-find_from_advanced_fingerprinting","(options)","
Uses data/wp_versions.xml to try to identify a wordpress version.\n
It does this by using client side file …\n"],["find_from_atom_generator","WpVersion","WpVersion.html#method-c-find_from_atom_generator","(options)","
Attempts to find the WordPress version from, the generator tag in the Atom\nsource.\n"],["find_from_css_link","WpTheme","WpTheme.html#method-c-find_from_css_link","(target_uri)","
Discover the wordpress theme name by parsing the css link rel\n"],["find_from_links_opml","WpVersion","WpVersion.html#method-c-find_from_links_opml","(options)","
Attempts to find the WordPress version from the p-links-opml.php file.\n"],["find_from_meta_generator","WpVersion","WpVersion.html#method-c-find_from_meta_generator","(options)","
Attempts to find the wordpress version from, the generator meta tag in the\nhtml source.\n
The meta tag can …\n"],["find_from_rdf_generator","WpVersion","WpVersion.html#method-c-find_from_rdf_generator","(options)","
Attempts to find WordPress version from, the generator tag in the RDF feed\nsource.\n"],["find_from_readme","WpVersion","WpVersion.html#method-c-find_from_readme","(options)","
Attempts to find the WordPress version from the readme.html file.\n"],["find_from_rss_generator","WpVersion","WpVersion.html#method-c-find_from_rss_generator","(options)","
Attempts to find the WordPress version from, the generator tag in the RSS\nfeed source.\n"],["find_from_sitemap_generator","WpVersion","WpVersion.html#method-c-find_from_sitemap_generator","(options)","
Attempts to find the WordPress version from the sitemap.xml file.\n
See: code.google.com/p/wpscan/issues/detail?id=109 …\n"],["find_from_wooframework","WpTheme","WpTheme.html#method-c-find_from_wooframework","(target_uri)","
code.google.com/p/wpscan/issues/detail?id=141\n"],["forge_request","Browser","Browser.html#method-i-forge_request","(url, params = {})",""],["full_path_disclosure_url","WpFullPathDisclosure","WpFullPathDisclosure.html#method-i-full_path_disclosure_url","()",""],["generate_full_list","Generate_List","Generate_List.html#method-i-generate_full_list","()",""],["generate_items","WpEnumerator","WpEnumerator.html#method-c-generate_items","(options = {})",""],["generate_popular_list","Generate_List","Generate_List.html#method-i-generate_popular_list","(pages)",""],["get","Browser","Browser.html#method-i-get","(url, params = {})",""],["get_entry_file_path","CacheFileStore","CacheFileStore.html#method-i-get_entry_file_path","(key)",""],["get_equal_string_end","Object","Object.html#method-i-get_equal_string_end","(stringarray = [\"\"])","
Gets the string all elements in stringarray ends with\n"],["get_exploit_info","RpcClient","RpcClient.html#method-i-get_exploit_info","(name)","
retrieve information about the exploit\n"],["get_full_url","WpItem","WpItem.html#method-i-get_full_url","()","
Get the full url for this item\n"],["get_nickname_from_response","WpUsernames","WpUsernames.html#method-i-get_nickname_from_response","(resp)",""],["get_nickname_from_url","WpUsernames","WpUsernames.html#method-i-get_nickname_from_url","(url)",""],["get_opt_long","WpscanOptions","WpscanOptions.html#method-c-get_opt_long","()","
Even if a short option is given (IE : -u), the long one will be returned\n(IE : –url)\n"],["get_options","RpcClient","RpcClient.html#method-i-get_options","(name)","
retrieve exploit options\n"],["get_payloads","RpcClient","RpcClient.html#method-i-get_payloads","(name)","
retrieve the exploit payloads\n"],["get_popular_items","Generate_List","Generate_List.html#method-i-get_popular_items","(pages)","
Send a HTTP request to the WordPress most popular theme or plugin webpage\nparse the response for the …\n"],["get_sub_folder","WpItem","WpItem.html#method-i-get_sub_folder","()",""],["get_updater","UpdaterFactory","UpdaterFactory.html#method-c-get_updater","(repo_directory)",""],["get_url_without_filename","WpItem","WpItem.html#method-i-get_url_without_filename","()","
