diff --git a/doc_rdoc/Array.html b/doc_rdoc/Array.html index f2325be0..56870dfa 100644 --- a/doc_rdoc/Array.html +++ b/doc_rdoc/Array.html @@ -112,8 +112,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -194,6 +192,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -268,8 +272,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • diff --git a/doc_rdoc/Browser.html b/doc_rdoc/Browser.html index 8458674c..4ab198a2 100644 --- a/doc_rdoc/Browser.html +++ b/doc_rdoc/Browser.html @@ -148,8 +148,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -230,6 +228,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -304,8 +308,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • diff --git a/doc_rdoc/Browser/Actions.html b/doc_rdoc/Browser/Actions.html index 690e8b9f..eb96bee1 100644 --- a/doc_rdoc/Browser/Actions.html +++ b/doc_rdoc/Browser/Actions.html @@ -110,8 +110,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -192,6 +190,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -266,8 +270,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • diff --git a/doc_rdoc/Browser/Options.html b/doc_rdoc/Browser/Options.html index 2a00cd02..65440c02 100644 --- a/doc_rdoc/Browser/Options.html +++ b/doc_rdoc/Browser/Options.html @@ -122,8 +122,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -204,6 +202,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -278,8 +282,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • diff --git a/doc_rdoc/CREDITS.html b/doc_rdoc/CREDITS.html index 76d6777a..a06f4ffa 100644 --- a/doc_rdoc/CREDITS.html +++ b/doc_rdoc/CREDITS.html @@ -68,8 +68,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -150,6 +148,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -224,8 +228,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • diff --git a/doc_rdoc/CacheFileStore.html b/doc_rdoc/CacheFileStore.html index cd089aae..1d15dc28 100644 --- a/doc_rdoc/CacheFileStore.html +++ b/doc_rdoc/CacheFileStore.html @@ -118,8 +118,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -200,6 +198,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -274,8 +278,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • diff --git a/doc_rdoc/CheckerPlugin.html b/doc_rdoc/CheckerPlugin.html index ac1c4242..54ffd142 100644 --- a/doc_rdoc/CheckerPlugin.html +++ b/doc_rdoc/CheckerPlugin.html @@ -116,8 +116,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -198,6 +196,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -272,8 +276,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • diff --git a/doc_rdoc/CustomOptionParser.html b/doc_rdoc/CustomOptionParser.html index 2b7d799a..9001e353 100644 --- a/doc_rdoc/CustomOptionParser.html +++ b/doc_rdoc/CustomOptionParser.html @@ -118,8 +118,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -200,6 +198,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -274,8 +278,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • diff --git a/doc_rdoc/File.html b/doc_rdoc/File.html index a2b309ff..df4ac68a 100644 --- a/doc_rdoc/File.html +++ b/doc_rdoc/File.html @@ -110,8 +110,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -192,6 +190,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -266,8 +270,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • diff --git a/doc_rdoc/Gemfile.html b/doc_rdoc/Gemfile.html index f31f7b5b..1b44ed31 100644 --- a/doc_rdoc/Gemfile.html +++ b/doc_rdoc/Gemfile.html @@ -68,8 +68,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -150,6 +148,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -224,8 +228,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • @@ -248,7 +250,8 @@ gem “terminal-table” gem “ruby-progressbar”, “>=1.1.0”

    gem "webmock", ">=1.9.3"
 gem "simplecov"
-gem "rspec", :require => "spec"
    +gem "rspec", :require => "spec" +gem "rspec-mocks", "<=2.14.2" # 2.14.3 just messed around :/

    end

    diff --git a/doc_rdoc/GenerateList.html b/doc_rdoc/GenerateList.html index bf5b214b..24a0aed2 100644 --- a/doc_rdoc/GenerateList.html +++ b/doc_rdoc/GenerateList.html @@ -120,8 +120,6 @@
  • WpTarget
    • -
  • WpTarget::InterestingHeaders
    • -
  • WpTarget::Malwares
  • WpTarget::WpConfigBackup
    • @@ -202,6 +200,12 @@
  • Terminal::Table::Style
    • +
  • WebSite
    • + +
  • WebSite::InterestingHeaders
    • + +
  • WebSite::RobotsTxt
    • +
  • WpItems
  • WpItems::Detectable
    • @@ -276,8 +280,6 @@
  • VersionCompare
    • -
  • WebSite
    • -
  • WpscanOptions
    • @@ -374,8 +376,7 @@ raise "Type #{type} not defined" end @verbose = verbose - @browser = Browser.instance(request_timeout: 20000, connect_timeout: 20000, max_threads: 1) - @hydra = @browser.hydra + @browser = Browser.instance(request_timeout: 20000, connect_timeout: 20000, max_threads: 1, cache_ttl: 0) end @@ -412,7 +413,7 @@ 
    -# File lib/wpstools/plugins/list_generator/generate_list.rb, line 52
+# File lib/wpstools/plugins/list_generator/generate_list.rb, line 51
 def generate_full_list
   set_file_name(:full)
   items = SvnParser.new(@svn_url).parse
@@ -447,7 +448,7 @@
             
             
   
-
-
-      
-        
  • 
-  
-    
-      - (Object) xml_rpc_url_from_body 
-    
-
-    
-  
-  
-  
-  
-  
-  
-  
-  
-
-  
-    
    
-  
-
    • 
-
-      
-        
  • 
-  
-    
-      - (Object) xml_rpc_url_from_headers 
-    
-
-    
-  
-  
-  
-  
-  
-  
-  
-  
-
-  
-    
    
-  
 
    • 
 
       
     
   
 
+
+  
+  
+  
+  
+  
+  
+  
+  
+  
    Methods included from InterestingHeaders
    
+  
    #interesting_headers, known_headers
    
+
+  
+  
+  
+  
+  
+  
+  
+  
+  
    Methods included from RobotsTxt
    
+  
    #has_robots?, known_dirs, #parse_robots_txt, #robots_url
    
 
    
   
    Constructor Details
    
   
@@ -594,12 +540,12 @@ href="http://www.hixie.ch/specs/pingback/pingback-1.0#TOC2.3">www.hixie.ch/specs
       
     
 
-7
-8
-9
    
+12
+13
+14
    - 
    # File 'lib/wpscan/web_site.rb', line 7
+      
    # File 'lib/wpscan/web_site.rb', line 12
 
 def initialize(site_url)
   self.url = site_url
@@ -642,12 +588,12 @@ href="http://www.hixie.ch/specs/pingback/pingback-1.0#TOC2.3">www.hixie.ch/specs
       
     
 
-5
-6
-7
    
+10
+11
+12
    
     
     
-      
    # File 'lib/wpscan/web_site.rb', line 5
+      
    # File 'lib/wpscan/web_site.rb', line 10
 
 def uri
   @uri
@@ -730,13 +676,13 @@ file which can be very huge (like 2 Go)
    
       
     
 
-133
-134
-135
-136
    
+109
+110
+111
+112
    
     
     
-      
    # File 'lib/wpscan/web_site.rb', line 133
+      
    # File 'lib/wpscan/web_site.rb', line 109
 
 def self.has_log?(log_url, pattern)
   log_body = Browser.get(log_url, headers: {'range' => 'bytes=0-700'}).body
@@ -812,14 +758,14 @@ cache generation details
    
       
     
 
-85
-86
-87
-88
-89
    
+73
+74
+75
+76
+77
    
     
     
-      
    # File 'lib/wpscan/web_site.rb', line 85
+      
    # File 'lib/wpscan/web_site.rb', line 73
 
 def self.page_hash(page)
   page = Browser.get(page) unless page.is_a?(Typhoeus::Response)
@@ -863,16 +809,16 @@ cache generation details
    
       
     
 
-99
-100
-101
-102
-103
-104
-105
    
+87
+88
+89
+90
+91
+92
+93
    
     
     
-      
    # File 'lib/wpscan/web_site.rb', line 99
+      
    # File 'lib/wpscan/web_site.rb', line 87
 
 def error_404_hash
   unless @error_404_hash
@@ -923,12 +869,12 @@ cache generation details
    
       
     
 
-24
-25
-26
    
+29
+30
+31
    
     
     
-      
    # File 'lib/wpscan/web_site.rb', line 24
+      
    # File 'lib/wpscan/web_site.rb', line 29
 
 def has_basic_auth?
   Browser.get(@uri.to_s).code == 401
@@ -936,60 +882,6 @@ cache generation details
    
     
   
 
-
    - -
    -

    - - - (Boolean) has_robots? - - - - - -

    -
    - -

    Checks if a robots.txt file exists

    - - -
    -
    -
    - -

    Returns:

    - - -
    - - - - -
    - 
    -
-
-115
-116
-117
    -     		- 
    # File 'lib/wpscan/web_site.rb', line 115
-
-def has_robots?
-  Browser.get(robots_url).code == 200
-end
    -
    @@ -1029,15 +921,17 @@ cache generation details

     
 
-28
-29
-30
    +33 +34 +35 +36 - 
    # File 'lib/wpscan/web_site.rb', line 28
+      
    # File 'lib/wpscan/web_site.rb', line 33
 
 def has_xml_rpc?
-  !xml_rpc_url.nil?
+  response = Browser.get_and_follow_location(xml_rpc_url)
+  response.body =~ %r{XML-RPC server accepts POST requests only}i    
 end
    
     
   
@@ -1059,15 +953,15 @@ cache generation details
    
       
     
 
-91
-92
-93
-94
-95
-96
    
+79
+80
+81
+82
+83
+84
    - 
    # File 'lib/wpscan/web_site.rb', line 91
+      
    # File 'lib/wpscan/web_site.rb', line 79
 
 def homepage_hash
   unless @homepage_hash
@@ -1119,12 +1013,12 @@ cache generation details
    
       
     
 
-20
-21
-22
    
+25
+26
+27
    
     
     
-      
    # File 'lib/wpscan/web_site.rb', line 20
+      
    # File 'lib/wpscan/web_site.rb', line 25
 
 def online?
   Browser.get(@uri.to_s).code != 0
@@ -1161,25 +1055,25 @@ a string with the redirection or nil
    
       
     
 
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
 62
 63
 64
-65
-66
-67
-68
-69
-70
-71
-72
-73
-74
-75
-76
-77
    
+65
    
     
     
-      
    # File 'lib/wpscan/web_site.rb', line 62
+      
    # File 'lib/wpscan/web_site.rb', line 50
 
 def redirection(url = nil)
   redirection = nil
@@ -1200,60 +1094,6 @@ a string with the redirection or nil
    
     
   
 
-
    - -
    -

    - - - (String) robots_url - - - - - -

    -
    - -

    Gets a robots.txt URL

    - - -
    -
    -
    - -

    Returns:

    - - -
    - - - - -
    - 
    -
-
-122
-123
-124
    -     		- 
    # File 'lib/wpscan/web_site.rb', line 122
-
-def robots_url
-  @uri.merge('robots.txt').to_s
-end
    -
    @@ -1268,7 +1108,7 @@ a string with the redirection or nil

    -

    Will try to find the rss url in the homepage Only the first one found iw +

    Will try to find the rss url in the homepage Only the first one found is returned

    @@ -1283,13 +1123,13 @@ returned

     
 
-109
-110
-111
-112
    +97 +98 +99 +100 - 
    # File 'lib/wpscan/web_site.rb', line 109
+      
    # File 'lib/wpscan/web_site.rb', line 97
 
 def rss_url
   homepage_body = Browser.get(@uri.to_s).body
@@ -1315,12 +1155,12 @@ returned
    
       
     
 
-15
-16
-17
    
+20
+21
+22
    
     
     
-      
    # File 'lib/wpscan/web_site.rb', line 15
+      
    # File 'lib/wpscan/web_site.rb', line 20
 
 def url
   @uri.to_s
@@ -1345,12 +1185,12 @@ returned
    
       
     
 
-11
-12
-13
    
+16
+17
+18
    
     
     
-      
    # File 'lib/wpscan/web_site.rb', line 11
+      
    # File 'lib/wpscan/web_site.rb', line 16
 
 def url=(url)
   @uri = URI.parse(add_trailing_slash(add_http_protocol(url)))
@@ -1387,103 +1227,23 @@ href="http://www.hixie.ch/specs/pingback/pingback-1.0#TOC2.3">www.hixie.ch/specs
       
     
 
-33
-34
-35
-36
-37
-38
    
-    
-    
-      
    # File 'lib/wpscan/web_site.rb', line 33
-
-def xml_rpc_url
-  unless @xmlrpc_url
-    @xmlrpc_url = xml_rpc_url_from_headers() || xml_rpc_url_from_body()
-  end
-  @xmlrpc_url
-end
    
-    
-  
-
-
    - -
    -

    - - - (Object) xml_rpc_url_from_body - - - - - -

    - - - - -
    - 
    -
-
-53
-54
-55
-56
-57
    -     		- 
    # File 'lib/wpscan/web_site.rb', line 53
-
-def xml_rpc_url_from_body
-  body = Browser.get(@uri.to_s).body
-
-  body[%r{<link rel="pingback" href="([^"]+)" ?\/?>}, 1]
-end
    -
    -
    - -
    -

    - - - (Object) xml_rpc_url_from_headers - - - - - -

    - - @@ -1495,7 +1255,7 @@ href="http://www.hixie.ch/specs/pingback/pingback-1.0#TOC2.3">www.hixie.ch/specs diff --git a/doc_yard/WpTarget/InterestingHeaders.html b/doc_yard/WebSite/InterestingHeaders.html similarity index 63% rename from doc_yard/WpTarget/InterestingHeaders.html rename to doc_yard/WebSite/InterestingHeaders.html index 3519342b..18c0a577 100644 --- a/doc_yard/WpTarget/InterestingHeaders.html +++ b/doc_yard/WebSite/InterestingHeaders.html @@ -4,7 +4,7 @@ - Module: WpTarget::InterestingHeaders + Module: WebSite::InterestingHeaders — Documentation by YARD 0.8.5.2 @@ -32,7 +32,7 @@ <div id="menu"> <a href="../_index.html">Index (I)</a> » - <span class='title'><span class='object_link'><a href="../WpTarget.html" title="WpTarget (class)">WpTarget</a></span></span> + <span class='title'><span class='object_link'><a href="../WebSite.html" title="WebSite (class)">WebSite</a></span></span> » <span class="title">InterestingHeaders</span> @@ -63,7 +63,7 @@ <iframe id="search_frame"></iframe> - <div id="content"><h1>Module: WpTarget::InterestingHeaders + <div id="content"><h1>Module: WebSite::InterestingHeaders @@ -78,12 +78,12 @@ <dt class="r1">Included in:</dt> - <dd class="r1"><span class='object_link'><a href="../WpTarget.html" title="WpTarget (class)">WpTarget</a></span></dd> + <dd class="r1"><span class='object_link'><a href="../WebSite.html" title="WebSite (class)">WebSite</a></span></dd> <dt class="r2 last">Defined in:</dt> - <dd class="r2 last">lib/wpscan/wp_target/interesting_headers.rb</dd> + <dd class="r2 last">lib/wpscan/web_site/interesting_headers.rb</dd> </dl> <div class="clear"></div> @@ -106,7 +106,7 @@ <li class="protected "> <span class="summary_signature"> - <a href="#known_headers-class_method" title="known_headers (class method)">+ (Object) <strong>known_headers</strong> </a> + <a href="#known_headers-class_method" title="known_headers (class method)">+ (Array) <strong>known_headers</strong> </a> @@ -120,9 +120,7 @@ - <span class="summary_desc"><div class='inline'> -<p>Array.</p> -</div></span> + <span class="summary_desc"><div class='inline'></div></span> </li> @@ -139,7 +137,7 @@ <li class="public "> <span class="summary_signature"> - <a href="#interesting_headers-instance_method" title="#interesting_headers (instance method)">- (Object) <strong>interesting_headers</strong> </a> + <a href="#interesting_headers-instance_method" title="#interesting_headers (instance method)">- (Array) <strong>interesting_headers</strong> </a> @@ -172,7 +170,7 @@ <div class="method_details first"> <h3 class="signature first" id="known_headers-class_method"> - + (<tt>Object</tt>) <strong>known_headers</strong> <span class="extras">(protected)</span> + + (<tt><span class='object_link'><a href="../Array.html" title="Array (class)">Array</a></span></tt>) <strong>known_headers</strong> <span class="extras">(protected)</span> @@ -181,8 +179,6 @@ </h3><div class="docstring"> <div class="discussion"> -<p>Array</p> - </div> </div> @@ -194,15 +190,10 @@ <li> - <span class='type'></span> + <span class='type'>(<tt><span class='object_link'><a href="../Array.html" title="Array (class)">Array</a></span></tt>)</span> - - <div class='inline'> -<p>Array</p> -</div> - </li> </ul> @@ -213,12 +204,6 @@ <pre class="lines"> -19 -20 -21 -22 -23 -24 25 26 27 @@ -227,10 +212,18 @@ 30 31 32 -33</pre> +33 +34 +35 +36 +37 +38 +39 +40 +41</pre> </td> <td> - <pre class="code"><span class="info file"># File 'lib/wpscan/wp_target/interesting_headers.rb', line 19</span> + <pre class="code"><span class="info file"># File 'lib/wpscan/web_site/interesting_headers.rb', line 25</span> <span class='kw'>def</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_known_headers'>known_headers</span> <span class='qwords_beg'>%w{ @@ -245,6 +238,8 @@ </span><span class='tstring_content'> Pragma</span><span class='words_sep'> </span><span class='tstring_content'> Vary</span><span class='words_sep'> </span><span class='tstring_content'> Cache-Control</span><span class='words_sep'> +</span><span class='tstring_content'> X-Pingback</span><span class='words_sep'> +</span><span class='tstring_content'> Accept-Ranges</span><span class='words_sep'> </span><span class='tstring_end'> }</span></span> <span class='kw'>end</span></pre> </td> @@ -261,7 +256,7 @@ <div class="method_details first"> <h3 class="signature first" id="interesting_headers-instance_method"> - - (<tt>Object</tt>) <strong>interesting_headers</strong> + - (<tt><span class='object_link'><a href="../Array.html" title="Array (class)">Array</a></span></tt>) <strong>interesting_headers</strong> @@ -277,6 +272,24 @@ </div> <div class="tags"> +<p class="tag_title">Returns:</p> +<ul class="return"> + + <li> + + + <span class='type'>(<tt><span class='object_link'><a href="../Array.html" title="Array (class)">Array</a></span></tt>)</span> + + + + — + <div class='inline'> +<p>Interesting Headers</p> +</div> + + </li> + +</ul> </div><table class="source_code"> <tr> @@ -284,25 +297,35 @@ <pre class="lines"> -7 8 9 10 11 12 13 -14</pre> +14 +15 +16 +17 +18 +19 +20</pre> </td> <td> - <pre class="code"><span class="info file"># File 'lib/wpscan/wp_target/interesting_headers.rb', line 7</span> + <pre class="code"><span class="info file"># File 'lib/wpscan/web_site/interesting_headers.rb', line 8</span> <span class='kw'>def</span> <span class='id identifier rubyid_interesting_headers'>interesting_headers</span> <span class='id identifier rubyid_response'>response</span> <span class='op'>=</span> <span class='const'>Browser</span><span class='period'>.</span><span class='id identifier rubyid_head'>head</span><span class='lparen'>(</span><span class='ivar'>@uri</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rparen'>)</span> <span class='id identifier rubyid_headers'>headers</span> <span class='op'>=</span> <span class='id identifier rubyid_response'>response</span><span class='period'>.</span><span class='id identifier rubyid_headers'>headers</span> - <span class='const'>InterestingHeaders</span><span class='period'>.</span><span class='id identifier rubyid_known_headers'>known_headers</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_h'>h</span><span class='op'>|</span> - <span class='id identifier rubyid_headers'>headers</span><span class='period'>.</span><span class='id identifier rubyid_delete'>delete</span><span class='lparen'>(</span><span class='id identifier rubyid_h'>h</span><span class='rparen'>)</span> + <span class='comment'># Header Names are case insensitve so convert them to upcase +</span> <span class='id identifier rubyid_headers_uppercase'>headers_uppercase</span> <span class='op'>=</span> <span class='id identifier rubyid_headers'>headers</span><span class='period'>.</span><span class='id identifier rubyid_inject'>inject</span><span class='lparen'>(</span><span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_hash'>hash</span><span class='comma'>,</span> <span class='id identifier rubyid_keys'>keys</span><span class='op'>|</span> + <span class='id identifier rubyid_hash'>hash</span><span class='lbracket'>[</span><span class='id identifier rubyid_keys'>keys</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_upcase'>upcase</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_keys'>keys</span><span class='lbracket'>[</span><span class='int'>1</span><span class='rbracket'>]</span> + <span class='id identifier rubyid_hash'>hash</span> <span class='kw'>end</span> - <span class='id identifier rubyid_headers'>headers</span><span class='period'>.</span><span class='id identifier rubyid_to_a'>to_a</span><span class='period'>.</span><span class='id identifier rubyid_compact'>compact</span><span class='period'>.</span><span class='id identifier rubyid_sort'>sort</span> + <span class='const'>InterestingHeaders</span><span class='period'>.</span><span class='id identifier rubyid_known_headers'>known_headers</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_h'>h</span><span class='op'>|</span> + <span class='id identifier rubyid_headers_uppercase'>headers_uppercase</span><span class='period'>.</span><span class='id identifier rubyid_delete'>delete</span><span class='lparen'>(</span><span class='id identifier rubyid_h'>h</span><span class='period'>.</span><span class='id identifier rubyid_upcase'>upcase</span><span class='rparen'>)</span> + <span class='kw'>end</span> + <span class='id identifier rubyid_headers_uppercase'>headers_uppercase</span><span class='period'>.</span><span class='id identifier rubyid_to_a'>to_a</span><span class='period'>.</span><span class='id identifier rubyid_compact'>compact</span><span class='period'>.</span><span class='id identifier rubyid_sort'>sort</span> <span class='kw'>end</span></pre> </td> </tr> @@ -314,7 +337,7 @@ </div> <div id="footer"> - Generated on Fri Jul 19 23:10:15 2013 by + Generated on Sat Aug 10 12:46:30 2013 by <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a> 0.8.5.2 (ruby-1.9.3). </div> diff --git a/doc_yard/WebSite/RobotsTxt.html b/doc_yard/WebSite/RobotsTxt.html new file mode 100644 index 00000000..172415dd --- /dev/null +++ b/doc_yard/WebSite/RobotsTxt.html @@ -0,0 +1,516 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> +<title> + Module: WebSite::RobotsTxt + + — Documentation by YARD 0.8.5.2 + + + + + + + + + + + + + + + + + + + + + +

