Bumps the version

Update changelog
Add statistics to changelog #740
2014-12-19 17:26:11 +01:00 · 2014-12-19 13:25:59 +01:00 · 2014-12-19 12:57:55 +01:00 · 2014-12-19 12:53:42 +01:00 · 2014-12-19 12:20:47 +01:00 · 2014-12-19 12:19:20 +01:00
43 changed files with 259 additions and 856 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -12,3 +12,4 @@ log.txt
 debug.log
 wordlist.txt
 rspec_results.html
+data/
--- a/.ruby-version
+++ b/.ruby-version
@@ -1 +1 @@
-2.1.2
+2.1.5
--- a/.travis.yml
+++ b/.travis.yml
@@ -6,6 +6,9 @@ rvm:
  - 2.1.0
  - 2.1.1
  - 2.1.2
+  - 2.1.3
+  - 2.1.4
+  - 2.1.5
 script: bundle exec rspec
 notifications:
  email:
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,55 @@
 # Changelog
 ## Master
-[Work in progress](https://github.com/wpscanteam/wpscan/compare/2.5...master)
+[Work in progress](https://github.com/wpscanteam/wpscan/compare/2.6...master)
+
+## Version 2.6
+Released: 2014-12-19
+
+New
+* Updates the readmes to reflect the new --usernames option
+* Improves plugin/theme version detection by looking at the "Version:"
+* Solution to avoid mandatory blank newline at the end of the wordlist
+* Add check for valid credentials
+* Add Sucuri sponsor to banner
+* Add protocol to sucuri url in banner
+* Add response code to proxy error output
+* Add a statement about mendatory newlines at the end of list
+* Give warning if default username 'admin' is still used
+* License amendment to make it more clear about value added usage
+
+Removed
+* remove malwares
+* remove malware folder
+* Removes the theme version check from the readme, unrealistic scenario
+
+General core
+* Update to Ruby 2.1.5 and travis
+* Prevent parent theme infinite loop
+* Fixes the progressbar being overriden by next brute forcing attempts
+
+Fixed issues
+* Fix UTF-8 encode on security db file download
+* Fix #703 - Disable logging by default. Implement log option.
+* Fix #705 - Installation instructions for Ubuntu < 14.04 apparently incomplete
+* Fix #717 - Expand on readme.html finding output
+* Fix #716 - Adds the --version in the help
+* Fix #715 - Add new updating info to docs
+* Fix #727 - WpItems detection: Perform the passive check and filter only vulnerable results at the end if required
+* Fix #737 - Adds some readme files to check for plugin versions
+* Fix #739 - Adds the --usernames option
+
+WPScan Database Statistics:
+* Total vulnerable versions: 88
+* Total vulnerable plugins: 901
+* Total vulnerable themes: 313
+* Total version vulnerabilities: 1050
+* Total plugin vulnerabilities: 1355
+* Total theme vulnerabilities: 349
+
+## Version 2.5.1
+Released: 2014-09-29
+
+Fixes reference URL to WPVDB

 ## Version 2.5
 Released: 2014-09-26 (@ BruCON 2014)
@@ -30,7 +79,7 @@ General core
 * Little output change and coloring
 * Adds a missing verbose output
 * Re-build redirection url if begin with slash '/'
-* Fixes the remove_conditional_comments function 
+* Fixes the remove_conditional_comments function
 * Ensures to give a string to Typhoeus
 * Fix wpstools check-vuln-ref-urls
 * Fix rspecs for new json
--- a/2
+++ b/2
@@ -9,6 +9,6 @@ gem 'ruby-progressbar', '>=1.6.0'
 group :test do
  gem 'webmock', '>=1.17.2'
  gem 'simplecov'
-  gem 'rspec', '~>3.0'
+  gem 'rspec', '>=3.0'
  gem 'rspec-its'
 end
--- a/1
+++ b/1
@@ -6,6 +6,7 @@ Cases of commercialization are:

 - Using WPScan to provide commercial managed/Software-as-a-Service services.
 - Distributing WPScan as a commercial product or as part of one.
+- Using WPScan as a value added service/product.

 Cases which do not require a commercial license, and thus fall under the terms of GNU General Public License, include (but are not limited to):

--- a/51
+++ b/51
@@ -17,6 +17,7 @@ Cases of commercialization are:

 - Using WPScan to provide commercial managed/Software-as-a-Service services.
 - Distributing WPScan as a commercial product or as part of one.
+- Using WPScan as a value added service/product.

 Cases which do not require a commercial license, and thus fall under the terms of GNU General Public License, include (but are not limited to):

@@ -43,24 +44,30 @@ You should have received a copy of the GNU General Public License along with thi
  Prerequisites:

   * Windows not supported
-   * Ruby >= 1.9.2 - Recommended: 2.1.2
+   * Ruby >= 1.9.2 - Recommended: 2.1.4
   * Curl >= 7.21  - Recommended: latest - FYI the 7.29 has a segfault
   * RubyGems      - Recommended: latest
   * Git

+   Windows is not supported.
+
+   If installed from Github update the code base with git pull. The databases are updated with wpscan.rb --update.
+
  -> Installing on Ubuntu:

    Before Ubuntu 14.04:

        sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev
+        git clone https://github.com/wpscanteam/wpscan.git
+        cd wpscan
+        sudo gem install bundler && bundle install --without test

    From Ubuntu 14.04:

        sudo apt-get install libcurl4-gnutls-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential
-
-    git clone https://github.com/wpscanteam/wpscan.git
-    cd wpscan
-    sudo gem install bundler && bundle install --without test
+        git clone https://github.com/wpscanteam/wpscan.git
+        cd wpscan
+        sudo gem install bundler && bundle install --without test

  -> Installing on Debian:

@@ -103,8 +110,8 @@ You should have received a copy of the GNU General Public License along with thi
    curl -sSL https://get.rvm.io | bash -s stable
    source ~/.rvm/scripts/rvm
    echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc
-    rvm install 2.1.2
-    rvm use 2.1.2 --default
+    rvm install 2.1.4
+    rvm use 2.1.4 --default
    echo "gem: --no-ri --no-rdoc" > ~/.gemrc
    gem install bundler
    git clone https://github.com/wpscanteam/wpscan.git
@@ -191,12 +198,14 @@ You should have received a copy of the GNU General Public License along with thi

 --basic-auth <username:password>  Set the HTTP Basic authentication.

--wordlist | -w <wordlist>  Supply a wordlist for the password bruter and do the brute.
+--wordlist | -w <wordlist>  Supply a wordlist for the password brute forcer.

 --threads  | -t <number of threads>  The number of threads to use when multi-threading requests.

 --username | -U <username>  Only brute force the supplied username.

+--usernames  <path-to-file>  Only brute force the usernames from the file.
+
 --cache-ttl <cache-ttl>  Typhoeus cache TTL.

 --request-timeout <request-timeout>  Request Timeout.
@@ -213,6 +222,8 @@ You should have received a copy of the GNU General Public License along with thi

 --no-color Do not use colors in the output.

+--log Save STDOUT to log.txt
+
 ==WPSCAN EXAMPLES==

 Do 'non-intrusive' checks...
@@ -250,26 +261,16 @@ Debug output...
 ==WPSTOOLS ARGUMENTS==

 -v, --verbose                                                Verbose output
-    --check-vuln-ref-urls, --cvru                            Check all the vulnerabilities reference urls for 404
-    --check-local-vulnerable-files, --clvf LOCAL_DIRECTORY   Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells
-    --generate-plugin-list, --gpl [NUMBER_OF_ITEMS]          Generate a new data/plugins.txt file. (supply number of *items* to parse, default : 1500)
-    --generate-full-plugin-list, --gfpl                      Generate a new full data/plugins.txt file
-    --generate-theme-list, --gtl [NUMBER_OF_ITEMS]           Generate a new data/themes.txt file. (supply number of *items* to parse, default : 200)
-    --generate-full-theme-list, --gftl                       Generate a new full data/themes.txt file
-    --generate-all, --ga                                     Generate a new full plugins, full themes, popular plugins and popular themes list
-s, --stats                                                  Show WpScan Database statistics
-    --spellcheck, --sc                                       Check all files for common spelling mistakes.
+--check-vuln-ref-urls, --cvru                            Check all the vulnerabilities reference urls for 404
+--check-local-vulnerable-files, --clvf LOCAL_DIRECTORY   Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells
+s, --stats                                                  Show WpScan Database statistics.
+--spellcheck, --sc                                       Check all files for common spelling mistakes.

 ==WPSTOOLS EXAMPLES==

- Generate a new 'most popular' plugin list, up to 1500 items ...
-ruby wpstools.rb --generate-plugin-list 1500
-
 Locally scan a wordpress installation for vulnerable files or shells:
 ruby wpstools.rb --check-local-vulnerable-files /var/www/wordpress/

-Or check https://github.com/fgeek/pyfiscan project.
-
 ===PROJECT HOME===

 www.wpscan.org
@@ -286,8 +287,6 @@ https://github.com/wpscanteam/wpscan/issues

 http://rdoc.info/github/wpscanteam/wpscan/frames

-===SPONSOR===
+===SPECIAL THANKS===

-WPScan is sponsored by the RandomStorm Open Source Initiative.
-
-Visit RandomStorm at http://www.randomstorm.com
+RandomStorm - https://www.randomstorm.com
--- a/README.md
+++ b/README.md
@@ -1,6 +1,9 @@
 ![alt text](https://raw.githubusercontent.com/wpscanteam/wpscan/gh-pages/wpscan_logo_407x80.png "WPScan - WordPress Security Scanner")

-[![Build Status](https://travis-ci.org/wpscanteam/wpscan.png?branch=master)](https://travis-ci.org/wpscanteam/wpscan)
+
+[![Build Status](https://travis-ci.org/wpscanteam/CMSScanner.svg?branch=master)](https://travis-ci.org/wpscanteam/CMSScanner)
+[![Code Climate](https://img.shields.io/codeclimate/github/wpscanteam/wpscan.svg)](https://codeclimate.com/github/wpscanteam/wpscan)
+[![Dependency Status](https://img.shields.io/gemnasium/wpscanteam/wpscan.svg)](https://gemnasium.com/wpscanteam/wpscan)

 #### LICENSE

@@ -12,6 +15,7 @@ Cases of commercialization are:

 - Using WPScan to provide commercial managed/Software-as-a-Service services.
 - Distributing WPScan as a commercial product or as part of one.
+- Using WPScan as a value added service/product.