Gets the full url for this item without filenames\n"],["green","Object","Object.html#method-i-green","(text)",""],["grep","Array","Array.html#method-i-grep","(regexp)",""],["has_basic_auth?","WebSite","WebSite.html#method-i-has_basic_auth-3F","()",""],["has_better_wp_security_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_better_wp_security_protection-3F","()","
wordpress.org/extend/plugins/better-wp-security/\n"],["has_bluetrait_event_viewer_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_bluetrait_event_viewer_protection-3F","()","
wordpress.org/extend/plugins/bluetrait-event-viewer/\n"],["has_changelog?","WpItem","WpItem.html#method-i-has_changelog-3F","()","
changelog.txt present?\n"],["has_debug_log?","WpTarget","WpTarget.html#method-i-has_debug_log-3F","()",""],["has_full_path_disclosure?","WpFullPathDisclosure","WpFullPathDisclosure.html#method-i-has_full_path_disclosure-3F","()","
Check for Full Path Disclosure (FPD)\n"],["has_limit_login_attempts_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_limit_login_attempts_protection-3F","()","
wordpress.org/extend/plugins/limit-login-attempts/\n"],["has_login_lock_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_lock_protection-3F","()","
wordpress.org/extend/plugins/login-lock/\n"],["has_login_lockdown_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_lockdown_protection-3F","()","
Thanks to Alip Aswalid for providing this method.\nwordpress.org/extend/plugins/login-lockdown/\n"],["has_login_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_protection-3F","()",""],["has_login_security_solution_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_login_security_solution_protection-3F","()","
wordpress.org/extend/plugins/login-security-solution/\n"],["has_malwares?","Malwares","Malwares.html#method-i-has_malwares-3F","(malwares_file_path = nil)",""],["has_options?","WpscanOptions","WpscanOptions.html#method-i-has_options-3F","()",""],["has_readme?","WpItem","WpItem.html#method-i-has_readme-3F","()","
readme.txt present?\n"],["has_readme?","WpReadme","WpReadme.html#method-i-has_readme-3F","()","
Checks to see if the readme.html file exists\n
This file comes by default in a wordpress installation, and …\n"],["has_simple_login_lockdown_protection?","WpLoginProtection","WpLoginProtection.html#method-i-has_simple_login_lockdown_protection-3F","()","
wordpress.org/extend/plugins/simple-login-lockdown/\n"],["has_timthumbs?","WpTimthumbs","WpTimthumbs.html#method-i-has_timthumbs-3F","(theme_name, options = {})",""],["has_xml_rpc?","WebSite","WebSite.html#method-i-has_xml_rpc-3F","()",""],["help","Object","Object.html#method-i-help","()","
command help\n"],["id","WpUser","WpUser.html#method-i-id","()",""],["id=","WpUser","WpUser.html#method-i-id-3D","(new_id)",""],["instance","Browser","Browser.html#method-c-instance","(options = {})",""],["is_installed?","GitUpdater","GitUpdater.html#method-i-is_installed-3F","()",""],["is_installed?","SvnUpdater","SvnUpdater.html#method-i-is_installed-3F","()",""],["is_installed?","Updater","Updater.html#method-i-is_installed-3F","()",""],["is_long_option?","WpscanOptions","WpscanOptions.html#method-c-is_long_option-3F","(option)",""],["is_multisite?","WpTarget","WpTarget.html#method-i-is_multisite-3F","()",""],["is_online?","WebSite","WebSite.html#method-i-is_online-3F","()","
Checks if the remote website is up.\n"],["is_wordpress?","WebSite","WebSite.html#method-i-is_wordpress-3F","()","
check if the remote website is actually running wordpress.\n"],["job_id","Exploit","Exploit.html#method-i-job_id","()","
not sure if this is needed?! not used.\n"],["jobs","RpcClient","RpcClient.html#method-i-jobs","()","