    Module: WebSite::RobotsTxt + + + +

    + +
    + + + + + + + +
    Included in:
    +
    WebSite
    + + + +
    Defined in:
    +
    lib/wpscan/web_site/robots_txt.rb
    + +
    +
    + + + + + + + + + +

    + Class Method Summary + (collapse) +

    + + + +

    + Instance Method Summary + (collapse) +

    + + + + + + +
    +

    Class Method Details

    + + +
    +

    + + + (Array) known_dirs (protected) + + + + + +

    +
    + + +
    +
    +
    + +

    Returns:

    +
      + +
    • + + + (Array) + + + +
      • + +
    + +
    - 
    -
-
+39
 40
 41
 42
 43
 44
-45
-46
-47
-48
-49
-50
-51
    +45     		- 
    # File 'lib/wpscan/web_site.rb', line 40
+      
    # File 'lib/wpscan/web_site.rb', line 39
 
-def xml_rpc_url_from_headers
-  headers    = Browser.get(@uri.to_s).headers_hash
-  xmlrpc_url = nil
-
-  unless headers.nil?
-    pingback_url = headers['X-Pingback']
-    unless pingback_url.nil? || pingback_url.empty?
-      xmlrpc_url = pingback_url
-    end
+def xml_rpc_url
+  unless @xmlrpc_url
+    @xmlrpc_url = @uri.merge('xmlrpc.php').to_s
   end
-  xmlrpc_url
+
+  @xmlrpc_url
 end
    + + + + +
    + 
    +
+
+54
+55
+56
+57
+58
+59
+60
+61
    +     		+ 
    # File 'lib/wpscan/web_site/robots_txt.rb', line 54
+
+def self.known_dirs
+  %w{
+    /
+    /wp-admin/
+    /wp-includes/
+    /wp-content/
+  }
+end
    +
    +
    + +
    + +
    +

    Instance Method Details

    + + +
    +

    + + - (Boolean) has_robots? + + + + + +

    +
    + +

    Checks if a robots.txt file exists

    + + +
    +
    +
    + +

    Returns:

    +
      + +
    • + + + (Boolean) + + + +
      • + +
    + +
    + + + + +
    + 
    +
+
+8
+9
+10
    +     		+ 
    # File 'lib/wpscan/web_site/robots_txt.rb', line 8
+
+def has_robots?
+  Browser.get(robots_url).code == 200
+end
    +
    +
    + +
    +

    + + - (Array) parse_robots_txt + + + + + +

    +
    + +

    Parse robots.txt

    + + +
    +
    +
    + +

    Returns:

    +
      + +
    • + + + (Array) + + + + — +
      +

      URLs generated from robots.txt

      +
      + +
      • + +
    + +
    + + + + +
    + 
    +
+
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
    +     		+ 
    # File 'lib/wpscan/web_site/robots_txt.rb', line 23
+
+def parse_robots_txt
+  return unless has_robots?
+
+  return_object = []
+  response = Browser.get(robots_url.to_s)
+  body = response.body
+  # Get all allow and disallow urls
+  entries = body.scan(/^(?:dis)?allow:\s*(.*)$/i)
+  if entries
+    entries.flatten!
+    entries.compact.sort!
+    wordpress_path = @uri.path
+    RobotsTxt.known_dirs.each do |d|
+      entries.delete(d)
+      # also delete when wordpress is installed in subdir
+      dir_with_subdir = "#{wordpress_path}/#{d}".gsub(/\/+/, '/')
+      entries.delete(dir_with_subdir)
+    end
+
+    entries.each do |d|
+      temp = @uri.clone
+      temp.path = d
+      return_object << temp.to_s
+    end
+  end
+  return_object
+end
    +
    +
    + +
    +

    + + - (String) robots_url + + + + + +

    +
    + +

    Gets a robots.txt URL

    + + +
    +
    +
    + +

    Returns:

    +
      + +
    • + + + (String) + + + +
      • + +
    + +
    + + + + +
    + 
    +
+
+14
+15
+16
+17
+18
    +     		+ 
    # File 'lib/wpscan/web_site/robots_txt.rb', line 14
+
+def robots_url
+  temp = @uri.clone
+  temp.path = '/robots.txt'
+  temp.to_s
+end
    +
    +
    + +
    + +
    + + + + + \ No newline at end of file diff --git a/doc_yard/WpItem.html b/doc_yard/WpItem.html index 537db4e2..946280c1 100644 --- a/doc_yard/WpItem.html +++ b/doc_yard/WpItem.html @@ -570,7 +570,7 @@

    Methods included from Vulnerable

    -

    #vulnerabilities, #vulnerable_to?

    +

    #vulnerabilities, #vulnerable?, #vulnerable_to?

    @@ -1420,7 +1420,7 @@ diff --git a/doc_yard/WpItem/Existable.html b/doc_yard/WpItem/Existable.html index 4f646d65..bf61bb20 100644 --- a/doc_yard/WpItem/Existable.html +++ b/doc_yard/WpItem/Existable.html @@ -412,7 +412,7 @@ for the verification Otherwise a new request is done

    diff --git a/doc_yard/WpItem/Findable.html b/doc_yard/WpItem/Findable.html index 49b039ea..eaa0e73c 100644 --- a/doc_yard/WpItem/Findable.html +++ b/doc_yard/WpItem/Findable.html @@ -100,7 +100,7 @@ diff --git a/doc_yard/WpItem/Infos.html b/doc_yard/WpItem/Infos.html index ed17882f..92190024 100644 --- a/doc_yard/WpItem/Infos.html +++ b/doc_yard/WpItem/Infos.html @@ -777,7 +777,7 @@ href="http://www.exploit-db.com/ghdb/3714">www.exploit-db.com/ghdb/3714/

    diff --git a/doc_yard/WpItem/Output.html b/doc_yard/WpItem/Output.html index 2dbe3eca..ffc2eec3 100644 --- a/doc_yard/WpItem/Output.html +++ b/doc_yard/WpItem/Output.html @@ -215,7 +215,7 @@ diff --git a/doc_yard/WpItem/Versionable.html b/doc_yard/WpItem/Versionable.html index 42350f30..5549d74e 100644 --- a/doc_yard/WpItem/Versionable.html +++ b/doc_yard/WpItem/Versionable.html @@ -290,7 +290,7 @@ diff --git a/doc_yard/WpItem/Vulnerable.html b/doc_yard/WpItem/Vulnerable.html index 081c9313..8b2fa611 100644 --- a/doc_yard/WpItem/Vulnerable.html +++ b/doc_yard/WpItem/Vulnerable.html @@ -184,6 +184,28 @@ vulnerabilities.

    + + + +
  • + + + - (Boolean) vulnerable? + + + + + + + + + + + + + +
    +
    • @@ -382,6 +404,58 @@ vulnerabilities

    + + +
    +

    + + - (Boolean) vulnerable? + + + + + +

    +
    + + +
    +
    +
    + +

    Returns:

    + + +
    + + + + +
    + 
    +
+
+24
+25
+26
    +     		+ 
    # File 'lib/common/models/wp_item/vulnerable.rb', line 24
+
+def vulnerable?
+  vulnerabilities.empty? ? false : true
+end
    +
    @@ -443,19 +517,19 @@ vulnerabilities

     
 
-29
-30
-31
-32
 33
 34
 35
 36
 37
-38
    +38 +39 +40 +41 +42 - 
    # File 'lib/common/models/wp_item/vulnerable.rb', line 29
+      
    # File 'lib/common/models/wp_item/vulnerable.rb', line 33
 
 def vulnerable_to?(vuln)
   if version && vuln && vuln.fixed_in && !vuln.fixed_in.empty?
@@ -477,7 +551,7 @@ vulnerabilities
    diff --git a/doc_yard/WpItems.html b/doc_yard/WpItems.html index 1edd4dba..87c7fe46 100644 --- a/doc_yard/WpItems.html +++ b/doc_yard/WpItems.html @@ -304,7 +304,7 @@

    Methods included from Detectable

    -

    aggressive_detection, item_options, passive_detection, progress_bar, request_params, targets_items, targets_items_from_file, vulnerable_targets_items

    +

    aggressive_detection, passive_detection, passive_detection_pattern, progress_bar, request_params, targets_items, targets_items_from_file, vulnerable_targets_items

    @@ -761,7 +761,7 @@ diff --git a/doc_yard/WpItems/Detectable.html b/doc_yard/WpItems/Detectable.html index 0fef91da..3eabef5d 100644 --- a/doc_yard/WpItems/Detectable.html +++ b/doc_yard/WpItems/Detectable.html @@ -227,28 +227,6 @@ -
    - - - - -
  • - - - - (Hash) item_options(wp_target) - - - - - - - - protected - - - - -
    • @@ -271,6 +249,28 @@ +
    + + + + +
  • + + + - (Regex) passive_detection_pattern(wp_target) + + + + + + + + protected + + + + +
    • @@ -635,7 +635,9 @@ 46 47 48 -49 +49 +50 +51 
    # File 'lib/common/collections/wp_items/detectable.rb', line 15
@@ -663,7 +665,9 @@
 
       if target_item.exists?(exist_options, response)
         if !results.include?(target_item)
-          results << target_item
+          if !options[:only_vulnerable] || options[:only_vulnerable] && target_item.vulnerable?
+            results << target_item
+          end
         end
       end
     end
@@ -780,18 +784,18 @@
       