 Cases which do not require a commercial license, and thus fall under the terms of GNU General Public License, include (but are not limited to):

@@ -37,18 +41,22 @@ WPScan comes pre-installed on the following Linux distributions:

 Prerequisites:

- Ruby >= 1.9.2 - Recommended: 2.1.2
+- Ruby >= 1.9.2 - Recommended: 2.1.4
 - Curl >= 7.21  - Recommended: latest - FYI the 7.29 has a segfault
 - RubyGems      - Recommended: latest
 - Git

 Windows is not supported.
+If installed from Github update the code base with ```git pull```. The databases are updated with ```wpscan.rb --update```.

 ####Installing on Ubuntu:

 Before Ubuntu 14.04:

    sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev
+    git clone https://github.com/wpscanteam/wpscan.git
+    cd wpscan
+    sudo gem install bundler && bundle install --without test

 From Ubuntu 14.04:

@@ -96,8 +104,8 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install
    curl -sSL https://get.rvm.io | bash -s stable
    source ~/.rvm/scripts/rvm
    echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc
-    rvm install 2.1.2
-    rvm use 2.1.2 --default
+    rvm install 2.1.4
+    rvm use 2.1.4 --default
    echo "gem: --no-ri --no-rdoc" > ~/.gemrc
    gem install bundler
    git clone https://github.com/wpscanteam/wpscan.git
@@ -115,7 +123,7 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install
      Update cURL to version => 7.21.7 (may have to install from source).

      Installation from sources :
-      
+
        Grab the sources from http://curl.haxx.se/download.html
        Decompress the archive
        Open the folder with the extracted files
@@ -123,19 +131,19 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install
        Run make
        Run sudo make install
        Run sudo ldconfig
-      
+

  - cannot load such file -- readline:

        sudo aptitude install libreadline5-dev libncurses5-dev

      Then, open the directory of the readline gem (you have to locate it)
-      
+
        cd ~/.rvm/src/ruby-1.9.2-p180/ext/readline
        ruby extconf.rb
        make
        make install
-      
+

      See [http://vvv.tobiassjosten.net/ruby-on-rails/fixing-readline-for-the-ruby-on-rails-console/](http://vvv.tobiassjosten.net/ruby-on-rails/fixing-readline-for-the-ruby-on-rails-console/) for more details

@@ -191,12 +199,14 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install

    --basic-auth <username:password>  Set the HTTP Basic authentication.

-    --wordlist | -w <wordlist>  Supply a wordlist for the password bruter and do the brute.
+    --wordlist | -w <wordlist>  Supply a wordlist for the password brute forcer.

    --threads  | -t <number of threads>  The number of threads to use when multi-threading requests.

    --username | -U <username>  Only brute force the supplied username.

+    --usernames  <path-to-file>  Only brute force the usernames from the file.
+
    --cache-ttl <cache-ttl>  Typhoeus cache TTL.

    --request-timeout <request-timeout>  Request Timeout.
@@ -213,6 +223,8 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install

    --no-color Do not use colors in the output.

+    --log Save STDOUT to log.txt
+
 #### WPSCAN EXAMPLES

 Do 'non-intrusive' checks...
@@ -252,31 +264,24 @@ Debug output...
    -v, --verbose                                                Verbose output
        --check-vuln-ref-urls, --cvru                            Check all the vulnerabilities reference urls for 404
        --check-local-vulnerable-files, --clvf LOCAL_DIRECTORY   Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells
-        --generate-plugin-list, --gpl [NUMBER_OF_ITEMS]          Generate a new data/plugins.txt file. (supply number of *items* to parse, default : 1500)
-        --generate-full-plugin-list, --gfpl                      Generate a new full data/plugins.txt file
-        --generate-theme-list, --gtl [NUMBER_OF_ITEMS]           Generate a new data/themes.txt file. (supply number of *items* to parse, default : 200)
-        --generate-full-theme-list, --gftl                       Generate a new full data/themes.txt file
-        --generate-all, --ga                                     Generate a new full plugins, full themes, popular plugins and popular themes list
    -s, --stats                                                  Show WpScan Database statistics.
        --spellcheck, --sc                                       Check all files for common spelling mistakes.