list msf jobs\n"],["kill_session","Exploit","Exploit.html#method-i-kill_session","(id)","
kill a session by session id\n"],["kill_session","RpcClient","RpcClient.html#method-i-kill_session","(id)","
kill msf session\n"],["last_session_id","Exploit","Exploit.html#method-i-last_session_id","()","
the last active session id created\n"],["limit_login_attempts_url","WpLoginProtection","WpLoginProtection.html#method-i-limit_login_attempts_url","()",""],["lines_in_file","BruteForce","BruteForce.html#method-c-lines_in_file","(file_path)","
Counts the number of lines in the wordlist It can take a couple of minutes\non large wordlists, although …\n"],["load_config","Browser","Browser.html#method-i-load_config","(config_file = nil)","
TODO reload hydra (if the .load_config is called on a browser object, hydra\nwill not have the new @max_threads …\n"],["load_from_arguments","WpscanOptions","WpscanOptions.html#method-c-load_from_arguments","()","
Will load the options from ARGV return WpscanOptions\n"],["local_revision_number","GitUpdater","GitUpdater.html#method-i-local_revision_number","()","
Git has not a revsion number like SVN, so we will take the 7 first chars of\nthe last commit hash\n"],["local_revision_number","SvnUpdater","SvnUpdater.html#method-i-local_revision_number","()",""],["local_revision_number","Updater","Updater.html#method-i-local_revision_number","()",""],["login","RpcClient","RpcClient.html#method-i-login","()","
login to msfrpcd\n"],["login_protection_plugin","WpLoginProtection","WpLoginProtection.html#method-i-login_protection_plugin","()","
Checks if a login protection plugin is enabled\ncode.google.com/p/wpscan/issues/detail?id=111 return a …\n"],["login_security_solution_url","WpLoginProtection","WpLoginProtection.html#method-i-login_security_solution_url","()",""],["login_url","WpTarget","WpTarget.html#method-i-login_url","()",""],["malware_pattern","Malwares","Malwares.html#method-c-malware_pattern","(url_regex)",""],["malwares","Malwares","Malwares.html#method-i-malwares","(malwares_file_path = nil)","
return array of string (url of malwares found)\n"],["malwares_file","Malwares","Malwares.html#method-c-malwares_file","(malwares_file_path)",""],["max_threads=","Browser","Browser.html#method-i-max_threads-3D","(max_threads)",""],["merge_request_params","Browser","Browser.html#method-i-merge_request_params","(params = {})",""],["meterpreter_read","Exploit","Exploit.html#method-i-meterpreter_read","(id)","
read data from a meterpreter session data must be base64 decoded.\n"],["meterpreter_read","RpcClient","RpcClient.html#method-i-meterpreter_read","(id)",""],["meterpreter_write","Exploit","Exploit.html#method-i-meterpreter_write","(id, data)","
write data to a meterpreter session data must be base64 encoded.\n"],["meterpreter_write","RpcClient","RpcClient.html#method-i-meterpreter_write","(id, data)",""],["name","WpUser","WpUser.html#method-i-name","()",""],["name=","WpUser","WpUser.html#method-i-name-3D","(new_name)",""],["new","CacheFileStore","CacheFileStore.html#method-c-new","(storage_path, serializer = Marshal)","
The serializer must have the 2 methods .load and .dump (Marshal and YAML\nhave them) YAML is Human Readable …\n"],["new","Exploit","Exploit.html#method-c-new","(wp_url, type, uri, postdata, use_proxy, proxy_addr, proxy_port)",""],["new","Generate_List","Generate_List.html#method-c-new","(type, verbose)","
type = themes | plugins\n"],["new","RpcClient","RpcClient.html#method-c-new","()",""],["new","Svn_Parser","Svn_Parser.html#method-c-new","(svn_root, verbose, keep_empty_dirs = false)",""],["new","Updater","Updater.html#method-c-new","(repo_directory = nil)","
