garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
816 Commits 17 Branches 73 Tags
c54fb6ee23b8ee2c5c1a1b5cffabb8ed720677d1
Commit Graph

100 Commits

Author SHA1 Message Date
erwanlr
d77a312844 Merge pull request #88 from FireFart/xmlrpc 
Detect XML Pingback URL
 2012-12-13 08:17:59 -08:00
Christian Mehlmauer
509a400add Bugfixes and rspecs 2012-12-13 16:46:52 +01:00
erwanlr
c661f8dd9a Error raised when the website needs a basic authentification but none was provided 2012-12-13 13:30:40 +01:00
Christian Mehlmauer
4d852b5983 Detect XML Pingback URL 2012-12-13 11:41:08 +01:00
erwanlr
ab59bd1eb3 Fix #24 --exclude-content-based option added 2012-12-06 16:50:59 -06:00
ethicalhack3r
fd591a0675 Some small refactoring and fix for issue #66 2012-11-30 22:00:23 +01:00
Christian Mehlmauer
31d2ca06eb initial commit 2012-11-26 22:30:07 +01:00
ethicalhack3r
dbe2c47950 Changed enumeration options. See Issue #58. Now shows examples in help. See Issue #62 2012-11-14 20:15:55 +01:00
Christian Mehlmauer
30fa90987c space 2012-09-25 17:16:39 +02:00
Christian Mehlmauer
0accd32102 fix formatting 2012-09-24 22:54:13 +02:00
Christian Mehlmauer
2e4a622cec -) Check if userregistration is enabled 
-) Check if blog is a multisite
 2012-09-24 20:46:26 +02:00
Christian Mehlmauer
b4655e7d5a locate searchreplacedb2.php. this file reads database credentials 2012-09-24 14:39:05 +02:00
Christian Mehlmauer
c0c14faad1 check if plugin directory exists and warn the user 2012-09-23 22:55:19 +02:00
Christian Mehlmauer
a15028793e -) custom plugins directory (outside of wp-content) 
-) feedback from ewanlr
-) Regex fix for version detection from readme.txt due to false positives (tag-cloud-widget plugin)
 2012-09-23 21:50:41 +02:00
Christian Mehlmauer
9b6a2805d7 custom plugins directory 2012-09-22 23:50:14 +02:00
Christian Mehlmauer
ef72568688 formats 2012-09-22 16:19:21 +02:00
Christian Mehlmauer
ae96d93cee -) Code formatting 
-) rspec tests
 2012-09-22 15:44:41 +02:00
Christian Mehlmauer
56613fff8e colored output 2012-09-22 00:13:02 +02:00
Christian Mehlmauer
8509c2fca6 removed requirement 2012-09-21 23:45:41 +02:00
Christian Mehlmauer
3590f5ed2f Gemfile 2012-09-21 22:49:49 +02:00
Christian Mehlmauer
159741604e bugfix for bruteforcer 2012-09-21 18:19:09 +02:00
Christian Mehlmauer
a35e7388d2 user is now a class 2012-09-21 15:52:57 +02:00
Christian Mehlmauer
a92077182b output elapsed time 2012-09-20 23:20:08 +02:00
Christian Mehlmauer
133465c05e they are nicknames 
rdoc
 2012-09-20 22:53:37 +02:00
Christian Mehlmauer
b05f735553 output formatting 2012-09-20 22:40:38 +02:00
Christian Mehlmauer
95648f0023 reduce output 2012-09-19 22:57:51 +02:00
Christian Mehlmauer
d677dd83ee bugfixing and better output 2012-09-19 22:10:54 +02:00
Christian Mehlmauer
2a46dc3f40 -) more rspec tests 
-) Bugfixing
 2012-09-19 21:47:34 +02:00
Christian Mehlmauer
b0f6902fa8 bugfixing 2012-09-17 17:56:02 +02:00
Christian Mehlmauer
04414ebc69 Timthumb enumeration now working 2012-09-16 23:31:03 +02:00
Christian Mehlmauer
909f05a38b detect readme.txt and changelog.txt 2012-09-16 13:09:41 +02:00
Christian Mehlmauer
4ea2555e7b bugfixing 2012-09-16 10:29:28 +02:00
Christian Mehlmauer
4e13b81f65 bugfixing when no paramters are supplied 2012-09-16 10:13:44 +02:00
Christian Mehlmauer
0adf62d408 don't output the filename url 2012-09-16 10:02:36 +02:00
Christian Mehlmauer
08506b02c9 Theme enumeration working 2012-09-15 23:57:49 +02:00
Christian Mehlmauer
a2412a4665 bugfixing 2012-09-15 22:20:22 +02:00
Christian Mehlmauer
81d40e58f6 Command line options and bugfixing 2012-09-15 21:33:18 +02:00
Christian Mehlmauer
8bc9f47cc7 First commit for more generic enumerating and scanning 2012-09-15 20:30:06 +02:00
Christian Mehlmauer
1b3c7d3b95 Update license for rdoc generation 2012-09-15 08:10:55 +02:00
Christian Mehlmauer
8b0558063e generate list of popular or all themes 2012-09-13 00:06:50 +02:00
Erwan
6dc09e7d10 Ref #17 : Removed the output of plugins from passive detection if the user enumerate plugins or only vulnerable plugins (but they are still merged) 2012-09-09 00:24:12 +02:00
Erwan
436793eb61 Hotfix for replacing $w-plugins$ by the real value when a plugin from passive detection is output in the agressive detection 2012-09-09 00:14:02 +02:00
Erwan
93972d4803 Fix #3 Checking for the debug.log in wp-content 2012-07-29 14:32:32 +02:00
Erwan
872b293944 Fix #6 : can't convert WpPlugin into String (to_s is not called when using +, it's to_str. However with "#{plugin}" the .to_s is called) 2012-07-29 12:21:40 +02:00
Erwan
99b1fb2ebb Quick fix for displaying the wp_plugin dir (instead of "$wp_plugins$") in the location url of a plugin found by passive detection 2012-07-26 13:55:18 +02:00
Erwan
62e21ba1e8 Version of the plugin found by aggressive detection is now output with the name 2012-07-26 13:47:42 +02:00
Erwan
8213ae9e26 Progress Bar (during plugins & timthumbs enumeration) can now be disabled (used in the spec) and might be useful in the future for formats output 2012-07-17 16:39:31 +02:00
Erwan
d8a837f5aa Removed useless comment 2012-07-12 13:14:07 +02:00
Erwan
13c1997575 *Updater.update now returns the result of the update insted of output it 
Spec for *Updater.update

Removed the SvnUpdater deprecation as we are in the git repo
 2012-07-12 13:11:24 +02:00
ethicalhack3r
3d78cbc4ac WPScan files 2012-07-11 22:49:18 +02:00