garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,706 Commits 17 Branches 73 Tags
bd8e6db09284e01d284be57d57f1fbd581822e3b
Commit Graph

280 Commits

Author SHA1 Message Date
erwanlr
bd8e6db092 Don't try to play with the comments in passive detection, just ignore them 2014-09-02 20:42:17 +02:00
erwanlr
96ae8ade5d Fixes the remove_conditional_comments function 2014-09-02 18:34:01 +02:00
erwanlr
04b1cee71e Factorises a crappy spec - Kudos to @hlissner for this one ;) 2014-09-02 17:12:56 +02:00
erwanlr
03618f38b5 Improves the Plugins & Themes passive detection, fixes #674 2014-09-01 18:28:09 +02:00
erwanlr
5f53297f58 Also ensure to not process empty Location headers 2014-08-15 23:00:42 +02:00
erwanlr
cebd808674 Ensures a nil location is not processed when enumerating usernames 2014-08-15 22:54:17 +02:00
ethicalhack3r
ca100ef7e9 Merge branch 'json_data' 
Conflicts:
	data/plugin_vulns.xml
	data/theme_vulns.xml
 2014-08-01 13:34:34 +02:00
ethicalhack3r
721cad75a2 Add file 2014-08-01 13:27:40 +02:00
ethicalhack3r
420ad6cd37 Fix rspecs for new json 2014-07-31 14:08:49 +02:00
ethicalhack3r
8d2ec115f5 Changed vuln data references to url 2014-07-31 11:56:14 +02:00
ethicalhack3r
14be7dead5 Work on json database file parsing, still needs some work. 2014-07-30 18:34:42 +02:00
erwanlr
ab2e368c6f Fixes #625 - Only parse styles when needed 2014-07-30 15:36:00 +01:00
erwanlr
1e6b5a1e4d Improves the version comparison 2014-07-30 12:11:04 +01:00
Christian Mehlmauer
26e0066c82 Only output if different from style_url 2014-07-16 18:38:39 +02:00
Christian Mehlmauer
6ebb9b6f66 Fixed false positive theme detection 2014-07-16 18:25:35 +02:00
erwanlr
98d9e87356 Changes VersionCompare#is_newer_or_same? by lesser_or_equal? 2014-07-03 12:33:27 +02:00
Christian Mehlmauer
586239292b Try to fix Travis 2014-06-17 10:59:02 +02:00
erwanlr
c8c126d444 Rspec 3.0 support 2014-06-02 22:06:49 +02:00
erwanlr
c12b1d0670 Pre-transpec 2014-06-02 22:02:44 +02:00
erwanlr
af0319cc66 Adds a --cookie option. Ref #485 2014-05-22 17:34:09 +02:00
Christian Mehlmauer
7b0cb29466 XML check rspecs 
Example output:
  1) XML content each plugin vuln needs a type node
     Failure/Error: @result.should have(0).items, "Items:\n#{@result.join("\n")}"
       Items:
       ReFlex Gallery 1.4 - reflex-gallery.php Direct Request Path Disclosure
       Gallery Plugin 3.8.3 - gallery-plugin.php filename_1 Parameter Arbitrary File Access
       EZPZ One Click Backup <= 12.03.10 - OS Command Injection
       BulletProof Security - Security Log Script Insertion Vulnerability
       Portable phpMyAdmin - /pma/phpinfo.php Direct Request System Information Disclosure
       HMS Testimonials 2.0.10 - CSRF
       HMS Testimonials 2.0.10 - XSS
       platinum_seo_pack.php - s Parameter Reflected XSS
       Email Newsletter 8.0 - 'option' Parameter Information Disclosure Vulnerability
 2014-05-09 17:58:04 +02:00
erwanlr
8038e2e01a Ref #455 - Fails with a message if the target returns a 403 during the wordpress check 2014-04-15 17:02:22 +02:00
erwanlr
212b068a8d Adds the referer to request 2014-04-15 16:24:19 +02:00
erwanlr
9046291128 Fix #440 - Old wpscan repo links removed 2014-04-05 11:21:21 +02:00
Christian Mehlmauer
13c32bfe53 Merge pull request #417 from wpscanteam/useragent 
Issue #415 - Useragent
 2014-03-23 16:25:02 +01:00
FireFart
76fe0def4f rspec 2014-03-22 16:23:20 +01:00
FireFart
aeefd3e873 rspecs 2014-03-22 16:08:21 +01:00
FireFart
f9efdcb654 config file 2014-03-22 16:08:21 +01:00
FireFart
c4ca7e471a Add random-agent 2014-03-22 16:08:21 +01:00
FireFart
bbce082ec2 Issue #415 2014-03-22 16:08:21 +01:00
erwanlr
9c3947a7b1 Fix #404 - Brute forcing issue over https 2014-02-05 21:52:55 +01:00
erwanlr
2c0bbe9082 Updated the version of WebMock required 2014-02-02 15:13:26 +01:00
Peter
2e40a7377a Corrected spelling mistake 2014-01-05 22:46:22 +01:00
erwanlr
dc1c65b418 Tabs replaced by spaces ! 
The presence of tabs can be checked with 'rubocop --only Tab --format
files'
 2013-12-30 11:50:43 +00:00
Christian Mehlmauer
2ce10af051 rspecs 2013-12-08 01:28:19 +01:00
Christian Mehlmauer
1e1fdee5a7 fix rspecs 2013-12-07 22:37:07 +01:00
Peter
716b84f507 rspec change due to separator in Item 2013-11-19 20:28:19 +01:00
erwanlr
1c34f48c39 Fix #228, #327 Infinite loop when self-redirect 2013-11-18 11:20:15 +00:00
ethicalhack3r
c98177ea20 Create unique cache dir to prevent race conditions. Issue #344. 2013-11-15 00:24:20 +01:00
FireFart
629ebf5ff2 fixed Theme version detection 2013-11-13 15:37:36 +01:00
ethicalhack3r
a7d9927584 Added hosted wordpress detection. See issue #343. 2013-10-28 00:18:09 +01:00
FireFart
35a75739e6 forgot context (issue #332) 2013-10-22 22:41:26 +02:00
FireFart
706774bf61 Add detection for all-in-one-seo-pack 
Closes issue #332
 2013-10-22 22:39:23 +02:00
erwanlr
474816762f Use less memory when brute forcing with a large wordlist 2013-10-05 20:03:34 +01:00
erwanlr
f4460f315e Fix #249 & #275 2013-10-02 15:36:02 +01:00
ethicalhack3r
7128cd2844 Forgot to commit spec changes. 2013-09-18 15:18:44 +02:00
Christian Mehlmauer
c00269c905 rspecs 2013-08-25 11:05:01 +02:00
Christian Mehlmauer
a032b7c134 more reference tags, fixes issue #268 2013-08-24 11:16:39 +02:00
Christian Mehlmauer
1f5cb4b0a0 added cve tag to xml file 2013-08-23 14:02:09 +02:00
Christian Mehlmauer
81f9612de2 clean up rspecs 2013-08-17 12:19:54 +02:00