 #### WPSTOOLS EXAMPLES

-Generate a new 'most popular' plugin list, up to 1500 items...
-
-```ruby wpstools.rb --generate-plugin-list 1500```
-
 Locally scan a wordpress installation for vulnerable files or shells:

 ```ruby wpstools.rb --check-local-vulnerable-files /var/www/wordpress/```

-Or check [pyfiscan](https://github.com/fgeek/pyfiscan) project.
-
 #### PROJECT HOME

 [http://www.wpscan.org](http://www.wpscan.org)

+#### VULNERABILITY DATABASE
+
+[https://www.wpvulndb.com](https://www.wpvulndb.com)
+
 #### GIT REPOSITORY

 [https://github.com/wpscanteam/wpscan](https://github.com/wpscanteam/wpscan)
@@ -289,6 +294,6 @@ Or check [pyfiscan](https://github.com/fgeek/pyfiscan) project.

 [http://rdoc.info/github/wpscanteam/wpscan/frames](http://rdoc.info/github/wpscanteam/wpscan/frames)

-#### SPONSOR
+#### SPECIAL THANKS

-WPScan is sponsored by the [RandomStorm](http://www.randomstorm.com) Open Source Initiative.
+[RandomStorm](https://www.randomstorm.com)
--- a/data.zip
+++ b/data.zip
--- a/lib/common/browser.rb
+++ b/lib/common/browser.rb
@@ -30,7 +30,7 @@ class Browser
  #
  # @return [ Browser ]
  def initialize(options = {})
-    @cache_dir   = options[:cache_dir]   || CACHE_DIR + '/browser'
+    @cache_dir   = options[:cache_dir] || CACHE_DIR + '/browser'

    # sets browser defaults
    browser_defaults
--- a/lib/common/cache_file_store.rb
+++ b/lib/common/cache_file_store.rb
@@ -9,15 +9,17 @@
 #

 require 'yaml'
+require 'fileutils'

 class CacheFileStore
-  attr_reader :storage_path, :serializer
+  attr_reader :storage_path, :cache_dir, :serializer

  # The serializer must have the 2 methods .load and .dump
  #   (Marshal and YAML have them)
  # YAML is Human Readable, contrary to Marshal which store in a binary format
  # Marshal does not need any "require"
  def initialize(storage_path, serializer = Marshal)
+    @cache_dir    = File.expand_path(storage_path)
    @storage_path = File.expand_path(File.join(storage_path, storage_dir))
    @serializer   = serializer

@@ -29,15 +31,23 @@ class CacheFileStore
  end

  def clean
-    Dir[File.join(@storage_path, '*')].each do |f|
-      File.delete(f) unless File.symlink?(f)
+    # clean old directories
+    Dir[File.join(@cache_dir, '*')].each do |f|
+      if File.directory?(f)
+        # delete directory if create time is older than 4 hours
+        FileUtils.rm_rf(f) if File.mtime(f) < (Time.now - (60*240))
+      else
+        File.delete(f) unless File.symlink?(f)
+      end
    end
  end

  def read_entry(key)
-    @serializer.load(File.read(get_entry_file_path(key)))
-  rescue
-    nil
+    begin
+      @serializer.load(File.read(get_entry_file_path(key)))
+    rescue
+      nil
+    end
  end

  def write_entry(key, data_to_store, cache_ttl)
--- a/lib/common/collections/wp_items.rb
+++ b/lib/common/collections/wp_items.rb
@@ -14,7 +14,7 @@ class WpItems < Array
    self.wp_target = wp_target
  end

-  # @param [String,] argv
+  # @param [String] argv
  #
  # @return [ void ]
  def add(*args)
--- a/lib/common/collections/wp_items/detectable.rb
+++ b/lib/common/collections/wp_items/detectable.rb
@@ -23,10 +23,7 @@ class WpItems < Array
        homepage_hash:   wp_target.homepage_hash,
        exclude_content: options[:exclude_content] ? %r{#{options[:exclude_content]}} : nil
      }
-
-      # If we only want the vulnerable ones, the passive detection is ignored
-      # Otherwise, a passive detection is performed, and results will be merged
-      results = options[:only_vulnerable] ? new : passive_detection(wp_target, options)
+      results          = passive_detection(wp_target, options)

      targets.each do |target_item|
        request = browser.forge_request(target_item.url, request_params)
@@ -55,8 +52,11 @@ class WpItems < Array

      # run the remaining requests
      hydra.run
+
+      results.select!(&:vulnerable?) if options[:only_vulnerable]
      results.sort!
-      results # can't just return results.sort because the #sort returns an array, and we want a WpItems
+
+      results  # can't just return results.sort as it would return an array, and we want a WpItems
    end

    # @param [ Integer ] targets_size
--- a/lib/common/collections/wp_users/output.rb
+++ b/lib/common/collections/wp_users/output.rb
@@ -38,6 +38,7 @@ class WpUsers < WpItems
      junk = get_equal_string_end(display_names)
      unless junk.nil? or junk.empty?
        self.each do |u|
+          u.display_name ||= ''
          u.display_name = u.display_name.sub(/#{Regexp.escape(junk)}$/, '')
        end
      end
--- a/lib/common/common_helper.rb
+++ b/lib/common/common_helper.rb
@@ -34,7 +34,7 @@ WP_VERSIONS_XSD     = File.join(DATA_DIR, 'wp_versions.xsd')
 LOCAL_FILES_XSD     = File.join(DATA_DIR, 'local_vulnerable_files.xsd')
 USER_AGENTS_FILE    = File.join(DATA_DIR, 'user-agents.txt')

-WPSCAN_VERSION       = '2.5'
+WPSCAN_VERSION       = '2.6'

 $LOAD_PATH.unshift(LIB_DIR)
 $LOAD_PATH.unshift(WPSCAN_LIB_DIR)
@@ -137,7 +137,7 @@ def banner
  puts
  puts '        WordPress Security Scanner by the WPScan Team '
  puts "                       Version #{WPSCAN_VERSION}"
-  puts '     Sponsored by the RandomStorm Open Source Initiative'
+  puts '          Sponsored by Sucuri - https://sucuri.net'
  puts '   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_'
  puts '_______________________________________________________________'
  puts
--- a/lib/common/db_updater.rb
+++ b/lib/common/db_updater.rb
@@ -3,7 +3,7 @@
 # DB Updater
 class DbUpdater
  FILES = %w(
-    local_vulnerable_files.xml local_vulnerable_files.xsd malwares.txt
+    local_vulnerable_files.xml local_vulnerable_files.xsd
    plugins_full.txt plugins.txt themes_full.txt themes.txt
    timthumbs.txt user-agents.txt wp_versions.xml wp_versions.xsd
    plugin_vulns.json theme_vulns.json wp_vulns.json
@@ -73,7 +73,7 @@ class DbUpdater

    res = Browser.get(file_url, request_params)
    fail "Error while downloading #{file_url}" unless res.code == 200
-    File.write(file_path, res.body)
+    File.open(file_path, 'wb') { |f| f.write(res.body) }

    local_file_checksum(filename)
  end
--- a/lib/common/hacks.rb
+++ b/lib/common/hacks.rb
@@ -49,11 +49,11 @@ end

 # Override for puts to enable logging
 def puts(o = '')
-  # remove color for logging
-  if o.respond_to?(:gsub)
-    temp = o.gsub(/\e\[\d+m/, '')
+  if $log && o.respond_to?(:gsub)
+    temp = o.gsub(/\e\[\d+m/, '') # remove color for logging
    File.open(LOG_FILE, 'a+') { |f| f.puts(temp) }
  end
+  
  super(o)
 end

--- a/lib/common/models/vulnerability/urls.rb
+++ b/lib/common/models/vulnerability/urls.rb
@@ -30,7 +30,7 @@ class Vulnerability
    end

    def url_id(id)
-      "https://wpvulndb.com/vulnerability/#{id}"
+      "https://wpvulndb.com/vulnerabilities/#{id}"
    end
  end
 end
--- a/lib/common/models/wp_item/infos.rb
+++ b/lib/common/models/wp_item/infos.rb
@@ -12,7 +12,9 @@ class WpItem

    # @return [ String,nil ] The url to the readme file, nil if not found
    def readme_url
-      %w{readme.txt README.txt}.each do |readme|
+      # See https://github.com/wpscanteam/wpscan/pull/737#issuecomment-66375445
+      # for any question about the order
+      %w{readme.txt README.txt Readme.txt ReadMe.txt README.TXT readme.TXT}.each do |readme|
        url = @uri.merge(readme).to_s
        return url if url_is_200?(url)
      end
--- a/lib/common/models/wp_item/versionable.rb
+++ b/lib/common/models/wp_item/versionable.rb
@@ -13,7 +13,7 @@ class WpItem
        # This check is needed because readme_url can return nil
        if has_readme?
          response = Browser.get(readme_url)
-          @version = response.body[%r{stable tag: #{WpVersion.version_pattern}}i, 1]
+          @version = response.body[%r{(?:stable tag|version): #{WpVersion.version_pattern}}i, 1]
        end
      end
      @version
--- a/lib/common/models/wp_theme/childtheme.rb
+++ b/lib/common/models/wp_theme/childtheme.rb
@@ -3,6 +3,10 @@
 class WpTheme < WpItem
  module Childtheme

+    def parent_theme_limit
+      3
+    end
+
    def is_child_theme?
      return true unless @theme_template.nil?
      false
--- a/lib/common/models/wp_theme/versionable.rb
+++ b/lib/common/models/wp_theme/versionable.rb
@@ -2,16 +2,8 @@

 class WpTheme < WpItem
  module Versionable
-
    def version
-      unless @version
-        @version = Browser.get(style_url).body[%r{Version:\s*([^\s]+)}i, 1]
-
-        # Get Version from readme.txt
-        @version ||= super
-      end
-      @version
+      @version ||= Browser.get(style_url).body[%r{Version:\s*([^\s]+)}i, 1]
    end
-
  end
 end
--- a/lib/common/models/wp_user/brute_forcable.rb
+++ b/lib/common/models/wp_user/brute_forcable.rb
@@ -25,10 +25,10 @@ class WpUser < WpItem
      hydra        = browser.hydra
      queue_count  = 0
      found        = false
-      progress_bar = self.progress_bar(count_file_lines(wordlist), options)
+      progress_bar = self.progress_bar(count_file_lines(wordlist)+1, options)

      File.open(wordlist).each do |password|
-        password.chop!
+        password.chomp!

        # A successfull login will redirect us to the redirect_to parameter
        # Generate a random one on each request
@@ -63,6 +63,7 @@ class WpUser < WpItem

      # run all of the remaining requests
      hydra.run
+      puts if options[:show_progression] # mandatory to avoid the output of the progressbar to be overriden
    end

    # @param [ Integer ] targets_size
--- a/lib/common/models/wp_version/findable.rb
+++ b/lib/common/models/wp_version/findable.rb
@@ -100,18 +100,6 @@ class WpVersion < WpItem
      )
    end

-    # Attempts to find the WordPress version from,
-    # the generator tag in the RSS2 feed source.
-    #
-    # Have not been able to find an example of this - Ryan
-    #def find_from_rss2_generator(target_uri)
-    #  scan_url(
-    #    target_uri,
-    #    %r{<generator>http://wordpress.org/?v=(#{WpVersion.version_pattern})</generator>}i,
-    #    'feed/rss/'
-    #  )
-    #end
-
    # Attempts to find the WordPress version from,
    # the generator tag in the Atom source.
    #
@@ -126,18 +114,6 @@ class WpVersion < WpItem
      )
    end

-    # Attempts to find the WordPress version from,
-    # the generator tag in the comment rss source.