TODO : add a last ‘/ to repo_directory if it’s not present\n"],["new","WpItem","WpItem.html#method-c-new","(options)",""],["new","WpPlugin","WpPlugin.html#method-c-new","(options = {})",""],["new","WpTarget","WpTarget.html#method-c-new","(target_url, options = {})",""],["new","WpTheme","WpTheme.html#method-c-new","(options = {})",""],["new","WpUser","WpUser.html#method-c-new","(name, id, nickname)",""],["new","WpVersion","WpVersion.html#method-c-new","(number, options = {})",""],["new","WpVulnerability","WpVulnerability.html#method-c-new","(title, reference, type)",""],["new","WpscanOptions","WpscanOptions.html#method-c-new","()",""],["nickname","WpUser","WpUser.html#method-i-nickname","()",""],["nickname=","WpUser","WpUser.html#method-i-nickname-3D","(new_nickname)",""],["option_to_instance_variable_setter","WpscanOptions","WpscanOptions.html#method-c-option_to_instance_variable_setter","(option)",""],["parse","Svn_Parser","Svn_Parser.html#method-i-parse","(dirs=nil)",""],["passive_detection","WpDetector","WpDetector.html#method-c-passive_detection","(url, type, wp_content_dir)","
plugins and themes can be found in the source code :\n\n
<script src='http://example.com/wp-content/plugins/s2member/...' ...\n"],["plugins_from_aggressive_detection","WpPlugins","WpPlugins.html#method-i-plugins_from_aggressive_detection","(options)","Enumerate installed plugins.\n
return array of WpPlugin\n"],["plugins_from_passive_detection","WpPlugins","WpPlugins.html#method-i-plugins_from_passive_detection","(options)","
code.google.com/p/wpscan/issues/detail?id=42 plugins can be found in the\nsource code :\n\n
<script src='http://example.com/wp-content/plugins/s2member/...' ...\n"],["post","Browser","Browser.html#method-i-post","(url, params = {})",""],["proxy=","WpscanOptions","WpscanOptions.html#method-i-proxy-3D","(proxy)",""],["proxy_auth=","Browser","Browser.html#method-i-proxy_auth-3D","(auth)",""],["proxy_auth=","WpscanOptions","WpscanOptions.html#method-i-proxy_auth-3D","(auth)",""],["raise_invalid_proxy_format","Browser","Browser.html#method-i-raise_invalid_proxy_format","()",""],["raise_must_be_implemented","Updater","Updater.html#method-i-raise_must_be_implemented","()",""],["read_entry","CacheFileStore","CacheFileStore.html#method-i-read_entry","(key)",""],["read_shell","Exploit","Exploit.html#method-i-read_shell","(id)","read data from a shell, meterpreter is not classed as a shell.\n"],["read_shell","RpcClient","RpcClient.html#method-i-read_shell","(id)","
reads any pending output from session\n"],["readme_url","WpItem","WpItem.html#method-i-readme_url","()","
Url for readme.txt\n"],["readme_url","WpReadme","WpReadme.html#method-i-readme_url","()",""],["red","Object","Object.html#method-i-red","(text)",""],["redirection","WebSite","WebSite.html#method-i-redirection","(url = nil)","
see if the remote url returns 30x redirect return a string with the\nredirection or nil\n"],["registration_enabled?","WpTarget","WpTarget.html#method-i-registration_enabled-3F","()","
Should check wp-login.php if registration is enabled or not\n"],["registration_url","WpTarget","WpTarget.html#method-i-registration_url","()",""],["remove_junk_from_nickname","WpUsernames","WpUsernames.html#method-i-remove_junk_from_nickname","(usernames)",""],["repo_directory_arguments","GitUpdater","GitUpdater.html#method-i-repo_directory_arguments","()",""],["require_files_from_directory","Object","Object.html#method-i-require_files_from_directory","(absolute_dir_path, files_pattern = \"*.rb\")","
TODO : add an exclude pattern ?\n"],["reset","Browser","Browser.html#method-c-reset","()",""],["save","Generate_List","Generate_List.html#method-i-save","(items)","
Save the file\n"],["search_replace_db_2_exists?","WpTarget","WpTarget.html#method-i-search_replace_db_2_exists-3F","()",""],["search_replace_db_2_url","WpTarget","WpTarget.html#method-i-search_replace_db_2_url","()","
Script for replacing strings in wordpress databases reveals databse\ncredentials after hitting submit …\n"],["session_count","Exploit","Exploit.html#method-i-session_count","()","