     
 
+153
+154
+155
+156
+157
+158
+159
 160
-161
-162
-163
-164
-165
-166
-167
-168
    
+161
    - 
    # File 'lib/common/collections/wp_items/detectable.rb', line 160
+      
    # File 'lib/common/collections/wp_items/detectable.rb', line 153
 
 def create_item(klass, name, wp_target, vulns_file = nil)
   klass.new(
@@ -844,12 +848,12 @@
       
     
 
-193
-194
-195
    
+186
+187
+188
    
     
     
-      
    # File 'lib/common/collections/wp_items/detectable.rb', line 193
+      
    # File 'lib/common/collections/wp_items/detectable.rb', line 186
 
 def item_class
   Object.const_get(self.to_s.gsub(/.$/, ''))
@@ -857,81 +861,6 @@
     
   
 
-
-    
-      
    
-  
    
-  
-    - (Hash) item_options(wp_target)  (protected)
-  
-
-  
-
-  
-
    
-  
    
-    
-
-  
    
-
    
-
    
-  
    Parameters:
    
-
      
-  
-    
    • 
-      
-        wp_target
-      
-      
-        (WpTarget)
-      
-      
-      
-    
      • 
-  
-
    
-
-
    Returns:
    
-
      
-  
-    
    • 
-      
-      
-        (Hash)
-      
-      
-      
-    
      • 
-  
-
    
-
-
    
-  
-    
-    
-  
-
    
-      
    -
-
-97
-98
-99
-100
-101
-102
-103
    
-        		
-      
    # File 'lib/common/collections/wp_items/detectable.rb', line 97
-
-def item_options(wp_target)
-  {
-    wp_content_dir: wp_target.wp_content_dir,
-    wp_plugins_dir: wp_target.wp_plugins_dir,
-    vulns_file:     self.vulns_file
-  }
-end
    
-    
    
 
    
     
       
    
@@ -999,8 +928,6 @@
       
     
 
-71
-72
 73
 74
 75
@@ -1010,38 +937,97 @@
 79
 80
 81
-82
-83
-84
-85
-86
-87
-88
-89
-90
    
+82
    
     
     
-      
    # File 'lib/common/collections/wp_items/detectable.rb', line 71
+      
    # File 'lib/common/collections/wp_items/detectable.rb', line 73
 
 def passive_detection(wp_target, options = {})
-  results      = new
-  item_class   = self.item_class
-  type         = self.to_s.gsub(/Wp/, '').downcase
-  response     = Browser.get(wp_target.url)
-  item_options = self.item_options(wp_target)
+  results  = new(wp_target)
+  body     = Browser.get(wp_target.url).body
+  names    = body.scan(passive_detection_pattern(wp_target))
 
+  names.flatten.uniq.each { |name| results.add(name) }
+
+  results.sort!
+  results
+end
    
+    
+  
+
+
+    
+      
    
+  
    
+  
+    - (Regex) passive_detection_pattern(wp_target)  (protected)
+  
+
+  
+
+  
+
    
+  
    
+    
+
+  
    
+
    
+
    
+  
    Parameters:
    
+
      
+  
+    
    • 
+      
+        wp_target
+      
+      
+        (WpTarget)
+      
+      
+      
+    
      • 
+  
+
    
+
+
    Returns:
    
+
      
+  
+    
    • 
+      
+      
+        (Regex)
+      
+      
+      
+    
      • 
+  
+
    
+
+
    
+  
+    
+    
@@ -1113,18 +1099,18 @@
       
     
 
-56
-57
 58
 59
 60
 61
 62
 63
-64
    
+64
+65
+66
@@ -1288,6 +1274,13 @@
       
     
 
+109
+110
+111
+112
+113
+114
+115
 116
 117
 118
@@ -1297,17 +1290,10 @@
 122
 123
 124
-125
-126
-127
-128
-129
-130
-131
-132
    
+125
    
+      
    +
+
+89
+90
+91
+92
+93
+94
+95
+96
    
+        		
+      
    # File 'lib/common/collections/wp_items/detectable.rb', line 89
+
+def passive_detection_pattern(wp_target)
+  type   = self.to_s.gsub(/Wp/, '').downcase
   regex1 = %r{(?:[^=:]+)\s?(?:=|:)\s?(?:"|')[^"']+\\?/}
   regex2 = %r{\\?/}
   regex3 = %r{\\?/([^/\\"']+)\\?(?:/|"|')}
 
-  names = response.body.scan(/#{regex1}#{Regexp.escape(wp_target.wp_content_dir)}#{regex2}#{Regexp.escape(type)}#{regex3}/i)
-
-  names.flatten.uniq.each do |name|
-    results << item_class.new(wp_target.uri, item_options.merge(name: name))
-  end
-
-  results.sort!
-  results
+  /#{regex1}#{Regexp.escape(wp_target.wp_content_dir)}#{regex2}#{Regexp.escape(type)}#{regex3}/i
 end
    
         		
   
    
     
     
    
-      
    # File 'lib/common/collections/wp_items/detectable.rb', line 56
+      
    # File 'lib/common/collections/wp_items/detectable.rb', line 58
 
 def progress_bar(targets_size, options)
   if options[:show_progression]
@@ -1179,10 +1165,10 @@
       
     
 
-108
    
+101
    
     
    		
     
-      
    # File 'lib/common/collections/wp_items/detectable.rb', line 108
+      
    # File 'lib/common/collections/wp_items/detectable.rb', line 101
 
 def request_params; { cache_ttl: 0, followlocation: true } end
    
     
    		
     
     
-      
    # File 'lib/common/collections/wp_items/detectable.rb', line 116
+      
    # File 'lib/common/collections/wp_items/detectable.rb', line 109
 
 def targets_items(wp_target, options = {})
   item_class = self.item_class
@@ -1416,6 +1402,13 @@
       
     
 
+169
+170
+171
+172
+173
+174
+175
 176
 177
 178
@@ -1423,17 +1416,10 @@
 180
 181
 182
-183
-184
-185
-186
-187
-188
-189
-190
    
+183
    
     
    		
     
-      
    # File 'lib/common/collections/wp_items/detectable.rb', line 176
+      
    # File 'lib/common/collections/wp_items/detectable.rb', line 169
 
 def targets_items_from_file(file, wp_target, item_class, vulns_file)
   targets = []
@@ -1529,23 +1515,23 @@
       
     
 
+132
+133
+134
+135
+136
+137
+138
 139
 140
 141
 142
 143
 144
-145
-146
-147
-148
-149
-150
-151
-152
    
+145
    
     
    		
     
-      
    # File 'lib/common/collections/wp_items/detectable.rb', line 139
+      
    # File 'lib/common/collections/wp_items/detectable.rb', line 132
 
 def vulnerable_targets_items(wp_target, item_class, vulns_file)
   targets = []
@@ -1571,7 +1557,7 @@
 
 
     
diff --git a/doc_yard/WpItems/Output.html b/doc_yard/WpItems/Output.html
index 64fc9471..696cfca6 100644
--- a/doc_yard/WpItems/Output.html
+++ b/doc_yard/WpItems/Output.html
@@ -169,7 +169,7 @@
 
 
     
diff --git a/doc_yard/WpPlugin.html b/doc_yard/WpPlugin.html
index e56c3b3f..112fb304 100644
--- a/doc_yard/WpPlugin.html
+++ b/doc_yard/WpPlugin.html
@@ -240,7 +240,7 @@
   
   
   
    Methods included from WpItem::Vulnerable
    
-  
    #vulnerabilities, #vulnerable_to?
    
+  
    #vulnerabilities, #vulnerable?, #vulnerable_to?
    
 
   
   
@@ -330,7 +330,7 @@
 
 
     
diff --git a/doc_yard/WpPlugin/Vulnerable.html b/doc_yard/WpPlugin/Vulnerable.html
index 52715b23..f4b467ff 100644
--- a/doc_yard/WpPlugin/Vulnerable.html
+++ b/doc_yard/WpPlugin/Vulnerable.html
@@ -280,7 +280,7 @@
 
 
     
diff --git a/doc_yard/WpPlugins.html b/doc_yard/WpPlugins.html
index b6c480d6..38c4783e 100644
--- a/doc_yard/WpPlugins.html
+++ b/doc_yard/WpPlugins.html
@@ -168,7 +168,7 @@
   
   
   
    Methods included from WpItems::Detectable
    
-  
    #aggressive_detection, #create_item, #item_class, #item_options, #passive_detection, #progress_bar, #request_params, #targets_items, #targets_items_from_file, #vulnerable_targets_items
    
+  
    #aggressive_detection, #create_item, #item_class, #passive_detection, #passive_detection_pattern, #progress_bar, #request_params, #targets_items, #targets_items_from_file, #vulnerable_targets_items
    
 
   
   
@@ -202,7 +202,7 @@
 
 
     
diff --git a/doc_yard/WpPlugins/Detectable.html b/doc_yard/WpPlugins/Detectable.html
index 3b352548..1714a71f 100644
--- a/doc_yard/WpPlugins/Detectable.html
+++ b/doc_yard/WpPlugins/Detectable.html
@@ -609,7 +609,7 @@ from PHP
    
 
 
     
diff --git a/doc_yard/WpTarget.html b/doc_yard/WpTarget.html
index 90a3acdc..58cbd672 100644
--- a/doc_yard/WpTarget.html
+++ b/doc_yard/WpTarget.html
@@ -93,7 +93,7 @@
   
     
       
    Includes:
    
-      
    InterestingHeaders, Malwares, WpConfigBackup, WpCustomDirectories, WpFullPathDisclosure, WpLoginProtection, WpReadme, WpRegistrable
    
+      
    Malwares, WpConfigBackup, WpCustomDirectories, WpFullPathDisclosure, WpLoginProtection, WpReadme, WpRegistrable
    
       
     
   
@@ -101,7 +101,7 @@
   
     
    Defined in:
    
     
    lib/wpscan/wp_target.rb,
    
-  lib/wpscan/wp_target/malwares.rb,
     lib/wpscan/wp_target/wp_readme.rb,
     lib/wpscan/wp_target/wp_registrable.rb,
     lib/wpscan/wp_target/wp_config_backup.rb,
     lib/wpscan/wp_target/interesting_headers.rb,
     lib/wpscan/wp_target/wp_login_protection.rb,
     lib/wpscan/wp_target/wp_custom_directories.rb,
     lib/wpscan/wp_target/wp_full_path_disclosure.rb    
+  lib/wpscan/wp_target/malwares.rb,
     lib/wpscan/wp_target/wp_readme.rb,
     lib/wpscan/wp_target/wp_registrable.rb,
     lib/wpscan/wp_target/wp_config_backup.rb,
     lib/wpscan/wp_target/wp_login_protection.rb,
     lib/wpscan/wp_target/wp_custom_directories.rb,
     lib/wpscan/wp_target/wp_full_path_disclosure.rb
 