-    #
-    # Have not been able to find an example of this - Ryan
-    #def find_from_comments_rss_generator(target_uri)
-    # scan_url(
-    # target_uri,
-    # %r{<!-- generator="WordPress/#{WpVersion.version_pattern}" -->}i,
-    # 'comments/feed/'
-    # )
-    #end
-
    # Uses data/wp_versions.xml to try to identify a
    # wordpress version.
    #
--- a/lib/wpscan/wp_target.rb
+++ b/lib/wpscan/wp_target.rb
@@ -1,7 +1,6 @@
 # encoding: UTF-8

 require 'web_site'
-require 'wp_target/malwares'
 require 'wp_target/wp_readme'
 require 'wp_target/wp_registrable'
 require 'wp_target/wp_config_backup'
@@ -11,7 +10,6 @@ require 'wp_target/wp_custom_directories'
 require 'wp_target/wp_full_path_disclosure'

 class WpTarget < WebSite
-  include WpTarget::Malwares
  include WpTarget::WpReadme
  include WpTarget::WpRegistrable
  include WpTarget::WpConfigBackup
--- a/lib/wpscan/wp_target/malwares.rb
+++ b/lib/wpscan/wp_target/malwares.rb
@@ -1,50 +0,0 @@
-# encoding: UTF-8
-
-class WpTarget < WebSite
-  module Malwares
-    # Used as cache :
-    #   nil => malwares not checked,
-    #   [] => no malwares,
-    #   otherwise array of malwares url found
-    @malwares = nil
-
-    def has_malwares?(malwares_file_path = nil)
-      !malwares(malwares_file_path).empty?
-    end
-
-    # return array of string (url of malwares found)
-    def malwares(malwares_file_path = nil)
-      unless @malwares
-        malwares_found = []
-        malwares_file = Malwares.malwares_file(malwares_file_path)
-        index_page_body = Browser.get(@uri.to_s).body
-
-        File.open(malwares_file, 'r') do |file|
-          file.readlines.collect do |url|
-            chomped_url = url.chomp
-
-            if chomped_url.length > 0
-              malwares_found += index_page_body.scan(Malwares.malware_pattern(chomped_url))
-            end
-          end
-        end
-
-        malwares_found.flatten!
-        malwares_found.uniq!
-
-        @malwares = malwares_found
-      end
-      @malwares
-    end
-
-    def self.malwares_file(malwares_file_path)
-      malwares_file_path || DATA_DIR + '/malwares.txt'
-    end
-
-    def self.malware_pattern(url_regex)
-      # no need to escape regex here, because malware.txt contains regex
-      %r{<(?:script|iframe).* src=(?:"|')(#{url_regex}[^"']*)(?:"|')[^>]*>}i
-    end
-
-  end
-end
--- a/lib/wpscan/wpscan_helper.rb
+++ b/lib/wpscan/wpscan_helper.rb
@@ -97,8 +97,9 @@ def help
  puts '                                    If no protocol is given (format host:port), HTTP will be used.'
  puts '--proxy-auth <username:password>    Supply the proxy login credentials.'
  puts '--basic-auth <username:password>    Set the HTTP Basic authentication.'
-  puts '--wordlist | -w <wordlist>          Supply a wordlist for the password bruter and do the brute.'
+  puts '--wordlist | -w <wordlist>          Supply a wordlist for the password brute forcer.'
  puts '--username | -U <username>          Only brute force the supplied username.'
+  puts '--usernames     <path-to-file>      Only brute force the usernames from the file.'
  puts '--threads  | -t <number of threads> The number of threads to use when multi-threading requests.'
  puts '--cache-ttl       <cache-ttl>       Typhoeus cache TTL.'
  puts '--request-timeout <request-timeout> Request Timeout.'
@@ -106,6 +107,7 @@ def help
  puts '--max-threads     <max-threads>     Maximum Threads.'
  puts '--help     | -h                     This help screen.'
  puts '--verbose  | -v                     Verbose output.'
+  puts '--version                           Output the current version and exit.'
  puts
 end

--- a/lib/wpscan/wpscan_options.rb
+++ b/lib/wpscan/wpscan_options.rb
@@ -14,6 +14,7 @@ class WpscanOptions
    :enumerate_usernames,
    :enumerate_usernames_range,
    :no_color,
+    :log,
    :proxy,
    :proxy_auth,
    :threads,
@@ -23,6 +24,7 @@ class WpscanOptions
    :update,
    :verbose,
    :username,
+    :usernames,
    :password,
    :follow_redirection,
    :wp_content_dir,
@@ -68,6 +70,12 @@ class WpscanOptions
    end
  end

+  def usernames=(file)
+    fail "The file #{file} does not exist" unless File.exists?(file)
+
+    @usernames = file
+  end
+
  def proxy=(proxy)
    if proxy.index(':') == nil
      raise 'Invalid proxy format. Should be host:port.'
@@ -237,6 +245,7 @@ class WpscanOptions
      ['--url', '-u', GetoptLong::REQUIRED_ARGUMENT],
      ['--enumerate', '-e', GetoptLong::OPTIONAL_ARGUMENT],
      ['--username', '-U', GetoptLong::REQUIRED_ARGUMENT],
+      ['--usernames', GetoptLong::REQUIRED_ARGUMENT],
      ['--wordlist', '-w', GetoptLong::REQUIRED_ARGUMENT],
      ['--threads', '-t', GetoptLong::REQUIRED_ARGUMENT],
      ['--force', '-f', GetoptLong::NO_ARGUMENT],
@@ -261,7 +270,8 @@ class WpscanOptions
      ['--max-threads', GetoptLong::REQUIRED_ARGUMENT],
      ['--batch', GetoptLong::NO_ARGUMENT],
      ['--no-color', GetoptLong::NO_ARGUMENT],
-      ['--cookie', GetoptLong::REQUIRED_ARGUMENT]
+      ['--cookie', GetoptLong::REQUIRED_ARGUMENT],
+      ['--log', GetoptLong::NO_ARGUMENT]
    )
  end

--- a/lib/wpstools/plugins/checker/checker_plugin.rb
+++ b/lib/wpstools/plugins/checker/checker_plugin.rb
@@ -35,7 +35,7 @@ class CheckerPlugin < Plugin
      json.each do |asset|
        asset[asset.keys.inject]['vulnerabilities'].each do |url|
          unless url['url'].nil?
-            url['url'].split(',').each do |url|
+            url['url'].each do |url|
              urls << url
            end
          end
--- a/spec/lib/common/cache_file_store_spec.rb
+++ b/spec/lib/common/cache_file_store_spec.rb
@@ -30,14 +30,15 @@ describe CacheFileStore do

  describe '#clean' do
    it "should remove all files from the cache dir (#{@cache_dir}" do
-      # let's create some files into the directory first
-      (0..5).each do |i|
-        File.new(@cache.storage_path + "/file_#{i}.txt", File::CREAT)
-      end
-
-      expect(count_files_in_dir(@cache.storage_path, 'file_*.txt')).to eq 6
+      # clean is executed by other tests before
+      before = count_files_in_dir(@cache.cache_dir)
+      test_dir = File.expand_path("#{@cache.cache_dir}/test")
+      Dir.mkdir test_dir
+      #change the modification date
+      %x[ touch -t 200701310846.26 #{test_dir} ]
+      expect(count_files_in_dir(@cache.cache_dir)).to eq (before + 1)
      @cache.clean
-      expect(count_files_in_dir(@cache.storage_path)).to eq 0
+      expect(count_files_in_dir(@cache.cache_dir)).to eq before
    end
  end

--- a/spec/lib/common/collections/wp_users/output_spec.rb
+++ b/spec/lib/common/collections/wp_users/output_spec.rb
@@ -25,19 +25,19 @@ describe 'WpUsers::Output' do
      subject.push(@input)
      subject.flatten!
      subject.remove_junk_from_display_names
-      expect(subject).to be === @expected
+      expect(subject).to eq @expected
    end

-    it 'should return an empty array' do
+    it 'returns an empty array' do
      @expected = @input
    end

-    it 'should return input object' do
+    it 'returns input object' do
      @input.push(WpUser.new(nil))
      @expected = @input
    end

-    it 'should return input object' do
+    it 'returns input object' do
      @input.push(WpUser.new(''))
      @expected = @input
    end
@@ -50,23 +50,37 @@ describe 'WpUsers::Output' do
      @expected.push(WpUser.new('', login: '', id: 2, display_name: 'ijrjd'))
    end

-    it 'should return unmodified input object' do
+    it 'returns unmodified input object' do
      @input.push(WpUser.new('', login: '', id: 1, display_name: 'lkjh asdfa'))
      @input.push(WpUser.new('', login: '', id: 2, display_name: 'ijrjd asdf'))
      @expected = @input
    end

-    it 'should return input object' do
+    it 'returns input object' do
      @input.push(WpUser.new('', login: '', id: 1, display_name: 'lkjh asdf'))
      @expected = @input
    end

-    it 'should return an empty display_name' do
+    it 'returns an empty display_name' do
      @input.push(WpUser.new('', login: '', id: 1, display_name: 'lkhj asdf'))
      @input.push(WpUser.new('', login: '', id: 2, display_name: 'lkhj asdf'))
      @expected = WpUsers.new(0)
      @expected.push(WpUser.new('', login: '', id: 1, display_name: ''))
      @expected.push(WpUser.new('', login: '', id: 2, display_name: ''))
    end
+
+    context 'when a user has no display_name' do
+      it 'returns an empty display_name' do
+        @input.push(WpUser.new('', login: '', id: 1, display_name: 'lkhj asdf'))
+        @input.push(WpUser.new('', login: '', id: 2, display_name: 'lkhj asdf'))
+        @input.push(WpUser.new('', login: '', id: 3))
+
+        @expected = WpUsers.new(0)
+
+        (1..3).each do |id|
+          @expected.push(WpUser.new('', login: '', id: id, display_name: ''))
+        end
+      end
+    end
  end
 end
--- a/spec/lib/wpscan/wp_target_spec.rb
+++ b/spec/lib/wpscan/wp_target_spec.rb
@@ -18,7 +18,6 @@ describe WpTarget do

  before { Browser::reset }

-  it_behaves_like 'WpTarget::Malwares'
  it_behaves_like 'WpTarget::WpReadme'
  it_behaves_like 'WpTarget::WpRegistrable'
  it_behaves_like 'WpTarget::WpConfigBackup'
--- a/spec/samples/common/models/wp_item/versionable/wp-photo-plus-5.1.15.txt
+++ b/spec/samples/common/models/wp_item/versionable/wp-photo-plus-5.1.15.txt
@@ -0,0 +1,9 @@
+=== WP Photo Album Plus ===
+Contributors: opajaap
+Tags: photo, album, photoalbum, gallery, slideshow, sidebar widget, photowidget, photoblog, widget, qtranslate, cubepoints, multisite, network, lightbox, comment, watermark, iptc, exif, responsive, mobile
+Stable tag: trunk
+Version: 5.1.15
+Author: J.N. Breetvelt
+Author URI: http://www.opajaap.nl/
+Requires at least: 3.1
+Tested up to: 3.7.1
--- a/spec/samples/wpscan/wp_target/malwares/clean.html
+++ b/spec/samples/wpscan/wp_target/malwares/clean.html
@@ -1,137 +0,0 @@
-<!DOCTYPE html>
-<!--[if IE 6]>
-<html id="ie6" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 7]>
-<html id="ie7" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 8]>
-<html id="ie8" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if !(IE 6) | !(IE 7) | !(IE 8)  ]><!-->
-<html dir="ltr" lang="en-US">
-<!--<![endif]-->
-<head>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width" />
