Erwan
@@ -25,6 +25,7 @@ class Browser
|
||||
:user_agent_mode,
|
||||
:available_user_agents,
|
||||
:proxy,
|
||||
:proxy_auth,
|
||||
:max_threads,
|
||||
:cache_timeout,
|
||||
:request_timeout
|
||||
@@ -98,6 +99,29 @@ class Browser
|
||||
@max_threads = max_threads
|
||||
end
|
||||
|
||||
def proxy_auth=(auth)
|
||||
unless auth.nil?
|
||||
if auth.is_a?(Hash)
|
||||
if !auth.include?(:proxy_username) or !auth.include?(:proxy_password)
|
||||
raise_invalid_proxy_format()
|
||||
end
|
||||
@proxy_auth = auth
|
||||
elsif auth.is_a?(String)
|
||||
if matches = %r{([^:]+):(.*)}.match(auth)
|
||||
@proxy_auth = {:proxy_username => matches[1], :proxy_password => matches[2]}
|
||||
else
|
||||
raise_invalid_proxy_format()
|
||||
end
|
||||
else
|
||||
raise_invalid_proxy_format()
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def raise_invalid_proxy_format
|
||||
raise "Invalid proxy auth format, expected username:password or {:proxy_username => username, :proxy_password => password}"
|
||||
end
|
||||
|
||||
# TODO reload hydra (if the .load_config is called on a browser object, hydra will not have the new @max_threads and @request_timeout)
|
||||
def load_config(config_file = nil)
|
||||
@config_file = config_file || @config_file
|
||||
@@ -149,6 +173,10 @@ class Browser
|
||||
def merge_request_params(params = {})
|
||||
if @proxy
|
||||
params = params.merge(:proxy => @proxy)
|
||||
|
||||
if @proxy_auth
|
||||
params = params.merge(@proxy_auth)
|
||||
end
|
||||
end
|
||||
|
||||
unless params.has_key?(:disable_ssl_host_verification)
|
||||
|
||||
@@ -27,6 +27,7 @@ class WpscanOptions
|
||||
:enumerate_usernames,
|
||||
:enumerate_usernames_range,
|
||||
:proxy,
|
||||
:proxy_auth,
|
||||
:threads,
|
||||
:url,
|
||||
:wordlist,
|
||||
@@ -76,6 +77,14 @@ class WpscanOptions
|
||||
end
|
||||
end
|
||||
|
||||
def proxy_auth=(auth)
|
||||
if auth.index(':') == nil
|
||||
raise "Invalid proxy auth format, username:password expected"
|
||||
else
|
||||
@proxy_auth = auth
|
||||
end
|
||||
end
|
||||
|
||||
def enumerate_plugins=(enumerate_plugins)
|
||||
if enumerate_plugins === true and @enumerate_only_vulnerable_plugins === true
|
||||
raise "You can't enumerate plugins and only vulnerable plugins at the same time, please choose only one"
|
||||
@@ -150,7 +159,7 @@ class WpscanOptions
|
||||
cli_value
|
||||
)
|
||||
elsif cli_option === "--enumerate" # Special cases
|
||||
# Default value if no argument is given
|
||||
# Default value if no argument is given
|
||||
cli_value = "vt,tt,u,vp" if cli_value.length == 0
|
||||
|
||||
enumerate_options_from_string(cli_value)
|
||||
@@ -201,7 +210,8 @@ class WpscanOptions
|
||||
["--force", "-f", GetoptLong::NO_ARGUMENT],
|
||||
["--help", "-h", GetoptLong::NO_ARGUMENT],
|
||||
["--verbose", "-v", GetoptLong::NO_ARGUMENT],
|
||||
["--proxy", GetoptLong::OPTIONAL_ARGUMENT],
|
||||
["--proxy", GetoptLong::REQUIRED_ARGUMENT],
|
||||
["--proxy-auth", GetoptLong::REQUIRED_ARGUMENT],
|
||||
["--update", GetoptLong::NO_ARGUMENT],
|
||||
["--follow-redirection", GetoptLong::NO_ARGUMENT],
|
||||
["--wp-content-dir", GetoptLong::REQUIRED_ARGUMENT],
|
||||
@@ -226,7 +236,7 @@ class WpscanOptions
|
||||
|
||||
def self.option_to_instance_variable_setter(option)
|
||||
cleaned_option = WpscanOptions.clean_option(option)
|
||||
option_syms = ACCESSOR_OPTIONS.grep(%r{^#{cleaned_option}})
|
||||
option_syms = ACCESSOR_OPTIONS.grep(%r{^#{cleaned_option}$})
|
||||
|
||||
option_syms.length == 1 ? :"#{option_syms.at(0)}=" : nil
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user