    
   
 
@@ -111,7 +111,7 @@
 
    
   
     
-      Modules: InterestingHeaders, Malwares, WpConfigBackup, WpCustomDirectories, WpFullPathDisclosure, WpLoginProtection, WpReadme, WpRegistrable
+      Modules: Malwares, WpConfigBackup, WpCustomDirectories, WpFullPathDisclosure, WpLoginProtection, WpReadme, WpRegistrable
     
   
     
@@ -483,17 +483,6 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
   
   
   
-  
    Methods included from InterestingHeaders
    
-  
    #interesting_headers, known_headers
    
-
-  
-  
-  
-  
-  
-  
-  
-  
   
    Methods included from WpLoginProtection
    
   
    #better_wp_security_url, #bluetrait_event_viewer_url, #has_better_wp_security_protection?, #has_bluetrait_event_viewer_protection?, #has_limit_login_attempts_protection?, #has_login_lock_protection?, #has_login_lockdown_protection?, #has_login_protection?, #has_login_security_solution_protection?, #has_simple_login_lockdown_protection?, #limit_login_attempts_url, #login_protection_plugin, #login_security_solution_url, #plugin_url, #simple_login_lockdown_url
    
 
@@ -550,7 +539,29 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
   
   
   
    Methods inherited from WebSite
    
-  
    #error_404_hash, #has_basic_auth?, has_log?, #has_robots?, #has_xml_rpc?, #homepage_hash, #online?, page_hash, #redirection, #robots_url, #rss_url, #url, #url=, #xml_rpc_url, #xml_rpc_url_from_body, #xml_rpc_url_from_headers
    
+  
    #error_404_hash, #has_basic_auth?, has_log?, #has_xml_rpc?, #homepage_hash, #online?, page_hash, #redirection, #rss_url, #url, #url=, #xml_rpc_url
    
+
+  
+  
+  
+  
+  
+  
+  
+  
+  
    Methods included from WebSite::InterestingHeaders
    
+  
    #interesting_headers, known_headers
    
+
+  
+  
+  
+  
+  
+  
+  
+  
+  
    Methods included from WebSite::RobotsTxt
    
+  
    #has_robots?, known_dirs, #parse_robots_txt, #robots_url
    
 
    
   
    Constructor Details
    
   
@@ -580,6 +591,8 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
+23
+24
 25
 26
 27
@@ -587,12 +600,10 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
 29
 30
 31
-32
-33
-34
    
+32
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 25
+      
    # File 'lib/wpscan/wp_target.rb', line 23
 
 def initialize(target_url, options = {})
   super(target_url)
@@ -642,12 +653,12 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
-23
-24
-25
    
+21
+22
+23
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 23
+      
    # File 'lib/wpscan/wp_target.rb', line 21
 
 def verbose
   @verbose
@@ -690,12 +701,12 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
-75
-76
-77
    
+72
+73
+74
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 75
+      
    # File 'lib/wpscan/wp_target.rb', line 72
 
 def self.valid_response_codes
   [200, 301, 302, 401, 403, 500, 400]
@@ -748,12 +759,12 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
-117
-118
-119
    
+114
+115
+116
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 117
+      
    # File 'lib/wpscan/wp_target.rb', line 114
 
 def debug_log_url
   @uri.merge("#{wp_content_dir()}/debug.log").to_s
@@ -800,12 +811,12 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
-112
-113
-114
    
+109
+110
+111
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 112
+      
    # File 'lib/wpscan/wp_target.rb', line 109
 
 def has_debug_log?
   WebSite.has_log?(debug_log_url, %r{\[[^\]]+\] PHP (?:Warning|Error|Notice):})
@@ -882,18 +893,18 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
+98
+99
+100
 101
 102
 103
 104
 105
-106
-107
-108
-109
    
+106
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 101
+      
    # File 'lib/wpscan/wp_target.rb', line 98
 
 def has_plugin?(name, version = nil)
   WpPlugin.new(
@@ -924,6 +935,9 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
+59
+60
+61
 62
 63
 64
@@ -931,13 +945,10 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
 66
 67
 68
-69
-70
-71
-72
    
+69
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 62
+      
    # File 'lib/wpscan/wp_target.rb', line 59
 
 def 
   url = @uri.merge('wp-login.php').to_s
@@ -992,13 +1003,13 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
-131
-132
-133
-134
    
+128
+129
+130
+131
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 131
+      
    # File 'lib/wpscan/wp_target.rb', line 128
 
 def search_replace_db_2_exists?
   resp = Browser.get(search_replace_db_2_url)
@@ -1050,12 +1061,12 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
-126
-127
-128
    
+123
+124
+125
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 126
+      
    # File 'lib/wpscan/wp_target.rb', line 123
 
 def search_replace_db_2_url
   @uri.merge('searchreplacedb2.php').to_s
@@ -1104,12 +1115,12 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
-81
-82
-83
    
+78
+79
+80
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 81
+      
    # File 'lib/wpscan/wp_target.rb', line 78
 
 def theme
   WpTheme.find(@uri)
@@ -1173,12 +1184,12 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
-90
-91
-92
    
+87
+88
+89
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 90
+      
    # File 'lib/wpscan/wp_target.rb', line 87
 
 def version(versions_xml)
   WpVersion.find(@uri, wp_content_dir, wp_plugins_dir, versions_xml)
@@ -1227,6 +1238,8 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
       
     
 
+36
+37
 38
 39
 40
@@ -1246,13 +1259,10 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
 54
 55
 56
-57
-58
-59
-60
    
+57
    
     
    		
     
-      
    # File 'lib/wpscan/wp_target.rb', line 38
+      
    # File 'lib/wpscan/wp_target.rb', line 36
 
 def wordpress?
   wordpress = false
@@ -1262,9 +1272,8 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
   if response.body =~ /["'][^"']*\/wp-content\/[^"']*["']/i
     wordpress = true
   else
-    response = Browser.get_and_follow_location(xml_rpc_url)
 
-    if response.body =~ %r{XML-RPC server accepts POST requests only}i
+    if has_xml_rpc?
       wordpress = true
     else
       response = Browser.get_and_follow_location()
@@ -1287,7 +1296,7 @@ href="http://interconnectit.com/124/search-and-replace-for-wordpress-databases">
 
 
     
diff --git a/doc_yard/WpTarget/Malwares.html b/doc_yard/WpTarget/Malwares.html
index 8a26a8e4..6fa0fca3 100644
--- a/doc_yard/WpTarget/Malwares.html
+++ b/doc_yard/WpTarget/Malwares.html
@@ -417,7 +417,7 @@
 
 
     
diff --git a/doc_yard/WpTarget/WpConfigBackup.html b/doc_yard/WpTarget/WpConfigBackup.html
index b9ad0965..09af8481 100644
--- a/doc_yard/WpTarget/WpConfigBackup.html
+++ b/doc_yard/WpTarget/WpConfigBackup.html
@@ -106,7 +106,7 @@
         
  • 
   
     
-      + (Object) config_backup_files 
+      + (Array) config_backup_files 
     
 
     
@@ -120,9 +120,7 @@
   
 
   
-    
    
-
    Array.
    
-
    
+    
    
   
 
    • 
 
@@ -139,7 +137,7 @@
         
  • 
   
     
-      - (Object) config_backup 
+      - (Array) config_backup 
     
 
     
@@ -155,8 +153,7 @@
   
     
    
 
    Checks to see if wp-config.php has a backup See www.feross.org/cmsploit/ return
-an array of backup config files url.
    
+href="http://www.feross.org/cmsploit">www.feross.org/cmsploit/.
    
 
    
   
 
    • 
@@ -174,7 +171,7 @@ an array of backup config files url.
    
       
    
   
    
   
-    + (Object) config_backup_files 
+    + (Array) config_backup_files 
   
 
   
@@ -183,8 +180,6 @@ an array of backup config files url.
    
 
    
   
    
     
-
    Array
    
-
 
   
    
 
    
@@ -196,15 +191,10 @@ an array of backup config files url.
    
     
  • 
       
       
-        
+        (Array)
       
       
       
-        
-        
    
-
    Array
    
-
    
-      
     
    • 
   
 
@@ -247,7 +237,7 @@ an array of backup config files url.
    
       
    
   
    
   
-    - (Object) config_backup 
+    - (Array) config_backup 
   
 
   
@@ -257,14 +247,31 @@ an array of backup config files url.
    
   
    
     
 
    Checks to see if wp-config.php has a backup See www.feross.org/cmsploit/ return
-an array of backup config files url
    
+href="http://www.feross.org/cmsploit">www.feross.org/cmsploit/
    
 
 
   
    
 
    
 
    
   
+
    Returns:
    
+
      
+  
+    
    • 
+      
+      
+        (Array)
+      
+      
+      
+        —
+        
      
+
      Backup config files
      
+
      
+      
+    
      • 
+  
+
    
 
 
    
@@ -346,7 +353,7 @@ an array of backup config files url
    
diff --git a/doc_yard/WpTarget/WpCustomDirectories.html b/doc_yard/WpTarget/WpCustomDirectories.html
index d53f93d5..982b12e2 100644
--- a/doc_yard/WpTarget/WpCustomDirectories.html
+++ b/doc_yard/WpTarget/WpCustomDirectories.html
@@ -475,7 +475,7 @@
 
diff --git a/doc_yard/WpTarget/WpFullPathDisclosure.html b/doc_yard/WpTarget/WpFullPathDisclosure.html
index f794c40e..96763e43 100644
--- a/doc_yard/WpTarget/WpFullPathDisclosure.html
+++ b/doc_yard/WpTarget/WpFullPathDisclosure.html
@@ -271,7 +271,7 @@
 
diff --git a/doc_yard/WpTarget/WpLoginProtection.html b/doc_yard/WpTarget/WpLoginProtection.html
index 88b81f1e..b8cce047 100644
--- a/doc_yard/WpTarget/WpLoginProtection.html
+++ b/doc_yard/WpTarget/WpLoginProtection.html
@@ -1185,7 +1185,7 @@ return a WpPlugin object or nil if no one is found
    
diff --git a/doc_yard/WpTarget/WpReadme.html b/doc_yard/WpTarget/WpReadme.html
index e0770298..09a096be 100644
--- a/doc_yard/WpTarget/WpReadme.html
+++ b/doc_yard/WpTarget/WpReadme.html
@@ -291,7 +291,7 @@ reinstated with an upgrade.
    
diff --git a/doc_yard/WpTarget/WpRegistrable.html b/doc_yard/WpTarget/WpRegistrable.html
index 9001a8d8..18c598c0 100644
--- a/doc_yard/WpTarget/WpRegistrable.html
+++ b/doc_yard/WpTarget/WpRegistrable.html
@@ -410,7 +410,7 @@
 
diff --git a/doc_yard/WpTheme.html b/doc_yard/WpTheme.html
index 748c17bb..0f9879f0 100644
--- a/doc_yard/WpTheme.html
+++ b/doc_yard/WpTheme.html
@@ -320,7 +320,7 @@
   
   
   
    Methods included from WpItem::Vulnerable
    
-  
    #vulnerabilities, #vulnerable_to?
    