-<title>Wordpress 3.3.2 | Just another WordPress site</title>
-<link rel="profile" href="http://gmpg.org/xfn/11" />
-<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/style.css" />
-<link rel="pingback" href="http://lamp/wordpress-3.3.2/xmlrpc.php" />
-<!--[if lt IE 9]>
-<script src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
-<![endif]-->
-<meta name='robots' content='noindex,nofollow' />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Feed" href="http://lamp/wordpress-3.3.2/?feed=rss2" />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Comments Feed" href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" />
-<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.3.2/xmlrpc.php?rsd" />
-<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.3.2/wp-includes/wlwmanifest.xml" /> 
-<meta name="generator" content="WordPress 3.3.2" />
-	<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
-</head>
-
-<body class="home blog single-author two-column right-sidebar">
-<div id="page" class="hfeed">
-	<header id="branding" role="banner">
-			<hgroup>
-				<h1 id="site-title"><span><a href="http://lamp/wordpress-3.3.2/" title="Wordpress 3.3.2" rel="home">Wordpress 3.3.2</a></span></h1>
-				<h2 id="site-description">Just another WordPress site</h2>
-			</hgroup>
-
-						<a href="http://lamp/wordpress-3.3.2/">
-									<img src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/images/headers/pine-cone.jpg" width="1000" height="288" alt="" />
-							</a>
-			
-								<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-			
-			<nav id="access" role="navigation">
-				<h3 class="assistive-text">Main menu</h3>
-								<div class="skip-link"><a class="assistive-text" href="#content" title="Skip to primary content">Skip to primary content</a></div>
-				<div class="skip-link"><a class="assistive-text" href="#secondary" title="Skip to secondary content">Skip to secondary content</a></div>
-								<div class="menu"><ul><li class="current_page_item"><a href="http://lamp/wordpress-3.3.2/" title="Home">Home</a></li><li class="page_item page-item-2"><a href="http://lamp/wordpress-3.3.2/?page_id=2">Sample Page</a></li></ul></div>
-			</nav><!-- #access -->
-	</header><!-- #branding -->
-
-
-	<div id="main">
-		<div id="primary">
-			<div id="content" role="main">
-
-			
-				
-								
-					
-	<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
-		<header class="entry-header">
-						<h1 class="entry-title"><a href="http://lamp/wordpress-3.3.2/?p=1" title="Permalink to Hello world!" rel="bookmark">Hello world!</a></h1>
-			
-						<div class="entry-meta">
-				<span class="sep">Posted on </span><a href="http://lamp/wordpress-3.3.2/?p=1" title="1:05 pm" rel="bookmark"><time class="entry-date" datetime="2012-05-02T13:05:44+00:00" pubdate>May 2, 2012</time></a><span class="by-author"> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="http://lamp/wordpress-3.3.2/?author=1" title="View all posts by admin" rel="author">admin</a></span></span>			</div><!-- .entry-meta -->
-			
-						<div class="comments-link">
-				<a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!">2</a>			</div>
-					</header><!-- .entry-header -->
-
-				<div class="entry-content">
-			<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
-					</div><!-- .entry-content -->
-		
-		<footer class="entry-meta">
-												<span class="cat-links">
-				<span class="entry-utility-prep entry-utility-prep-cat-links">Posted in</span> <a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a>			</span>
-									
-									<span class="sep"> | </span>
-						<span class="comments-link"><a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!"><b>2</b> Replies</a></span>
-			
-					</footer><!-- #entry-meta -->
-	</article><!-- #post-1 -->
-
-				
-				
-			
-			</div><!-- #content -->
-		</div><!-- #primary -->
-
-		<div id="secondary" class="widget-area" role="complementary">
-			<aside id="search-2" class="widget widget_search">	<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-</aside>		<aside id="recent-posts-2" class="widget widget_recent_entries">		<h3 class="widget-title">Recent Posts</h3>		<ul>
-				<li><a href="http://lamp/wordpress-3.3.2/?p=1" title="Hello world!">Hello world!</a></li>
-				</ul>
-		</aside><aside id="recent-comments-2" class="widget widget_recent_comments"><h3 class="widget-title">Recent Comments</h3><ul id="recentcomments"><li class="recentcomments">Pwet on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-2">Hello world!</a></li><li class="recentcomments"><a href='http://wordpress.org/' rel='external nofollow' class='url'>Mr WordPress</a> on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-1">Hello world!</a></li></ul></aside><aside id="archives-2" class="widget widget_archive"><h3 class="widget-title">Archives</h3>		<ul>
-			<li><a href='http://lamp/wordpress-3.3.2/?m=201205' title='May 2012'>May 2012</a></li>
-		</ul>
-</aside><aside id="categories-2" class="widget widget_categories"><h3 class="widget-title">Categories</h3>		<ul>
-	<li class="cat-item cat-item-1"><a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts filed under Uncategorized">Uncategorized</a>
-</li>
-		</ul>
-</aside><aside id="meta-2" class="widget widget_meta"><h3 class="widget-title">Meta</h3>			<ul>
-						<li><a href="http://lamp/wordpress-3.3.2/wp-login.php">Log in</a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=rss2" title="Syndicate this site using RSS 2.0">Entries <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" title="The latest comments to all posts in RSS">Comments <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress.org</a></li>
-						</ul>
-</aside>		</div><!-- #secondary .widget-area -->
-
-	</div><!-- #main -->
-
-	<footer id="colophon" role="contentinfo">
-
-			
-
-			<div id="site-generator">
-								<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform" rel="generator">Proudly powered by WordPress</a>
-			</div>
-	</footer><!-- #colophon -->
-</div><!-- #page -->
-
-
-</body>
-</html>
--- a/spec/samples/wpscan/wp_target/malwares/malwares.txt
+++ b/spec/samples/wpscan/wp_target/malwares/malwares.txt
@@ -1,3 +0,0 @@
-http://.*.rr.nu
-http://www.thesea.org/media.php
-
--- a/spec/samples/wpscan/wp_target/malwares/multiple-infections.html
+++ b/spec/samples/wpscan/wp_target/malwares/multiple-infections.html
@@ -1,145 +0,0 @@
-<!DOCTYPE html>
-<!--[if IE 6]>
-<html id="ie6" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 7]>
-<html id="ie7" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 8]>
-<html id="ie8" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if !(IE 6) | !(IE 7) | !(IE 8)  ]><!-->
-<html dir="ltr" lang="en-US">
-<!--<![endif]-->
-<head>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width" />
-<title>Wordpress 3.3.2 | Just another WordPress site</title>
-<link rel="profile" href="http://gmpg.org/xfn/11" />
-<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/style.css" />
-<link rel="pingback" href="http://lamp/wordpress-3.3.2/xmlrpc.php" />
-<!--[if lt IE 9]>
-<script src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
-<![endif]-->
-<!--
-
-  INFECTED : (commented to prevent real infection) 
-  <script src="http://irstde24clined.rr.nu/mm.php?d=1"></script>
-  <script src='http://atio79srem.rr.nu/pmg.php?dr=1'></script>
-  <script type="text/javascript">document.write('<iframe src="http://www.thesea.org/media.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>');</script>
-
-->
-<meta name='robots' content='noindex,nofollow' />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Feed" href="http://lamp/wordpress-3.3.2/?feed=rss2" />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Comments Feed" href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" />
-<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.3.2/xmlrpc.php?rsd" />
-<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.3.2/wp-includes/wlwmanifest.xml" /> 
-<meta name="generator" content="WordPress 3.3.2" />
-	<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
-</head>
-
-<body class="home blog single-author two-column right-sidebar">
-<div id="page" class="hfeed">
-	<header id="branding" role="banner">
-			<hgroup>
-				<h1 id="site-title"><span><a href="http://lamp/wordpress-3.3.2/" title="Wordpress 3.3.2" rel="home">Wordpress 3.3.2</a></span></h1>
-				<h2 id="site-description">Just another WordPress site</h2>
-			</hgroup>
-
-						<a href="http://lamp/wordpress-3.3.2/">
-									<img src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/images/headers/pine-cone.jpg" width="1000" height="288" alt="" />
-							</a>
-			
-								<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-			
-			<nav id="access" role="navigation">
-				<h3 class="assistive-text">Main menu</h3>
-								<div class="skip-link"><a class="assistive-text" href="#content" title="Skip to primary content">Skip to primary content</a></div>
-				<div class="skip-link"><a class="assistive-text" href="#secondary" title="Skip to secondary content">Skip to secondary content</a></div>
-								<div class="menu"><ul><li class="current_page_item"><a href="http://lamp/wordpress-3.3.2/" title="Home">Home</a></li><li class="page_item page-item-2"><a href="http://lamp/wordpress-3.3.2/?page_id=2">Sample Page</a></li></ul></div>
-			</nav><!-- #access -->
-	</header><!-- #branding -->
-
-
-	<div id="main">
-		<div id="primary">
-			<div id="content" role="main">
-
-			
-				
-								
-					
-	<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
-		<header class="entry-header">
-						<h1 class="entry-title"><a href="http://lamp/wordpress-3.3.2/?p=1" title="Permalink to Hello world!" rel="bookmark">Hello world!</a></h1>
-			
-						<div class="entry-meta">
-				<span class="sep">Posted on </span><a href="http://lamp/wordpress-3.3.2/?p=1" title="1:05 pm" rel="bookmark"><time class="entry-date" datetime="2012-05-02T13:05:44+00:00" pubdate>May 2, 2012</time></a><span class="by-author"> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="http://lamp/wordpress-3.3.2/?author=1" title="View all posts by admin" rel="author">admin</a></span></span>			</div><!-- .entry-meta -->
-			
-						<div class="comments-link">
-				<a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!">2</a>			</div>