a count of the amount of active sessions\n"],["sessions","Exploit","Exploit.html#method-i-sessions","()","
all sessions and related session data\n"],["sessions","RpcClient","RpcClient.html#method-i-sessions","()","
list msf sessions\n"],["set_file_name","Generate_List","Generate_List.html#method-i-set_file_name","(type)",""],["set_option_from_cli","WpscanOptions","WpscanOptions.html#method-i-set_option_from_cli","(cli_option, cli_value)","
string cli_option : –url, -u, –proxy etc string cli_value : the option\nvalue\n"],["simple_login_lockdown_url","WpLoginProtection","WpLoginProtection.html#method-i-simple_login_lockdown_url","()",""],["start","Exploit","Exploit.html#method-i-start","()","
figure out what to exploit\n"],["targets_url_from_theme","WpTimthumbs","WpTimthumbs.html#method-i-targets_url_from_theme","(theme_name, options)",""],["theme","WpTarget","WpTarget.html#method-i-theme","()","
return WpTheme\n"],["themes_from_aggressive_detection","WpThemes","WpThemes.html#method-i-themes_from_aggressive_detection","(options)",""],["themes_from_passive_detection","WpThemes","WpThemes.html#method-i-themes_from_passive_detection","(options)",""],["threads=","WpscanOptions","WpscanOptions.html#method-i-threads-3D","(threads)",""],["timthumbs","WpTimthumbs","WpTimthumbs.html#method-i-timthumbs","(theme_name = nil, options = {})",""],["to_h","WpscanOptions","WpscanOptions.html#method-i-to_h","()","
return Hash\n"],["to_s","WpItem","WpItem.html#method-i-to_s","()","
To string. Adds a version number if detected\n"],["update","GitUpdater","GitUpdater.html#method-i-update","()",""],["update","SvnUpdater","SvnUpdater.html#method-i-update","()",""],["update","Updater","Updater.html#method-i-update","()",""],["url","WpTarget","WpTarget.html#method-i-url","()","
Alias of @uri.to_s\n"],["url=","WpscanOptions","WpscanOptions.html#method-i-url-3D","(url)",""],["usage","Object","Object.html#method-i-usage","()","
wpscan usage\n"],["user_agent","Browser","Browser.html#method-i-user_agent","()","
return the user agent, according to the user_agent_mode\n"],["user_agent_mode=","Browser","Browser.html#method-i-user_agent_mode-3D","(ua_mode)",""],["usernames","WpUsernames","WpUsernames.html#method-i-usernames","(options = {})","
Enumerate wordpress usernames by using Veronica Valeros’s technique:\nseclists.org/fulldisclosure/2011/May/493 …\n"],["valid_response_codes","WpTarget","WpTarget.html#method-c-valid_response_codes","()","
Valid HTTP return codes\n"],["version","WpItem","WpItem.html#method-i-version","()","
Returns version number from readme.txt if it exists\n"],["version","WpTarget","WpTarget.html#method-i-version","()","
return WpVersion\n"],["version_pattern","WpVersion","WpVersion.html#method-c-version_pattern","()","
Used to check if the version is correct: must contain at least one dot.\n"],["vulnerabilities","Vulnerable","Vulnerable.html#method-i-vulnerabilities","()","
@return an array of WpVulnerability (can be empty)\n"],["wordlist=","WpscanOptions","WpscanOptions.html#method-i-wordlist-3D","(wordlist)",""],["wp_content_dir","WpTarget","WpTarget.html#method-i-wp_content_dir","()",""],["wp_plugins_dir","WpTarget","WpTarget.html#method-i-wp_plugins_dir","()",""],["wp_plugins_dir_exists?","WpTarget","WpTarget.html#method-i-wp_plugins_dir_exists-3F","()",""],["write_entry","CacheFileStore","CacheFileStore.html#method-i-write_entry","(key, data_to_store, cache_timeout)",""],["write_shell","Exploit","Exploit.html#method-i-write_shell","(id, data)","
write data to a shell, meterpreter is not classed as a shell.\n"],["write_shell","RpcClient","RpcClient.html#method-i-write_shell","(id, data)","
writes the specified input into the session\n"],["xml_rpc_url","WebSite","WebSite.html#method-i-xml_rpc_url","()",""],["CREDITS","","CREDITS.html","","
*CREDITS*\n