+  
    #vulnerabilities, #vulnerable?, #vulnerable_to?
    
 
   
   
@@ -508,7 +508,7 @@
 
diff --git a/doc_yard/WpTheme/Findable.html b/doc_yard/WpTheme/Findable.html
index 31d3fdd8..dd96560b 100644
--- a/doc_yard/WpTheme/Findable.html
+++ b/doc_yard/WpTheme/Findable.html
@@ -470,7 +470,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=141">code.google.com/p/wp
 
diff --git a/doc_yard/WpTheme/Versionable.html b/doc_yard/WpTheme/Versionable.html
index 52517ae1..6b145e3d 100644
--- a/doc_yard/WpTheme/Versionable.html
+++ b/doc_yard/WpTheme/Versionable.html
@@ -181,7 +181,7 @@
 
diff --git a/doc_yard/WpTheme/Vulnerable.html b/doc_yard/WpTheme/Vulnerable.html
index a5fa2cc0..4086c2ff 100644
--- a/doc_yard/WpTheme/Vulnerable.html
+++ b/doc_yard/WpTheme/Vulnerable.html
@@ -280,7 +280,7 @@
 
diff --git a/doc_yard/WpThemes.html b/doc_yard/WpThemes.html
index 787b7fff..e3c3e423 100644
--- a/doc_yard/WpThemes.html
+++ b/doc_yard/WpThemes.html
@@ -168,7 +168,7 @@
   
   
   
    Methods included from WpItems::Detectable
    
-  
    #aggressive_detection, #create_item, #item_class, #item_options, #passive_detection, #progress_bar, #request_params, #targets_items, #targets_items_from_file, #vulnerable_targets_items
    
+  
    #aggressive_detection, #create_item, #item_class, #passive_detection, #passive_detection_pattern, #progress_bar, #request_params, #targets_items, #targets_items_from_file, #vulnerable_targets_items
    
 
   
   
@@ -202,7 +202,7 @@
 
diff --git a/doc_yard/WpThemes/Detectable.html b/doc_yard/WpThemes/Detectable.html
index 10feadc3..fb86301d 100644
--- a/doc_yard/WpThemes/Detectable.html
+++ b/doc_yard/WpThemes/Detectable.html
@@ -265,7 +265,7 @@
 
diff --git a/doc_yard/WpTimthumb.html b/doc_yard/WpTimthumb.html
index 9cb855e1..7cd97e2d 100644
--- a/doc_yard/WpTimthumb.html
+++ b/doc_yard/WpTimthumb.html
@@ -260,7 +260,7 @@
   
   
   
    Methods included from WpItem::Vulnerable
    
-  
    #vulnerabilities, #vulnerable_to?
    
+  
    #vulnerabilities, #vulnerable?, #vulnerable_to?
    
 
   
   
@@ -356,7 +356,7 @@
 
diff --git a/doc_yard/WpTimthumb/Existable.html b/doc_yard/WpTimthumb/Existable.html
index d0761a0a..a9ca8c99 100644
--- a/doc_yard/WpTimthumb/Existable.html
+++ b/doc_yard/WpTimthumb/Existable.html
@@ -219,7 +219,7 @@
 
diff --git a/doc_yard/WpTimthumb/Output.html b/doc_yard/WpTimthumb/Output.html
index 5c0b0762..60cf6783 100644
--- a/doc_yard/WpTimthumb/Output.html
+++ b/doc_yard/WpTimthumb/Output.html
@@ -169,7 +169,7 @@
 
diff --git a/doc_yard/WpTimthumb/Versionable.html b/doc_yard/WpTimthumb/Versionable.html
index 7d77960e..4ed98530 100644
--- a/doc_yard/WpTimthumb/Versionable.html
+++ b/doc_yard/WpTimthumb/Versionable.html
@@ -284,7 +284,7 @@ href="https://code.google.com/p/timthumb/source/browse/trunk/timthumb.php#426">c
 
diff --git a/doc_yard/WpTimthumbs.html b/doc_yard/WpTimthumbs.html
index 307b31c5..c605587a 100644
--- a/doc_yard/WpTimthumbs.html
+++ b/doc_yard/WpTimthumbs.html
@@ -168,7 +168,7 @@
   
   
   
    Methods included from WpItems::Detectable
    
-  
    #aggressive_detection, #create_item, #item_class, #item_options, #passive_detection, #progress_bar, #request_params, #targets_items, #targets_items_from_file, #vulnerable_targets_items
    
+  
    #aggressive_detection, #create_item, #item_class, #passive_detection, #passive_detection_pattern, #progress_bar, #request_params, #targets_items, #targets_items_from_file, #vulnerable_targets_items
    
 
   
   
@@ -202,7 +202,7 @@
 
diff --git a/doc_yard/WpTimthumbs/Detectable.html b/doc_yard/WpTimthumbs/Detectable.html
index 2d422abb..39c907eb 100644
--- a/doc_yard/WpTimthumbs/Detectable.html
+++ b/doc_yard/WpTimthumbs/Detectable.html
@@ -731,7 +731,7 @@
 
diff --git a/doc_yard/WpUser.html b/doc_yard/WpUser.html
index 0ced5b4d..26699857 100644
--- a/doc_yard/WpUser.html
+++ b/doc_yard/WpUser.html
@@ -496,7 +496,7 @@
   
   
   
    Methods included from WpItem::Vulnerable
    
-  
    #vulnerabilities, #vulnerable_to?
    
+  
    #vulnerabilities, #vulnerable?, #vulnerable_to?
    
 
   
   
@@ -1115,7 +1115,7 @@
 
diff --git a/doc_yard/WpUser/BruteForcable.html b/doc_yard/WpUser/BruteForcable.html
index 74db5d6b..159cc8ad 100644
--- a/doc_yard/WpUser/BruteForcable.html
+++ b/doc_yard/WpUser/BruteForcable.html
@@ -922,7 +922,7 @@ waiting...
    
diff --git a/doc_yard/WpUser/Existable.html b/doc_yard/WpUser/Existable.html
index 7890cde7..be6abe75 100644
--- a/doc_yard/WpUser/Existable.html
+++ b/doc_yard/WpUser/Existable.html
@@ -675,7 +675,7 @@ it’s forced to UTF-8 when this encoding is detected
    
diff --git a/doc_yard/WpUsers.html b/doc_yard/WpUsers.html
index 9871e959..f26edb3d 100644
--- a/doc_yard/WpUsers.html
+++ b/doc_yard/WpUsers.html
@@ -194,7 +194,7 @@
   
   
   
    Methods included from WpItems::Detectable
    
-  
    #aggressive_detection, #create_item, #item_class, #item_options, #passive_detection, #progress_bar, #request_params, #targets_items, #targets_items_from_file, #vulnerable_targets_items
    
+  
    #aggressive_detection, #create_item, #item_class, #passive_detection, #passive_detection_pattern, #progress_bar, #request_params, #targets_items, #targets_items_from_file, #vulnerable_targets_items
    
 
   
   
@@ -228,7 +228,7 @@
 
diff --git a/doc_yard/WpUsers/BruteForcable.html b/doc_yard/WpUsers/BruteForcable.html
index 407cfd92..e3c2081c 100644
--- a/doc_yard/WpUsers/BruteForcable.html
+++ b/doc_yard/WpUsers/BruteForcable.html
@@ -222,7 +222,7 @@ here, and given to the wp_user
    
diff --git a/doc_yard/WpUsers/Detectable.html b/doc_yard/WpUsers/Detectable.html
index 583971f7..08ed6dcc 100644
--- a/doc_yard/WpUsers/Detectable.html
+++ b/doc_yard/WpUsers/Detectable.html
@@ -402,7 +402,7 @@
 
diff --git a/doc_yard/WpUsers/Output.html b/doc_yard/WpUsers/Output.html
index 4973ac7b..47c773a7 100644
--- a/doc_yard/WpUsers/Output.html
+++ b/doc_yard/WpUsers/Output.html
@@ -323,7 +323,7 @@
 
diff --git a/doc_yard/WpVersion.html b/doc_yard/WpVersion.html
index 863a3455..2e969fdc 100644
--- a/doc_yard/WpVersion.html
+++ b/doc_yard/WpVersion.html
@@ -318,7 +318,7 @@
   
   
   
    Methods included from WpItem::Vulnerable
    
-  
    #vulnerabilities, #vulnerable_to?
    
+  
    #vulnerabilities, #vulnerable?, #vulnerable_to?
    
 
   
   
@@ -510,7 +510,7 @@
 
diff --git a/doc_yard/WpVersion/Findable.html b/doc_yard/WpVersion/Findable.html
index 7d273bed..a81e3261 100644
--- a/doc_yard/WpVersion/Findable.html
+++ b/doc_yard/WpVersion/Findable.html
@@ -1392,7 +1392,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=109">code.google.com/p/wp
 
diff --git a/doc_yard/WpVersion/Output.html b/doc_yard/WpVersion/Output.html
index ae1087da..7cbea49e 100644
--- a/doc_yard/WpVersion/Output.html
+++ b/doc_yard/WpVersion/Output.html
@@ -187,7 +187,7 @@
 
diff --git a/doc_yard/WpVersion/Vulnerable.html b/doc_yard/WpVersion/Vulnerable.html
index 83c9d0e7..ff931cc9 100644
--- a/doc_yard/WpVersion/Vulnerable.html
+++ b/doc_yard/WpVersion/Vulnerable.html
@@ -280,7 +280,7 @@
 
diff --git a/doc_yard/WpscanOptions.html b/doc_yard/WpscanOptions.html
index 9e0c75ea..0a08fcfc 100644
--- a/doc_yard/WpscanOptions.html
+++ b/doc_yard/WpscanOptions.html
@@ -1776,7 +1776,7 @@ value
    
diff --git a/doc_yard/_index.html b/doc_yard/_index.html
index e2c6ea82..2afc109d 100644
--- a/doc_yard/_index.html
+++ b/doc_yard/_index.html
@@ -164,9 +164,9 @@
           
       
@@ -543,16 +550,16 @@
               
  • 
-                Versionable
+                Versionable
                 
-                  (WpItem)
+                  (WpTheme)
                 