-					</header><!-- .entry-header -->
-
-				<div class="entry-content">
-			<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
-					</div><!-- .entry-content -->
-		
-		<footer class="entry-meta">
-												<span class="cat-links">
-				<span class="entry-utility-prep entry-utility-prep-cat-links">Posted in</span> <a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a>			</span>
-									
-									<span class="sep"> | </span>
-						<span class="comments-link"><a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!"><b>2</b> Replies</a></span>
-			
-					</footer><!-- #entry-meta -->
-	</article><!-- #post-1 -->
-
-				
-				
-			
-			</div><!-- #content -->
-		</div><!-- #primary -->
-
-		<div id="secondary" class="widget-area" role="complementary">
-			<aside id="search-2" class="widget widget_search">	<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-</aside>		<aside id="recent-posts-2" class="widget widget_recent_entries">		<h3 class="widget-title">Recent Posts</h3>		<ul>
-				<li><a href="http://lamp/wordpress-3.3.2/?p=1" title="Hello world!">Hello world!</a></li>
-				</ul>
-		</aside><aside id="recent-comments-2" class="widget widget_recent_comments"><h3 class="widget-title">Recent Comments</h3><ul id="recentcomments"><li class="recentcomments">Pwet on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-2">Hello world!</a></li><li class="recentcomments"><a href='http://wordpress.org/' rel='external nofollow' class='url'>Mr WordPress</a> on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-1">Hello world!</a></li></ul></aside><aside id="archives-2" class="widget widget_archive"><h3 class="widget-title">Archives</h3>		<ul>
-			<li><a href='http://lamp/wordpress-3.3.2/?m=201205' title='May 2012'>May 2012</a></li>
-		</ul>
-</aside><aside id="categories-2" class="widget widget_categories"><h3 class="widget-title">Categories</h3>		<ul>
-	<li class="cat-item cat-item-1"><a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts filed under Uncategorized">Uncategorized</a>
-</li>
-		</ul>
-</aside><aside id="meta-2" class="widget widget_meta"><h3 class="widget-title">Meta</h3>			<ul>
-						<li><a href="http://lamp/wordpress-3.3.2/wp-login.php">Log in</a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=rss2" title="Syndicate this site using RSS 2.0">Entries <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" title="The latest comments to all posts in RSS">Comments <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress.org</a></li>
-						</ul>
-</aside>		</div><!-- #secondary .widget-area -->
-
-	</div><!-- #main -->
-
-	<footer id="colophon" role="contentinfo">
-
-			
-
-			<div id="site-generator">
-								<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform" rel="generator">Proudly powered by WordPress</a>
-			</div>
-	</footer><!-- #colophon -->
-</div><!-- #page -->
-
-
-</body>
-</html>
--- a/spec/samples/wpscan/wp_target/malwares/single-iframe-infection.html
+++ b/spec/samples/wpscan/wp_target/malwares/single-iframe-infection.html
@@ -1,143 +0,0 @@
-<!DOCTYPE html>
-<!--[if IE 6]>
-<html id="ie6" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 7]>
-<html id="ie7" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 8]>
-<html id="ie8" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if !(IE 6) | !(IE 7) | !(IE 8)  ]><!-->
-<html dir="ltr" lang="en-US">
-<!--<![endif]-->
-<head>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width" />
-<title>Wordpress 3.3.2 | Just another WordPress site</title>
-<link rel="profile" href="http://gmpg.org/xfn/11" />
-<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/style.css" />
-<link rel="pingback" href="http://lamp/wordpress-3.3.2/xmlrpc.php" />
-<!--[if lt IE 9]>
-<script src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
-<![endif]-->
-<!--
-
-  INFECTED : (commented to prevent real infection) 
-  <iframe name="Twitter" src="http://www.thesea.org/media.php" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>
-
-->
-<meta name='robots' content='noindex,nofollow' />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Feed" href="http://lamp/wordpress-3.3.2/?feed=rss2" />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Comments Feed" href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" />
-<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.3.2/xmlrpc.php?rsd" />
-<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.3.2/wp-includes/wlwmanifest.xml" /> 
-<meta name="generator" content="WordPress 3.3.2" />
-	<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
-</head>
-
-<body class="home blog single-author two-column right-sidebar">
-<div id="page" class="hfeed">
-	<header id="branding" role="banner">
-			<hgroup>
-				<h1 id="site-title"><span><a href="http://lamp/wordpress-3.3.2/" title="Wordpress 3.3.2" rel="home">Wordpress 3.3.2</a></span></h1>
-				<h2 id="site-description">Just another WordPress site</h2>
-			</hgroup>
-
-						<a href="http://lamp/wordpress-3.3.2/">
-									<img src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/images/headers/pine-cone.jpg" width="1000" height="288" alt="" />
-							</a>
-			
-								<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-			
-			<nav id="access" role="navigation">
-				<h3 class="assistive-text">Main menu</h3>
-								<div class="skip-link"><a class="assistive-text" href="#content" title="Skip to primary content">Skip to primary content</a></div>
-				<div class="skip-link"><a class="assistive-text" href="#secondary" title="Skip to secondary content">Skip to secondary content</a></div>
-								<div class="menu"><ul><li class="current_page_item"><a href="http://lamp/wordpress-3.3.2/" title="Home">Home</a></li><li class="page_item page-item-2"><a href="http://lamp/wordpress-3.3.2/?page_id=2">Sample Page</a></li></ul></div>
-			</nav><!-- #access -->
-	</header><!-- #branding -->
-
-
-	<div id="main">
-		<div id="primary">
-			<div id="content" role="main">
-
-			
-				
-								
-					
-	<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
-		<header class="entry-header">
-						<h1 class="entry-title"><a href="http://lamp/wordpress-3.3.2/?p=1" title="Permalink to Hello world!" rel="bookmark">Hello world!</a></h1>
-			
-						<div class="entry-meta">
-				<span class="sep">Posted on </span><a href="http://lamp/wordpress-3.3.2/?p=1" title="1:05 pm" rel="bookmark"><time class="entry-date" datetime="2012-05-02T13:05:44+00:00" pubdate>May 2, 2012</time></a><span class="by-author"> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="http://lamp/wordpress-3.3.2/?author=1" title="View all posts by admin" rel="author">admin</a></span></span>			</div><!-- .entry-meta -->
-			
-						<div class="comments-link">
-				<a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!">2</a>			</div>
-					</header><!-- .entry-header -->
-
-				<div class="entry-content">
-			<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
-					</div><!-- .entry-content -->
-		
-		<footer class="entry-meta">
-												<span class="cat-links">
-				<span class="entry-utility-prep entry-utility-prep-cat-links">Posted in</span> <a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a>			</span>
-									
-									<span class="sep"> | </span>
-						<span class="comments-link"><a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!"><b>2</b> Replies</a></span>
-			
-					</footer><!-- #entry-meta -->
-	</article><!-- #post-1 -->
-
-				
-				
-			
-			</div><!-- #content -->
-		</div><!-- #primary -->
-
-		<div id="secondary" class="widget-area" role="complementary">
-			<aside id="search-2" class="widget widget_search">	<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-</aside>		<aside id="recent-posts-2" class="widget widget_recent_entries">		<h3 class="widget-title">Recent Posts</h3>		<ul>
-				<li><a href="http://lamp/wordpress-3.3.2/?p=1" title="Hello world!">Hello world!</a></li>
-				</ul>
-		</aside><aside id="recent-comments-2" class="widget widget_recent_comments"><h3 class="widget-title">Recent Comments</h3><ul id="recentcomments"><li class="recentcomments">Pwet on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-2">Hello world!</a></li><li class="recentcomments"><a href='http://wordpress.org/' rel='external nofollow' class='url'>Mr WordPress</a> on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-1">Hello world!</a></li></ul></aside><aside id="archives-2" class="widget widget_archive"><h3 class="widget-title">Archives</h3>		<ul>
-			<li><a href='http://lamp/wordpress-3.3.2/?m=201205' title='May 2012'>May 2012</a></li>
-		</ul>
-</aside><aside id="categories-2" class="widget widget_categories"><h3 class="widget-title">Categories</h3>		<ul>
-	<li class="cat-item cat-item-1"><a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts filed under Uncategorized">Uncategorized</a>
-</li>
-		</ul>
-</aside><aside id="meta-2" class="widget widget_meta"><h3 class="widget-title">Meta</h3>			<ul>
-						<li><a href="http://lamp/wordpress-3.3.2/wp-login.php">Log in</a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=rss2" title="Syndicate this site using RSS 2.0">Entries <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" title="The latest comments to all posts in RSS">Comments <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress.org</a></li>
-						</ul>
-</aside>		</div><!-- #secondary .widget-area -->
-
-	</div><!-- #main -->
-
-	<footer id="colophon" role="contentinfo">
-
-			
-
-			<div id="site-generator">
-								<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform" rel="generator">Proudly powered by WordPress</a>
-			</div>
-	</footer><!-- #colophon -->
-</div><!-- #page -->
-
-
-</body>
-</html>
--- a/spec/samples/wpscan/wp_target/malwares/single-infection.html
+++ b/spec/samples/wpscan/wp_target/malwares/single-infection.html
@@ -1,143 +0,0 @@
-<!DOCTYPE html>
-<!--[if IE 6]>
-<html id="ie6" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 7]>
-<html id="ie7" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 8]>
-<html id="ie8" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if !(IE 6) | !(IE 7) | !(IE 8)  ]><!-->
-<html dir="ltr" lang="en-US">
-<!--<![endif]-->
-<head>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width" />
