garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
255 Commits 17 Branches 73 Tags
42ee4b9183fe455ecb044bdaf20af00b42da21aa
Commit Graph

133 Commits

Author SHA1 Message Date
erwanlr
42ee4b9183 Ref #54 Implementation of WebSite.homepage_hash 2012-12-20 16:53:13 +01:00
erwanlr
b5390be6b5 WpTarget.error_404_hash moved to WebSite module 2012-12-20 16:22:04 +01:00
erwanlr
38c81384e8 WebSite module reworked 2012-12-19 17:53:11 +01:00
erwanlr
d77a312844 Merge pull request #88 from FireFart/xmlrpc 
Detect XML Pingback URL
 2012-12-13 08:17:59 -08:00
Christian Mehlmauer
509a400add Bugfixes and rspecs 2012-12-13 16:46:52 +01:00
erwanlr
60b1d20aa2 --proxy, --proxy-auth help updated 2012-12-13 13:42:07 +01:00
erwanlr
b775838e96 Readme updated for basic auth 2012-12-13 13:36:09 +01:00
erwanlr
809311ee04 Useless code removed 2012-12-13 13:26:04 +01:00
Christian Mehlmauer
4d852b5983 Detect XML Pingback URL 2012-12-13 11:41:08 +01:00
erwanlr
2a782e9680 Basic auth 2012-12-12 17:05:06 +01:00
erwanlr
32506ca830 Scoring system removed from version finderprinting 2012-12-11 20:29:50 +01:00
erwanlr
1663cdb301 Ref #33 Options to find dead reference urls --cvru | check-vuln-ref-urls 2012-12-07 17:16:21 +01:00
erwanlr
079b43a33d Merge pull request #78 from FireFart/users 
Fixing empty usernames (#66)
 2012-12-06 12:03:01 -08:00
erwanlr
a7df9feabf Fix #77 facebook.com detected as a custom wp-content directory 2012-12-06 21:01:14 -06:00
erwanlr
dc6c8b2eb8 Fix #57 Plugins form passive detection no longer loaded when enumerating only vulnerable plugins 2012-12-06 17:04:16 -06:00
erwanlr
ab59bd1eb3 Fix #24 --exclude-content-based option added 2012-12-06 16:50:59 -06:00
Christian Mehlmauer
2b6c36ff4a Fixing empty usernames 2012-12-06 20:58:40 +01:00
ethicalhack3r
fd591a0675 Some small refactoring and fix for issue #66 2012-11-30 22:00:23 +01:00
ethicalhack3r
a72ca18eac Docs updated. 2012-11-28 20:36:14 +01:00
ethicalhack3r
5ee32ba5c1 Merge pull request #74 from FireFart/check_all 
Option to check all plugins/themes
 2012-11-27 15:17:16 -08:00
Christian Mehlmauer
ee0e648a07 rspec 2012-11-26 22:36:07 +01:00
Christian Mehlmauer
31d2ca06eb initial commit 2012-11-26 22:30:07 +01:00
Christian Mehlmauer
f5c363b6c5 Added option to update all lists 2012-11-25 18:40:09 +01:00
Erwan
d802799bd2 Ref #69, #7 Proxy Auth Support Added 2012-11-22 15:23:59 +01:00
Erwan
1c2487c272 Ref #53, Ref #68 Typhoeus version forced to 0.4.2 2012-11-18 12:27:51 +01:00
ethicalhack3r
c128bd5b1a Changed enumeration options. See Issue #58. Now shows examples in help. See Issue #62 2012-11-14 20:13:02 +01:00
ethicalhack3r
964f542ce3 Removed global request URI.encode. Added URI.encode on wp 2012-11-07 14:06:15 +01:00
ethicalhack3r
d22c104fb2 Added shorthand params to wpstools cli arguments. URI encoding URL before request, see Issue #55. 2012-11-06 14:53:06 +01:00
ethicalhack3r
418ff33f6d Added version fingerprint from RDF and ATOM feeds. See issue #50. Specs added and passed. 2012-10-27 17:10:38 +02:00
ethicalhack3r
68027cbd17 Fixed FP in rss version fingerprint. See Issue: #48 2012-10-26 13:10:48 +02:00
ethicalhack3r
02b6db9fa0 Removed accidently pushed lib/.browser.rb.swp file 2012-10-24 12:44:32 +02:00
ethicalhack3r
5b1f2f7391 Added spec for wp_content_dir when url has trailing slash, see commit 50436a83b5 2012-10-24 12:41:50 +02:00
Erwan
7e8d06ac0a Rspec for previous commit 
URI.escape is now only overriden for ruby >= 1.9.2
RDoc
 2012-10-23 18:44:41 +02:00
Erwan
d438f37f57 Warnings from URI::escape (obsolete since ruby 1.9.2) and some instance variables not initialized fixed 2012-10-23 16:36:57 +02:00
Erwan
fd5cf4785c Rspec fixes 2012-10-23 12:19:16 +02:00
ethicalhack3r
50436a83b5 WpTarget.wp_content_dir regex was not matching if path was '/'. Removed path from first regex. 2012-10-21 02:04:16 +02:00
ethicalhack3r
ebf45da742 Turned add_http_protocol & add_trailing_slash methods into ternary operators. 2012-10-21 01:43:50 +02:00
Jon
ce988d48f4 added wp-config.txt backup file 2012-10-10 10:57:21 -04:00
Erwan
671bb3cfe5 Fix #37 Needed packages for nokogiri added to readme, and while the missing gem detected is nokogiri 2012-09-28 17:52:22 +02:00
Christian Mehlmauer
8df37a425d fix registration detection 
rspec tests
 2012-09-24 22:36:22 +02:00
Christian Mehlmauer
2e4a622cec -) Check if userregistration is enabled 
-) Check if blog is a multisite
 2012-09-24 20:46:26 +02:00
Christian Mehlmauer
fe1191a51e bugfixing and rspec tests 2012-09-24 18:07:22 +02:00
Christian Mehlmauer
7056d4ecd7 added link 2012-09-24 15:20:40 +02:00
Christian Mehlmauer
14e5552a25 get wordpress version from wp-links-opml.php 2012-09-24 14:57:33 +02:00
Christian Mehlmauer
b4655e7d5a locate searchreplacedb2.php. this file reads database credentials 2012-09-24 14:39:05 +02:00
Christian Mehlmauer
db1303caa5 examples 2012-09-23 23:14:55 +02:00
Christian Mehlmauer
c0c14faad1 check if plugin directory exists and warn the user 2012-09-23 22:55:19 +02:00
Christian Mehlmauer
a15028793e -) custom plugins directory (outside of wp-content) 
-) feedback from ewanlr
-) Regex fix for version detection from readme.txt due to false positives (tag-cloud-widget plugin)
 2012-09-23 21:50:41 +02:00
Christian Mehlmauer
9b6a2805d7 custom plugins directory 2012-09-22 23:50:14 +02:00
Christian Mehlmauer
ef72568688 formats 2012-09-22 16:19:21 +02:00