               
  • 
-                Versionable
+                Versionable
                 
-                  (WpTheme)
+                  (WpItem)
                 
               
    • 
             
@@ -566,6 +573,13 @@
                 
               
             
+              
  • 
+                Vulnerable
+                
+                  (WpItem)
+                
+              
    • 
+            
               
  • 
                 Vulnerable
                 
@@ -580,13 +594,6 @@
                 
               
    • 
             
-              
  • 
-                Vulnerable
-                
-                  (WpItem)
-                
-              
    • 
-            
               
  • 
                 Vulnerable
                 
@@ -726,7 +733,7 @@
 
 
     
diff --git a/doc_yard/class_list.html b/doc_yard/class_list.html
index 51883675..8e894926 100644
--- a/doc_yard/class_list.html
+++ b/doc_yard/class_list.html
@@ -45,7 +45,7 @@
 
       
     
diff --git a/doc_yard/file.README.html b/doc_yard/file.README.html
index 8cd0e938..ab963189 100644
--- a/doc_yard/file.README.html
+++ b/doc_yard/file.README.html
@@ -323,7 +323,7 @@ href="http://www.randomstorm.com">www.randomstorm.com
    
 
 
     
diff --git a/doc_yard/index.html b/doc_yard/index.html
index 8cd0e938..ab963189 100644
--- a/doc_yard/index.html
+++ b/doc_yard/index.html
@@ -323,7 +323,7 @@ href="http://www.randomstorm.com">www.randomstorm.com
    
 
 
     
diff --git a/doc_yard/method_list.html b/doc_yard/method_list.html
index 647b96a4..ddac15cd 100644
--- a/doc_yard/method_list.html
+++ b/doc_yard/method_list.html
@@ -71,17 +71,17 @@
   
 
   
  • 
-    #==
+    #==
     
-      WpTimthumb
+      WpVersion
     
   
  • 
-    #==
+    #==
     
-      WpVersion
+      WpTimthumb
     
   
    • 
   
@@ -191,14 +191,6 @@
   
 
   
  • 
-    #allowed_options
-    
-      WpItem
-    
-  
    • 
-  
-
-  
  • 
     #allowed_options
     
       WpTheme
@@ -206,18 +198,26 @@
   
    • 
   
 
-  
  • 
-    #allowed_options
+  
  • 
+    #allowed_options
     
-      WpUser
+      WpItem
+    
+  
    • 
+  
+
+  
  • 
+    #allowed_options
+    
+      WpVersion
     
   
  • 
-    #allowed_options
+    #allowed_options
     
-      WpVersion
+      WpUser
     
   
    • 
   
@@ -447,6 +447,14 @@
   
 
   
  • 
+    #create_item
+    
+      WpItems
+    
+  
    • 
+  
+
+  
  • 
     #create_item
     
       WpItems::Detectable
@@ -454,7 +462,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #create_item
     
       WpTimthumbs::Detectable
@@ -462,14 +470,6 @@
   
    • 
   
 
-  
  • 
-    #create_item
-    
-      WpItems
-    
-  
    • 
-  
-
   
  • 
     #debug_log_url
     
@@ -599,9 +599,9 @@
   
 
   
  • 
-    #exists_from_response?
+    #exists_from_response?
     
-      WpTimthumb::Existable
+      WpItem::Existable
     
   
    • 
   
@@ -615,9 +615,9 @@
   
 
   
  • 
-    #exists_from_response?
+    #exists_from_response?
     
-      WpItem::Existable
+      WpTimthumb::Existable
     
   
    • 
   
@@ -815,17 +815,17 @@
   
 
   
  • 
-    #get
+    #get
     
-      Browser::Actions
+      TyphoeusCache
     
   
  • 
-    #get
+    #get
     
-      TyphoeusCache
+      Browser::Actions
     
   
    • 
   
@@ -1039,14 +1039,6 @@
   
 
   
  • 
-    #has_readme?
-    
-      WpTarget::WpReadme
-    
-  
    • 
-  
-
-  
  • 
     #has_readme?
     
       WpItem::Infos
@@ -1054,10 +1046,18 @@
   
    • 
   
 
-  
  • 
-    #has_robots?
+  
  • 
+    #has_readme?
     
-      WebSite
+      WpTarget::WpReadme
+    
+  
    • 
+  
+
+  
  • 
+    #has_robots?
+    
+      WebSite::RobotsTxt
     
   
    • 
   
@@ -1127,41 +1127,9 @@
   
 
   
  • 
-    #initialize
+    #initialize
     
-      WpTarget
-    
-  
    • 
-  
-
-  
  • 
-    #initialize
-    
-      CheckerPlugin
-    
-  
    • 
-  
-
-  
  • 
-    #initialize
-    
-      WpItem
-    
-  
    • 
-  
-
-  
  • 
-    #initialize
-    
-      WpscanOptions
-    
-  
    • 
-  
-
-  
  • 
-    #initialize
-    
-      Vulnerability
+      CustomOptionParser
     
   
    • 
   
@@ -1175,38 +1143,14 @@
   
 
   
  • 
-    #initialize
+    #initialize
     
-      WebSite
+      WpItem
     
   
  • 
-    #initialize
-    
-      Updater
-    
-  
    • 
-  
-
-  
  • 
-    #initialize
-    
-      StatsPlugin
-    
-  
    • 
-  
-
-  
  • 
-    #initialize
-    
-      CacheFileStore
-    
-  
    • 
-  
-
-  
  • 
     #initialize
     
       Plugin
@@ -1214,14 +1158,6 @@
   
    • 
   
 
-  
  • 
-    #initialize
-    
-      SvnParser
-    
-  
    • 
-  
-
   
  • 
     #initialize
     
@@ -1230,6 +1166,54 @@
   
    • 
   
 
+  
  • 
+    #initialize
+    
+      WpTarget
+    
+  
    • 
+  
+
+  
  • 
+    #initialize
+    
+      WpItems
+    
+  
    • 
+  
+
+  
  • 
+    #initialize
+    
+      Vulnerability
+    
+  
    • 
+  
+
+  
  • 
+    #initialize
+    
+      WebSite
+    
+  
    • 
+  
+
+  
  • 
+    #initialize
+    
+      SvnParser
+    
+  
    • 
+  
+
+  
  • 
+    #initialize
+    
+      CacheFileStore
+    
+  
    • 
+  
+
   
  • 
     #initialize
     
@@ -1238,6 +1222,22 @@
   
    • 
   
 
+  
  • 
+    #initialize
+    
+      StatsPlugin
+    
+  
    • 
+  
+
+  
  • 
+    #initialize
+    
+      CheckerPlugin
+    
+  
    • 
+  
+
   
  • 
     #initialize
     
@@ -1247,17 +1247,17 @@
   
 
   
  • 
-    #initialize
+    #initialize
     
-      WpItems
+      WpscanOptions
     
   
  • 
-    #initialize
+    #initialize
     
-      CustomOptionParser
+      Updater
     
   
    • 
   
@@ -1271,9 +1271,9 @@
   
 
   
  • 
-    #interesting_headers
+    #interesting_headers
     
-      WpTarget::InterestingHeaders
+      WebSite::InterestingHeaders
     
   
    • 
   
@@ -1287,9 +1287,9 @@
   
 
   
  • 
-    #is_installed?
+    #is_installed?
     
-      Updater
+      SvnUpdater
     
   
    • 
   
@@ -1303,9 +1303,9 @@
   
 
   
  • 
-    #is_installed?
+    #is_installed?
     
-      SvnUpdater
+      Updater
     
   
    • 
   
@@ -1343,14 +1343,6 @@
   
 
   
  • 
-    #item_options
-    
-      WpItems::Detectable
-    
-  
    • 
-  
-
-  
  • 
     #item_xpath
     
       WpItems::Detectable
@@ -1358,14 +1350,6 @@
   
    • 
   
 
-  
  • 
-    #item_xpath
-    
-      WpPlugins::Detectable
-    
-  
    • 
-  
-
   
  • 
     #item_xpath
     
@@ -1375,6 +1359,14 @@
   
 
   
  • 
+    #item_xpath
+    
+      WpPlugins::Detectable
+    
+  
    • 
+  
+
+  
  • 
     #kali_linux?
     
       Top Level Namespace
@@ -1382,7 +1374,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #keep_empty_dirs
     
       SvnParser
@@ -1390,10 +1382,18 @@
   
    • 
   
 
-  
  • 
-    known_headers
+  
  • 
+    known_dirs
     
-      WpTarget::InterestingHeaders
+      WebSite::RobotsTxt
+    
+  
    • 
+  
+
+  
  • 
+    known_headers
+    
+      WebSite::InterestingHeaders
     
   
    • 
   
@@ -1455,17 +1455,17 @@
   
 
   
  • 
-    #local_revision_number
+    #local_revision_number
     
-      GitUpdater
+      Updater
     
   
  • 
-    #local_revision_number
+    #local_revision_number
     
-      Updater
+      GitUpdater
     
   
    • 
   
@@ -1519,17 +1519,17 @@
   
 
   
  • 
-    #login_url
+    #login_url
     
-      WpTarget
+      WpUser
     
   
  • 
-    #login_url
+    #login_url
     
-      WpUser
+      WpTarget
     
   
    • 
   
@@ -1671,9 +1671,9 @@
   
 
   
  • 
-    #output
+    #output
     
-      Vulnerability::Output
+      WpUsers::Output
     
   
    • 
   
@@ -1695,9 +1695,9 @@
   
 
   
  • 
-    #output
+    #output
     
-      WpUsers::Output
+      WpItems::Output
     
   
    • 
   
@@ -1711,17 +1711,17 @@
   
 
   
  • 
-    #output
+    #output
     
-      WpItem::Output
+      Vulnerability::Output
     
   
  • 
-    #output
+    #output
     
-      WpItems::Output
+      WpItem::Output
     
   
    • 
   
@@ -1767,9 +1767,9 @@
   
 
   
  • 
-    #passive_detection
+    #parse_robots_txt
     
-      WpTimthumbs::Detectable
+      WebSite::RobotsTxt
     
   
    • 
   
@@ -1783,6 +1783,14 @@
   
 
   
  • 
+    #passive_detection
+    
+      WpItems::Detectable
+    
+  
    • 
+  
+
+  
  • 
     #passive_detection
     
       WpPlugins::Detectable
@@ -1790,8 +1798,16 @@
   
    • 
   
 
+  
  • 
+    #passive_detection
+    
+      WpTimthumbs::Detectable
+    
+  
    • 
+  
+
   
  • 
-    #passive_detection
+    #passive_detection_pattern
     
       WpItems::Detectable
     
@@ -2047,17 +2063,17 @@
   
 
   