-<title>Wordpress 3.3.2 | Just another WordPress site</title>
-<link rel="profile" href="http://gmpg.org/xfn/11" />
-<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/style.css" />
-<link rel="pingback" href="http://lamp/wordpress-3.3.2/xmlrpc.php" />
-<!--[if lt IE 9]>
-<script src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
-<![endif]-->
-<!--
-
-  INFECTED : (commented to prevent real infection) 
-  <script src="http://irstde24clined.rr.nu/mm.php?d=1"></script>
-
-->
-<meta name='robots' content='noindex,nofollow' />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Feed" href="http://lamp/wordpress-3.3.2/?feed=rss2" />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Comments Feed" href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" />
-<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.3.2/xmlrpc.php?rsd" />
-<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.3.2/wp-includes/wlwmanifest.xml" /> 
-<meta name="generator" content="WordPress 3.3.2" />
-	<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
-</head>
-
-<body class="home blog single-author two-column right-sidebar">
-<div id="page" class="hfeed">
-	<header id="branding" role="banner">
-			<hgroup>
-				<h1 id="site-title"><span><a href="http://lamp/wordpress-3.3.2/" title="Wordpress 3.3.2" rel="home">Wordpress 3.3.2</a></span></h1>
-				<h2 id="site-description">Just another WordPress site</h2>
-			</hgroup>
-
-						<a href="http://lamp/wordpress-3.3.2/">
-									<img src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/images/headers/pine-cone.jpg" width="1000" height="288" alt="" />
-							</a>
-			
-								<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-			
-			<nav id="access" role="navigation">
-				<h3 class="assistive-text">Main menu</h3>
-								<div class="skip-link"><a class="assistive-text" href="#content" title="Skip to primary content">Skip to primary content</a></div>
-				<div class="skip-link"><a class="assistive-text" href="#secondary" title="Skip to secondary content">Skip to secondary content</a></div>
-								<div class="menu"><ul><li class="current_page_item"><a href="http://lamp/wordpress-3.3.2/" title="Home">Home</a></li><li class="page_item page-item-2"><a href="http://lamp/wordpress-3.3.2/?page_id=2">Sample Page</a></li></ul></div>
-			</nav><!-- #access -->
-	</header><!-- #branding -->
-
-
-	<div id="main">
-		<div id="primary">
-			<div id="content" role="main">
-
-			
-				
-								
-					
-	<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
-		<header class="entry-header">
-						<h1 class="entry-title"><a href="http://lamp/wordpress-3.3.2/?p=1" title="Permalink to Hello world!" rel="bookmark">Hello world!</a></h1>
-			
-						<div class="entry-meta">
-				<span class="sep">Posted on </span><a href="http://lamp/wordpress-3.3.2/?p=1" title="1:05 pm" rel="bookmark"><time class="entry-date" datetime="2012-05-02T13:05:44+00:00" pubdate>May 2, 2012</time></a><span class="by-author"> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="http://lamp/wordpress-3.3.2/?author=1" title="View all posts by admin" rel="author">admin</a></span></span>			</div><!-- .entry-meta -->
-			
-						<div class="comments-link">
-				<a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!">2</a>			</div>
-					</header><!-- .entry-header -->
-
-				<div class="entry-content">
-			<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
-					</div><!-- .entry-content -->
-		
-		<footer class="entry-meta">
-												<span class="cat-links">
-				<span class="entry-utility-prep entry-utility-prep-cat-links">Posted in</span> <a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a>			</span>
-									
-									<span class="sep"> | </span>
-						<span class="comments-link"><a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!"><b>2</b> Replies</a></span>
-			
-					</footer><!-- #entry-meta -->
-	</article><!-- #post-1 -->
-
-				
-				
-			
-			</div><!-- #content -->
-		</div><!-- #primary -->
-
-		<div id="secondary" class="widget-area" role="complementary">
-			<aside id="search-2" class="widget widget_search">	<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-</aside>		<aside id="recent-posts-2" class="widget widget_recent_entries">		<h3 class="widget-title">Recent Posts</h3>		<ul>
-				<li><a href="http://lamp/wordpress-3.3.2/?p=1" title="Hello world!">Hello world!</a></li>
-				</ul>
-		</aside><aside id="recent-comments-2" class="widget widget_recent_comments"><h3 class="widget-title">Recent Comments</h3><ul id="recentcomments"><li class="recentcomments">Pwet on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-2">Hello world!</a></li><li class="recentcomments"><a href='http://wordpress.org/' rel='external nofollow' class='url'>Mr WordPress</a> on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-1">Hello world!</a></li></ul></aside><aside id="archives-2" class="widget widget_archive"><h3 class="widget-title">Archives</h3>		<ul>
-			<li><a href='http://lamp/wordpress-3.3.2/?m=201205' title='May 2012'>May 2012</a></li>
-		</ul>
-</aside><aside id="categories-2" class="widget widget_categories"><h3 class="widget-title">Categories</h3>		<ul>
-	<li class="cat-item cat-item-1"><a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts filed under Uncategorized">Uncategorized</a>
-</li>
-		</ul>
-</aside><aside id="meta-2" class="widget widget_meta"><h3 class="widget-title">Meta</h3>			<ul>
-						<li><a href="http://lamp/wordpress-3.3.2/wp-login.php">Log in</a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=rss2" title="Syndicate this site using RSS 2.0">Entries <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" title="The latest comments to all posts in RSS">Comments <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress.org</a></li>
-						</ul>
-</aside>		</div><!-- #secondary .widget-area -->
-
-	</div><!-- #main -->
-
-	<footer id="colophon" role="contentinfo">
-
-			
-
-			<div id="site-generator">
-								<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform" rel="generator">Proudly powered by WordPress</a>
-			</div>
-	</footer><!-- #colophon -->
-</div><!-- #page -->
-
-
-</body>
-</html>
--- a/spec/shared_examples/wp_item_infos.rb
+++ b/spec/shared_examples/wp_item_infos.rb
@@ -8,7 +8,7 @@ shared_examples 'WpItem::Infos' do
  #  let(:error_log_url) { }

  describe '#readme_url' do
-    after { expect(subject.readme_url).to be === @expected }
+    after { expect(subject.readme_url).to eql @expected }

    it 'returns nil' do
      stub_request(:get, /.*/).to_return(status: 404)
@@ -16,7 +16,7 @@ shared_examples 'WpItem::Infos' do
    end

    context 'when the file exists' do
-      %w{readme.txt README.txt}.each do |readme|
+      %w{readme.txt README.TXT}.each do |readme|
        it 'returns the correct url' do
          url       = uri.merge(readme).to_s
          @expected = url
@@ -31,7 +31,7 @@ shared_examples 'WpItem::Infos' do
  describe '#has_readme?' do
    after do
      allow(subject).to receive_messages(readme_url: @stub)
-      expect(subject.has_readme?).to be === @expected
+      expect(subject.has_readme?).to eql @expected
    end

    context 'when readme_url is nil'
@@ -56,7 +56,7 @@ shared_examples 'WpItem::Infos' do
  describe '#has_changelog?' do
    after :each do
      stub_request(:get, subject.changelog_url).to_return(status: @status)
-      expect(subject.has_changelog?).to be === @expected
+      expect(subject.has_changelog?).to eql @expected
    end

    it 'returns true on a 200' do
@@ -73,7 +73,7 @@ shared_examples 'WpItem::Infos' do
  describe '#has_directory_listing?' do
    after do
      stub_request(:get, subject.uri.to_s).to_return(@stub_return)
-      expect(subject.has_directory_listing?).to be === @expected
+      expect(subject.has_directory_listing?).to eql @expected
    end

    context 'when the body contains <title>Index of' do
@@ -103,11 +103,11 @@ shared_examples 'WpItem::Infos' do
  describe '#has_error_log?' do
    after do
      stub_request(:get, subject.error_log_url).to_return(@stub_return)
-      expect(subject.has_error_log?).to be === @expected
+      expect(subject.has_error_log?).to eql @expected
    end

    it 'returns true if the pattern is detected' do
-      @stub_return = { status: 200, body: File.new( MODELS_FIXTURES + '/wp_item/error_log') }
+      @stub_return = { status: 200, body: File.new(MODELS_FIXTURES + '/wp_item/error_log') }
      @expected    = true
    end

--- a/spec/shared_examples/wp_item_versionable.rb
+++ b/spec/shared_examples/wp_item_versionable.rb
@@ -27,9 +27,18 @@ shared_examples 'WpItem::Versionable' do
      end

      context 'when the version is valid' do
-        it 'returns it' do
-          @file     = '/simple-login-lockdown-0.4.txt'
-          @expected = '0.4'
+        context 'when leaked from the stable tag' do
+          it 'returns it' do
+            @file     = '/simple-login-lockdown-0.4.txt'
+            @expected = '0.4'
+          end
+        end
+
+        context 'when leaked from the version' do
+          it 'returns it' do
+            @file     = '/wp-photo-plus-5.1.15.txt'
+            @expected = '5.1.15'
+          end
        end
      end
    end
--- a/spec/shared_examples/wp_target/malwares.rb
+++ b/spec/shared_examples/wp_target/malwares.rb
@@ -1,55 +0,0 @@
-# encoding: UTF-8
-
-shared_examples 'WpTarget::Malwares' do
-
-  let(:fixtures_dir)  { SPEC_FIXTURES_WPSCAN_WP_TARGET_DIR + '/malwares' }
-  let(:malwares_file) { fixtures_dir + '/malwares.txt' }
-
-  describe '#malwares_file' do
-    it 'returns the correct file path' do
-      expect(WpTarget::Malwares.malwares_file(malwares_file)).to be === malwares_file
-    end
-  end
-
-  describe '#malwares & #has_malwares' do
-    after :each do
-      if @fixture
-        stub_request_to_fixture(
-          url: wp_target.url, fixture: File.new(File.join(fixtures_dir, @fixture))
-        )
-      end
-
-      malwares = wp_target.malwares(malwares_file)
-
-      expect(malwares.sort).to be === @expected.sort
-      expect(wp_target.has_malwares?).to be === (@expected.empty? ? false : true)
-    end
-
-    it 'returns an empty array on a 404' do
-      stub_request(:get, wp_target.url).to_return(status: 404)
-
-      @expected = []