This file is to give credit to WPScan’s contributors. If you feel your name\nshould be in here, …\n"],["Gemfile","","Gemfile.html","","
source “rubygems.org”\n
gem “typhoeus”, “0.4.2” gem “rspec”, :require …\n"],["README","","README.html","","
__\n\n
__ _______ _____\n\\ \\ / / __ \\ / ____|\n \\ \\ /\\ / /| |__) | (___ ___ __ _ _ __ ...\n"]]}} \ No newline at end of file diff --git a/doc/table_of_contents.html b/doc/table_of_contents.html index 5b58c84b..7e49770f 100644 --- a/doc/table_of_contents.html +++ b/doc/table_of_contents.html @@ -229,33 +229,33 @@::malwares_file — Malwares - ::new — WpTarget + ::new — WpPlugin ::new — WpscanOptions + ::new — RpcClient + ::new — WpVersion - ::new — WpPlugin - ::new — WpItem + ::new — WpTarget + ::new — WpUser ::new — CacheFileStore - ::new — WpVulnerability - ::new — Updater - ::new — Exploit + ::new — WpVulnerability ::new — Generate_List - ::new — WpTheme + ::new — Exploit ::new — Svn_Parser - ::new — RpcClient + ::new — WpTheme ::option_to_instance_variable_setter — WpscanOptions @@ -273,11 +273,11 @@ #== — WpItem - #=== — WpTheme + #=== — WpItem #=== — WpUser - #=== — WpItem + #=== — WpTheme #_grep_ — Array @@ -291,6 +291,8 @@ #banner — Object + #basic_auth= — WpscanOptions + #better_wp_security_url — WpLoginProtection #bluetrait_event_viewer_url — WpLoginProtection @@ -333,10 +335,10 @@ #error_log_url — WpPlugin - #exploit — RpcClient - #exploit — Exploit + #exploit — RpcClient + #exploit_info — Exploit #extract_name_from_url — WpItem @@ -379,6 +381,8 @@ #grep — Array + #has_basic_auth? — WebSite + #has_better_wp_security_protection? — WpLoginProtection #has_bluetrait_event_viewer_protection? — WpLoginProtection @@ -403,26 +407,28 @@ #has_options? — WpscanOptions - #has_readme? — WpReadme - #has_readme? — WpItem + #has_readme? — WpReadme + #has_simple_login_lockdown_protection? — WpLoginProtection #has_timthumbs? — WpTimthumbs + #has_xml_rpc? — WebSite + #help — Object #id — WpUser #id= — WpUser - #is_installed? — Updater - #is_installed? — SvnUpdater #is_installed? — GitUpdater + #is_installed? — Updater + #is_multisite? — WpTarget #is_online? — WebSite @@ -433,20 +439,20 @@ #jobs — RpcClient - #kill_session — Exploit - #kill_session — RpcClient + #kill_session — Exploit + #last_session_id — Exploit #limit_login_attempts_url — WpLoginProtection #load_config — Browser - #local_revision_number — SvnUpdater - #local_revision_number — Updater + #local_revision_number — SvnUpdater + #local_revision_number — GitUpdater #login — RpcClient @@ -463,10 +469,10 @@ #merge_request_params — Browser - #meterpreter_read — Exploit - #meterpreter_read — RpcClient + #meterpreter_read — Exploit + #meterpreter_write — Exploit #meterpreter_write — RpcClient @@ -499,10 +505,10 @@ #read_entry — CacheFileStore - #read_shell — RpcClient - #read_shell — Exploit + #read_shell — RpcClient + #readme_url — WpItem #readme_url — WpReadme @@ -529,10 +535,10 @@ #session_count — Exploit - #sessions — Exploit - #sessions — RpcClient + #sessions — Exploit + #set_file_name — Generate_List #set_option_from_cli — WpscanOptions @@ -557,12 +563,12 @@ #to_s — WpItem - #update — SvnUpdater - #update — GitUpdater #update — Updater + #update — SvnUpdater + #url — WpTarget #url= — WpscanOptions @@ -575,10 +581,10 @@ #usernames — WpUsernames - #version — WpItem - #version — WpTarget + #version — WpItem + #vulnerabilities — Vulnerable #wordlist= — WpscanOptions @@ -591,11 +597,11 @@ #write_entry — CacheFileStore - #write_shell — RpcClient - #write_shell — Exploit - #xmlrpc_url — WebSite + #write_shell — RpcClient + + #xml_rpc_url — WebSite diff --git a/lib/wpscan/modules/web_site.rb b/lib/wpscan/modules/web_site.rb index 8b08ceea..cd0cf41a 100644 --- a/lib/wpscan/modules/web_site.rb +++ b/lib/wpscan/modules/web_site.rb @@ -32,8 +32,8 @@ module WebSite wordpress = true else response = Browser.instance.get( - xmlrpc_url(), - {:follow_location => true, :max_redirects => 2} + xml_rpc_url, + {:follow_location => true, :max_redirects => 2} ) if response.body =~ %r{XML-RPC server accepts POST requests only}i @@ -44,8 +44,21 @@ module WebSite wordpress end - def xmlrpc_url - @uri.merge("xmlrpc.php").to_s + def xml_rpc_url + unless @xmlrpc_url + headers = Browser.instance.get(@uri.to_s).headers_hash + value = headers["x-pingback"] + if value.nil? or value.empty? + @xmlrpc_url = nil + else + @xmlrpc_url = value + end + end + @xmlrpc_url + end + + def has_xml_rpc? + !xml_rpc_url.nil? end # Checks if the remote website is up. diff --git a/spec/lib/wpscan/modules/web_site_spec.rb b/spec/lib/wpscan/modules/web_site_spec.rb index cf70f984..c270bda4 100644 --- a/spec/lib/wpscan/modules/web_site_spec.rb +++ b/spec/lib/wpscan/modules/web_site_spec.rb @@ -17,10 +17,10 @@ #++ shared_examples_for "WebSite" do - let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_MODULES_DIR + '/web_site' } + let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_MODULES_DIR + "/web_site" } before :each do - @module = WpScanModuleSpec.new('http://example.localhost/') + @module = WpScanModuleSpec.new("http://example.localhost/") @module.extend(WebSite) end @@ -30,16 +30,39 @@ shared_examples_for "WebSite" do end end - describe "#xmlrpc_url" do + describe "#xml_rpc_url" do it "should return the correct url : http://example.localhost/xmlrpc.php" do - @module.xmlrpc_url.should === "http://example.localhost/xmlrpc.php" + xmlrpc = "http://example.localhost/xmlrpc.php" + stub_request(:get, "http://example.localhost/"). + to_return(:status => 200, :body => "", :headers => { "X-Pingback" => xmlrpc}) + @module.xml_rpc_url.should === xmlrpc + end + + it "should return nil" do + stub_request(:get, "http://example.localhost/").to_return(:status => 200) + @module.xml_rpc_url.should be_nil + end + end + + describe "#has_xml_rpc?" do + it "should return true" do + stub_request(:get, "http://example.localhost/"). + to_return(:status => 200, :body => "", :headers => { "X-Pingback" => "xmlrpc"}) + @module.has_xml_rpc?.should be_true + end + + it "should return false" do + stub_request(:get, "http://example.localhost/").to_return(:status => 200) + @module.has_xml_rpc?.should be_false end end describe "#is_wordpress?" do # each url (wp-login and xmlrpc) pointed to a 404 before :each do - [@module.login_url, @module.xmlrpc_url].each do |url| + stub_request(:get, @module.uri.to_s). + to_return(:status => 200, :body => "", :headers => { "X-Pingback" => @module.uri.merge("xmlrpc.php")}) + [@module.login_url, @module.xml_rpc_url].each do |url| stub_request(:get, url).to_return(:status => 404, :body => "") end end @@ -50,14 +73,14 @@ shared_examples_for "WebSite" do it "should return true if the wp-login is found and is a valid wordpress one" do stub_request(:get, @module.login_url). - to_return(:status => 200, :body => File.new(fixtures_dir + '/wp-login.php')) + to_return(:status => 200, :body => File.new(fixtures_dir + "/wp-login.php")) @module.is_wordpress?.should be_true end it "should return true if the xmlrpc is found" do - stub_request(:get, @module.xmlrpc_url). - to_return(:status => 200, :body => File.new(fixtures_dir + '/xmlrpc.php')) + stub_request(:get, @module.xml_rpc_url). + to_return(:status => 200, :body => File.new(fixtures_dir + "/xmlrpc.php")) @module.is_wordpress?.should be_true end diff --git a/wpscan.rb b/wpscan.rb index 4c3f1df6..f54119e4 100755 --- a/wpscan.rb +++ b/wpscan.rb @@ -148,6 +148,10 @@ begin puts green("[+]") + " User registration is enabled" end + if wp_target.has_xml_rpc? + puts green("[+]") + " XML-RPC Interface available under #{wp_target.xml_rpc_url}" + end + if wp_target.has_malwares? malwares = wp_target.malwares puts red("[!]") + " #{malwares.size} malware(s) found :"