  • 
-    #request_params
+    #request_params
     
-      WpItems::Detectable
+      WpUsers::Detectable
     
   
  • 
-    #request_params
+    #request_params
     
-      WpUsers::Detectable
+      WpItems::Detectable
     
   
    • 
   
@@ -2103,9 +2119,9 @@
   
 
   
  • 
-    #robots_url
+    #robots_url
     
-      WebSite
+      WebSite::RobotsTxt
     
   
    • 
   
@@ -2118,22 +2134,6 @@
   
   
 
-  
  • 
-    #run
-    
-      StatsPlugin
-    
-  
    • 
-  
-
-  
  • 
-    #run
-    
-      ListGeneratorPlugin
-    
-  
    • 
-  
-
   
  • 
     #run
     
@@ -2150,6 +2150,22 @@
   
    • 
   
 
+  
  • 
+    #run
+    
+      StatsPlugin
+    
+  
    • 
+  
+
+  
  • 
+    #run
+    
+      ListGeneratorPlugin
+    
+  
    • 
+  
+
   
  • 
     #save
     
@@ -2263,9 +2279,9 @@
   
 
   
  • 
-    #targets_items
+    #targets_items
     
-      WpTimthumbs::Detectable
+      WpItems::Detectable
     
   
    • 
   
@@ -2279,22 +2295,14 @@
   
 
   
  • 
-    #targets_items
-    
-      WpItems::Detectable
-    
-  
    • 
-  
-
-  
  • 
-    #targets_items_from_file
+    #targets_items
     
       WpTimthumbs::Detectable
     
   
    • 
   
 
-  
  • 
+  
  • 
     #targets_items_from_file
     
       WpItems::Detectable
@@ -2302,6 +2310,14 @@
   
    • 
   
 
+  
  • 
+    #targets_items_from_file
+    
+      WpTimthumbs::Detectable
+    
+  
    • 
+  
+
   
  • 
     #theme
     
@@ -2359,17 +2375,17 @@
   
 
   
  • 
-    #to_s
+    #to_s
     
-      WpTimthumb::Versionable
+      WpItem::Versionable
     
   
  • 
-    #to_s
+    #to_s
     
-      WpItem::Versionable
+      WpTimthumb::Versionable
     
   
    • 
   
@@ -2399,14 +2415,6 @@
   
 
   
  • 
-    #update
-    
-      SvnUpdater
-    
-  
    • 
-  
-
-  
  • 
     #update
     
       Updater
@@ -2414,7 +2422,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #update
     
       GitUpdater
@@ -2422,6 +2430,14 @@
   
    • 
   
 
+  
  • 
+    #update
+    
+      SvnUpdater
+    
+  
    • 
+  
+
   
  • 
     #uri
     
@@ -2431,17 +2447,17 @@
   
 
   
  • 
-    #uri
+    #uri
     
-      WpUser
+      WpItem
     
   
  • 
-    #uri
+    #uri
     
-      WpItem
+      WpUser
     
   
    • 
   
@@ -2463,17 +2479,17 @@
   
 
   
  • 
-    #url=
+    #url=
     
-      WebSite
+      WpscanOptions
     
   
  • 
-    #url=
+    #url=
     
-      WpscanOptions
+      WebSite
     
   
    • 
   
@@ -2535,14 +2551,6 @@
   
 
   
  • 
-    #verbose
-    
-      GenerateList
-    
-  
    • 
-  
-
-  
  • 
     #verbose
     
       SvnParser
@@ -2550,18 +2558,26 @@
   
    • 
   
 
-  
  • 
-    #version
+  
  • 
+    #verbose
     
-      WpItem::Versionable
+      GenerateList
+    
+  
    • 
+  
+
+  
  • 
+    #version
+    
+      WpTimthumb::Versionable
     
   
  • 
-    #version
+    #version
     
-      WpTimthumb::Versionable
+      WpItem::Versionable
     
   
    • 
   
@@ -2615,6 +2631,14 @@
   
 
   
  • 
+    #vulnerable?
+    
+      WpItem::Vulnerable
+    
+  
    • 
+  
+
+  
  • 
     #vulnerable_targets_items
     
       WpItems::Detectable
@@ -2622,7 +2646,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #vulnerable_to?
     
       WpItem::Vulnerable
@@ -2630,23 +2654,7 @@
   
    • 
   
 
-  
  • 
-    #vulns_file
-    
-      WpPlugins::Detectable
-    
-  
    • 
-  
-
   
  • 
-    #vulns_file
-    
-      WpTheme::Vulnerable
-    
-  
    • 
-  
-
-  
  • 
     #vulns_file
     
       WpPlugin::Vulnerable
@@ -2654,18 +2662,10 @@
   
    • 
   
 
-  
  • 
-    #vulns_file
-    
-      WpItem::Vulnerable
-    
-  
    • 
-  
-
   
  • 
-    #vulns_file
+    #vulns_file
     
-      WpThemes::Detectable
+      WpTheme::Vulnerable
     
   
    • 
   
@@ -2687,15 +2687,15 @@
   
 
   
  • 
-    #vulns_xpath
+    #vulns_file
     
-      WpVersion::Vulnerable
+      WpPlugins::Detectable
     
   
  • 
-    #vulns_xpath
+    #vulns_file
     
       WpItem::Vulnerable
     
@@ -2703,6 +2703,30 @@
   
 
   
  • 
+    #vulns_file
+    
+      WpThemes::Detectable
+    
+  
    • 
+  
+
+  
  • 
+    #vulns_xpath
+    
+      WpVersion::Vulnerable
+    
+  
    • 
+  
+
+  
  • 
+    #vulns_xpath
+    
+      WpItem::Vulnerable
+    
+  
    • 
+  
+
+  
  • 
     #vulns_xpath
     
       WpTheme::Vulnerable
@@ -2710,7 +2734,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #vulns_xpath
     
       WpPlugin::Vulnerable
@@ -2718,7 +2742,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #width
     
       Terminal::Table::Style
@@ -2726,7 +2750,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #wordlist=
     
       WpscanOptions
@@ -2734,7 +2758,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #wordpress?
     
       WpTarget
@@ -2742,7 +2766,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #wp_content_dir
     
       WpTarget::WpCustomDirectories
@@ -2750,7 +2774,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #wp_content_dir
     
       WpItem
@@ -2758,7 +2782,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #wp_plugins_dir
     
       WpItem
@@ -2766,7 +2790,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #wp_plugins_dir
     
       WpTarget::WpCustomDirectories
@@ -2774,7 +2798,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #wp_plugins_dir_exists?
     
       WpTarget::WpCustomDirectories
@@ -2782,7 +2806,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #wp_target
     
       WpItems
@@ -2790,7 +2814,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #write_entry
     
       CacheFileStore
@@ -2798,7 +2822,7 @@
   
    • 
   
 
-  
  • 
+  
  • 
     #xml
     
       Top Level Namespace
@@ -2806,24 +2830,8 @@
   
    • 
   
 
-  
  • 
-    #xml_rpc_url
-    
-      WebSite
-    
-  
    • 
-  
-
   
  • 
-    #xml_rpc_url_from_body
-    
-      WebSite
-    
-  
    • 
-  
-
-  
  • 
-    #xml_rpc_url_from_headers
+    #xml_rpc_url
     
       WebSite
     
diff --git a/doc_yard/top-level-namespace.html b/doc_yard/top-level-namespace.html
index 542ca9ae..6e9abbdb 100644
--- a/doc_yard/top-level-namespace.html
+++ b/doc_yard/top-level-namespace.html
@@ -745,7 +745,9 @@
 92
 93
 94
-95
+95
+96
+97
     
     
    • 
   
    
 
 
     
 
     
 
     
 
 
     
 
 
     
 
     
 
     
 
     
 
     
 
     
 
     
 
     
 
     
 
     
 
     
 
     
 
     
 
     
 
     
 
 
     
 
 
     
 
     
 
 
     
 
     
 
     
 
     
 
     
 
     
 
     
 
 
     
             
               
             
               
   
 
   
   
 
   
   
 
   
   
 
   
   
 
   
   
 
   
   
 
   
   
 
   
   
 
   
   
 
   
   
 
   
   
 
   
   
 
   
   
 
   
       
    # File 'lib/common/common_helper.rb', line 82
@@ -760,6 +762,8 @@
   puts "     \\/  \\/   |_|    |_____/ \\___|\\__,_|_| |_| v#{WPSCAN_VERSION}r#{REVISION}"
   puts
   puts '    WordPress Security Scanner by the WPScan Team'
+  puts ' Twitter: @_WPScan_, @ethicalhack3r, @erwan_lr,'
+  puts '          @gbrindisi, @_FireFart_'
   puts ' Sponsored by the RandomStorm Open Source Initiative'
   puts '_____________________________________________________'
   puts
@@ -784,12 +788,12 @@
       
     
 
-97
-98
-99
    
+99
+100
+101
    
         		
     
-      
    # File 'lib/common/common_helper.rb', line 97
+      
    # File 'lib/common/common_helper.rb', line 99
 
 def colorize(text, color_code)
   "\e[#{color_code}m#{text}\e[0m"
@@ -825,8 +829,6 @@
       
     
 
-121
-122
 123
 124
 125
@@ -849,10 +851,12 @@
 142
 143
 144
-145
    
+145
+146
+147
    
     
    		
     
-      
    # File 'lib/common/common_helper.rb', line 121
+      
    # File 'lib/common/common_helper.rb', line 123
 
 def get_equal_string_end(stringarray = [''])
   already_found = ''
@@ -899,12 +903,12 @@
       
     
 
-105
-106
-107
    
+107
+108
+109
    
     
    		
     
-      
    # File 'lib/common/common_helper.rb', line 105
+      
    # File 'lib/common/common_helper.rb', line 107
 
 def green(text)
   colorize(text, 32)
@@ -1147,12 +1151,12 @@
       
     
 
-101
-102
-103
    
+103
+104
+105
    
     
    		
     
-      
    # File 'lib/common/common_helper.rb', line 101
+      
    # File 'lib/common/common_helper.rb', line 103
 
 def red(text)
   colorize(text, 31)
@@ -1177,13 +1181,13 @@
       
     
 
-115
-116
 117
-118
    
+118
+119
+120
    
     
    		
     
-      
    # File 'lib/common/common_helper.rb', line 115
+      
    # File 'lib/common/common_helper.rb', line 117
 
 def redefine_constant(constant, value)
   Object.send(:remove_const, constant)
@@ -1399,14 +1403,14 @@
       
     
 
-109
-110
 111
 112
-113
    
+113
+114
+115
    
     
    		
     
-      
    # File 'lib/common/common_helper.rb', line 109
+      
    # File 'lib/common/common_helper.rb', line 111
 
 def xml(file)
   Nokogiri::XML(File.open(file)) do |config|
@@ -1423,7 +1427,7 @@