-    end
-
-    it 'returns an array empty array if no infection found' do
-      @fixture  = '/clean.html'
-      @expected = []
-    end
-
-    it 'returns an array with 1 malware url (.rr.nu check)' do
-      @fixture  = '/single-infection.html'
-      @expected = ['http://irstde24clined.rr.nu/mm.php?d=1']
-    end
-
-    it 'returns an array with 1 malware url (iframe check)' do
-      @fixture  = '/single-iframe-infection.html'
-      @expected = ['http://www.thesea.org/media.php']
-    end
-
-    it 'returns an array with 3 malwares url' do
-      @fixture  = '/multiple-infections.html'
-      @expected = ['http://irstde24clined.rr.nu/mm.php?d=1', 'http://atio79srem.rr.nu/pmg.php?dr=1', 'http://www.thesea.org/media.php']
-    end
-  end
-
-end
--- a/spec/shared_examples/wp_theme_versionable.rb
+++ b/spec/shared_examples/wp_theme_versionable.rb
@@ -21,26 +21,9 @@ shared_examples 'WpTheme::Versionable' do
    end

    context 'when the version is not found' do
-      let(:file)       { 'twentyeleven-unknow.css' }
-      let(:readme_url) { subject.uri.merge('readme.txt').to_s }
-
-      context 'from the style_url' do
-        it 'gets it from the readme' do
-          stub_request(:get, readme_url).to_return(status: 200, body: 'Stable Tag: 1.3.4')
-
-          @file     = file
-          @expected = '1.3.4'
-        end
-      end
-
-      context 'from both style & readme' do
-        it 'returns nil' do
-          allow(subject).to receive_messages(readme_url: readme_url)
-          stub_request(:get, readme_url).to_return(status: 404)
-
-          @file     = file
-          @expected = nil
-        end
+      it 'returns nil' do
+        @file     = 'twentyeleven-unknow.css'
+        @expected = nil
      end
    end

--- a/wpscan.rb
+++ b/wpscan.rb
@@ -8,11 +8,13 @@ def main
  # delete old logfile, check if it is a symlink first.
  File.delete(LOG_FILE) if File.exist?(LOG_FILE) and !File.symlink?(LOG_FILE)

-  banner()
-
  begin
    wpscan_options = WpscanOptions.load_from_arguments

+    $log = wpscan_options.log
+
+    banner() # called after $log set
+
    unless wpscan_options.has_options?
      # first parameter only url?
      if ARGV.length == 1
@@ -66,7 +68,7 @@ def main
      proxy_response = Browser.get(wp_target.url)

      unless WpTarget::valid_response_codes.include?(proxy_response.code)
-        raise "Proxy Error :\r\n#{proxy_response.headers}"
+        raise "Proxy Error :\r\nResponse Code: #{proxy_response.code}\r\nResponse Headers: #{proxy_response.headers}"
      end
    end

@@ -95,6 +97,12 @@ def main
      raise 'Basic authentication is required, please provide it with --basic-auth <login:password>'
    end

+    # test for valid credentials
+    unless wpscan_options.basic_auth.nil?
+      res = Browser.get_and_follow_location(wp_target.url)
+      raise 'Invalid credentials supplied' if res && res.code == 401
+    end
+
    # Remote website is wordpress?
    unless wpscan_options.force
      unless wp_target.wordpress?
@@ -135,7 +143,7 @@ def main
    end

    if wp_target.has_readme?
-      puts "#{warning('[!]')} The WordPress '#{wp_target.readme_url}' file exists"
+      puts "#{warning('[!]')} The WordPress '#{wp_target.readme_url}' file exists exposing a version number"
    end

    if wp_target.has_full_path_disclosure?
@@ -186,17 +194,6 @@ def main
      puts "#{warning('[!]')} Upload directory has directory listing enabled: #{wp_target.upload_dir_url}"
    end

-    if wp_target.has_malwares?
-      malwares = wp_target.malwares
-      puts "#{critical('[!]')} #{malwares.size} malware(s) found:"
-
-      malwares.each do |malware_url|
-        puts
-        puts ' | ' + critical("#{malware_url}")
-      end
-      puts
-    end
-
    enum_options = {
      show_progression: true,
      exclude_content: wpscan_options.exclude_content_based
@@ -216,7 +213,10 @@ def main
      wp_theme.output(wpscan_options.verbose)

      # Check for parent Themes
-      while wp_theme.is_child_theme?
+      parent_theme_count = 0
+      while wp_theme.is_child_theme? && parent_theme_count <= wp_theme.parent_theme_limit
+        parent_theme_count += 1
+
        parent = wp_theme.get_parent_theme
        puts
        puts "#{info('[+]')} Detected parent theme: #{parent}"
@@ -305,8 +305,8 @@ def main
      end
    end

-    # If we haven't been supplied a username, enumerate them...
-    if !wpscan_options.username and wpscan_options.wordlist or wpscan_options.enumerate_usernames
+    # If we haven't been supplied a username/usernames list, enumerate them...
+    if !wpscan_options.username && !wpscan_options.usernames && wpscan_options.wordlist || wpscan_options.enumerate_usernames
      puts
      puts "#{info('[+]')} Enumerating usernames ..."

@@ -333,11 +333,21 @@ def main
      else
        puts "#{info('[+]')} Identified the following #{wp_users.size} user/s:"
        wp_users.output(margin_left: ' ' * 4)
+        if wp_users[0].login == "admin"
+           puts "#{warning('[!]')} Default first WordPress username 'admin' is still used"
+        end
      end

    else
-      # FIXME : Change the .username to .login (and also the --username in the CLI)
-      wp_users = WpUsers.new << WpUser.new(wp_target.uri, login: wpscan_options.username)
+      wp_users = WpUsers.new
+
+      if wpscan_options.usernames
+        File.open(wpscan_options.usernames).each do |username|
+          wp_users << WpUser.new(wp_target.uri, login: username.chomp)
+        end
+      else
+        wp_users << WpUser.new(wp_target.uri, login: wpscan_options.username)
+      end
    end

    # Start the brute forcer
Author	SHA1	Message	Date
erwanlr	21221d48d0	Bumps the version	2014-12-19 17:26:11 +01:00
Peter	1f1a190c84	Update changelog	2014-12-19 13:25:59 +01:00
ethicalhack3r	82d79c4662	Add statistics to changelog #740	2014-12-19 12:57:55 +01:00
ethicalhack3r	08771a6d5d	Update data file #740	2014-12-19 12:53:42 +01:00
ethicalhack3r	e01d18f224	Add RS as special thanks #736	2014-12-19 12:20:47 +01:00
ethicalhack3r	8496650542	Remove references to pyfiscan	2014-12-19 12:19:20 +01:00
Peter	399245cd0f	Prepare changelog for next release	2014-12-19 12:04:40 +01:00
ethicalhack3r	adfa5dddcf	Remove unneeded code	2014-12-15 16:01:24 +01:00
ethicalhack3r	85971e0e91	Refactor #703 #336	2014-12-15 16:00:30 +01:00
ethicalhack3r	3a3376ec41	Disable logging by default. Implement log option. #703 #336	2014-12-15 15:39:14 +01:00
Christian Mehlmauer	d988b6ccbf	fix all the rspecs	2014-12-15 13:12:19 +01:00
Christian Mehlmauer	6654f446a4	try to fix #741	2014-12-15 12:37:46 +01:00
erwanlr	88808db9a5	Fixes the progressbar being overriden by next brute forcing attempts	2014-12-10 22:05:35 +01:00
erwanlr	dfad0fd6bd	Implements Firefart solution to avoid mandatory blank newline at the end of the wordlist	2014-12-10 21:56:45 +01:00
erwanlr	3fe49a24c7	Updates the readmes to reflect the new --usernames option	2014-12-10 18:17:04 +01:00
erwanlr	ac609445fb	Adds a statement about mendatory newlines at the end of list - Ref #739	2014-12-10 18:11:12 +01:00
erwanlr	0223f74a53	Adds the --usernames option - Fixes #739	2014-12-10 17:59:07 +01:00
erwanlr	607a5b3fda	Adds the --usernames option - Fixes #739	2014-12-10 17:58:51 +01:00
erwanlr	e3ac331a71	Removes the theme version check from the readme, unrealistic scenario - Ref #737	2014-12-10 17:01:14 +01:00
erwanlr	e09b4cc76d	Adds some readme files to check for plugin versions - Fixes #737	2014-12-10 16:55:00 +01:00
erwanlr	c24ed707ef	Improves plugin/theme version detection by looking at the "Version: "- Fixes #732	2014-12-05 18:11:49 +01:00
Christian Mehlmauer	a8c55ddee3	remove malware folder	2014-12-03 23:51:01 +01:00
Christian Mehlmauer	e080835224	updated zip	2014-12-03 23:45:33 +01:00
Christian Mehlmauer	2fe675abce	remove malwares	2014-12-03 23:37:31 +01:00
ethicalhack3r	d230221999	Prevent parent theme infinite loop	2014-12-02 16:40:18 +01:00
ethicalhack3r	91a01265e5	Add response code to proxy error output	2014-12-01 11:00:19 +01:00
ethicalhack3r	77286301a7	Add protocol to sucuri url in banner	2014-11-27 21:33:54 +01:00
ethicalhack3r	7c39827c16	Add Sucuri sponsor to banner	2014-11-27 21:30:17 +01:00
Ryan Dewhurst	8f789994eb	Merge pull request #729 from fgeek/rmobsoletecode Remove obsolete code	2014-11-26 13:54:07 +01:00
Henri Salo	79cb9c8142	Remove obsolete code. If use cases are found from active installations these functions can be taken into use with proper unit tests.	2014-11-26 01:18:12 +02:00
erwanlr	de1d047c08	Adds the --version in the help - Fixes #716	2014-11-25 17:44:01 +01:00
erwanlr	8252cb486b	Fixes #728	2014-11-25 17:36:11 +01:00
erwanlr	fb8ad72335	WpItems detection: Perform the passive check and filter only vulnerable results at the end if required, fixes #727	2014-11-21 16:49:04 +01:00
Christian Mehlmauer	bc4f0c002b	added check for valid credentials	2014-11-19 10:50:04 +01:00
ethicalhack3r	0a53c52645	Add new updating info to docs #715 #691	2014-11-14 11:52:06 +01:00
ethicalhack3r	7941a8accb	Update to Ruby 2.1.5 and travis	2014-11-13 17:02:21 +01:00
ethicalhack3r	5389923b34	Expand on readme.html finding output #717	2014-11-01 20:44:30 +01:00
ethicalhack3r	9c1149cb25	Update to Ruby 2.1.4	2014-10-27 14:42:03 +01:00
erwanlr	c5130de805	Merge pull request #711 from Soullivaneuh/db-updater-binary Fix UTF-8 encode on security db file download	2014-10-20 15:19:57 +01:00
Sullivan SENECHAL	020633503b	Fix UTF-8 encode on security db file download	2014-10-20 14:00:58 +02:00
Peter	74b9776801	Give warning if default username 'admin' is still used	2014-10-19 12:28:59 +02:00
ethicalhack3r	5a605d686c	License amendment to make it more clear about value added usage	2014-10-13 10:09:04 +02:00
Christian Mehlmauer	4ba9bdf605	Fix #705	2014-10-03 23:07:15 +02:00
Christian Mehlmauer	3f647348c3	Update README.md	2014-10-01 22:02:00 +02:00
erwanlr	de4f90dd72	Adds v2.5.1	2014-09-29 13:49:06 +02:00
ethicalhack3r	4a7b4754f0	Fix wpvulndb url #700	2014-09-29 12:51:48 +02:00
ethicalhack3r	fe05534a95	Update wpstools docs #697	2014-09-27 16:55:11 +02:00
ethicalhack3r	c7c7e75b32	Fix for #698	2014-09-27 16:43:44 +02:00
Christian Mehlmauer	efc6aed388	Ruby 2.1.3	2014-09-27 00:27:19 +02:00
Peter	197521d5b1	Added wpvulndb.com URL	2014-09-26 15:01:44 +02:00
@@ -1 +1 @@
 .1.2
 .1.5