Bumps the version

Remove obsolete code

.gitignore

@@ -12,3 +12,4 @@ log.txt
 debug.log
 wordlist.txt
 rspec_results.html
+data/

.ruby-version

@@ -1 +1 @@
-2.1.2
+2.1.5

.travis.yml

@@ -6,6 +6,9 @@ rvm:
   - 2.1.0
   - 2.1.1
   - 2.1.2
+  - 2.1.3
+  - 2.1.4
+  - 2.1.5
 script: bundle exec rspec
 notifications:
   email:

CHANGELOG.md

@@ -1,6 +1,55 @@
 # Changelog
 ## Master
-[Work in progress](https://github.com/wpscanteam/wpscan/compare/2.5...master)
+[Work in progress](https://github.com/wpscanteam/wpscan/compare/2.6...master)
+
+## Version 2.6
+Released: 2014-12-19
+
+New
+* Updates the readmes to reflect the new --usernames option
+* Improves plugin/theme version detection by looking at the "Version:"
+* Solution to avoid mandatory blank newline at the end of the wordlist
+* Add check for valid credentials
+* Add Sucuri sponsor to banner
+* Add protocol to sucuri url in banner
+* Add response code to proxy error output
+* Add a statement about mendatory newlines at the end of list
+* Give warning if default username 'admin' is still used
+* License amendment to make it more clear about value added usage
+
+Removed
+* remove malwares
+* remove malware folder
+* Removes the theme version check from the readme, unrealistic scenario
+
+General core
+* Update to Ruby 2.1.5 and travis
+* Prevent parent theme infinite loop
+* Fixes the progressbar being overriden by next brute forcing attempts
+
+Fixed issues
+* Fix UTF-8 encode on security db file download
+* Fix #703 - Disable logging by default. Implement log option.
+* Fix #705 - Installation instructions for Ubuntu < 14.04 apparently incomplete
+* Fix #717 - Expand on readme.html finding output
+* Fix #716 - Adds the --version in the help
+* Fix #715 - Add new updating info to docs
+* Fix #727 - WpItems detection: Perform the passive check and filter only vulnerable results at the end if required
+* Fix #737 - Adds some readme files to check for plugin versions
+* Fix #739 - Adds the --usernames option
+
+WPScan Database Statistics:
+* Total vulnerable versions: 88
+* Total vulnerable plugins: 901
+* Total vulnerable themes: 313
+* Total version vulnerabilities: 1050
+* Total plugin vulnerabilities: 1355
+* Total theme vulnerabilities: 349
+
+## Version 2.5.1
+Released: 2014-09-29
+
+Fixes reference URL to WPVDB
 
 ## Version 2.5
 Released: 2014-09-26 (@ BruCON 2014)

Gemfile

@@ -9,6 +9,6 @@ gem 'ruby-progressbar', '>=1.6.0'
 group :test do
   gem 'webmock', '>=1.17.2'
   gem 'simplecov'
-  gem 'rspec', '~>3.0'
+  gem 'rspec', '>=3.0'
   gem 'rspec-its'
 end

LICENSE

@@ -6,6 +6,7 @@ Cases of commercialization are:
 
 - Using WPScan to provide commercial managed/Software-as-a-Service services.
 - Distributing WPScan as a commercial product or as part of one.
+- Using WPScan as a value added service/product.
 
 Cases which do not require a commercial license, and thus fall under the terms of GNU General Public License, include (but are not limited to):
 

README

@@ -17,6 +17,7 @@ Cases of commercialization are:
 
 - Using WPScan to provide commercial managed/Software-as-a-Service services.
 - Distributing WPScan as a commercial product or as part of one.
+- Using WPScan as a value added service/product.
 
 Cases which do not require a commercial license, and thus fall under the terms of GNU General Public License, include (but are not limited to):
 
@@ -43,21 +44,27 @@ You should have received a copy of the GNU General Public License along with thi
   Prerequisites:
 
    * Windows not supported
-   * Ruby >= 1.9.2 - Recommended: 2.1.2
+   * Ruby >= 1.9.2 - Recommended: 2.1.4
    * Curl >= 7.21  - Recommended: latest - FYI the 7.29 has a segfault
    * RubyGems      - Recommended: latest
    * Git
 
+   Windows is not supported.
+
+   If installed from Github update the code base with git pull. The databases are updated with wpscan.rb --update.
+
   -> Installing on Ubuntu:
 
     Before Ubuntu 14.04:
 
         sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev
+        git clone https://github.com/wpscanteam/wpscan.git
+        cd wpscan
+        sudo gem install bundler && bundle install --without test
 
     From Ubuntu 14.04:
 
         sudo apt-get install libcurl4-gnutls-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential
-
         git clone https://github.com/wpscanteam/wpscan.git
         cd wpscan
         sudo gem install bundler && bundle install --without test
@@ -103,8 +110,8 @@ You should have received a copy of the GNU General Public License along with thi
     curl -sSL https://get.rvm.io | bash -s stable
     source ~/.rvm/scripts/rvm
     echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc
-    rvm install 2.1.2
-    rvm use 2.1.2 --default
+    rvm install 2.1.4
+    rvm use 2.1.4 --default
     echo "gem: --no-ri --no-rdoc" > ~/.gemrc
     gem install bundler
     git clone https://github.com/wpscanteam/wpscan.git
@@ -191,12 +198,14 @@ You should have received a copy of the GNU General Public License along with thi
 
 --basic-auth <username:password>  Set the HTTP Basic authentication.
 
---wordlist | -w <wordlist>  Supply a wordlist for the password bruter and do the brute.
+--wordlist | -w <wordlist>  Supply a wordlist for the password brute forcer.
 
 --threads  | -t <number of threads>  The number of threads to use when multi-threading requests.
 
 --username | -U <username>  Only brute force the supplied username.
 
+--usernames  <path-to-file>  Only brute force the usernames from the file.
+
 --cache-ttl <cache-ttl>  Typhoeus cache TTL.
 
 --request-timeout <request-timeout>  Request Timeout.
@@ -213,6 +222,8 @@ You should have received a copy of the GNU General Public License along with thi
 
 --no-color Do not use colors in the output.
 
+--log Save STDOUT to log.txt
+
 ==WPSCAN EXAMPLES==
 
 Do 'non-intrusive' checks...
@@ -250,26 +261,16 @@ Debug output...
 ==WPSTOOLS ARGUMENTS==
 
 -v, --verbose                                                Verbose output
-    --check-vuln-ref-urls, --cvru                            Check all the vulnerabilities reference urls for 404
-    --check-local-vulnerable-files, --clvf LOCAL_DIRECTORY   Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells
-    --generate-plugin-list, --gpl [NUMBER_OF_ITEMS]          Generate a new data/plugins.txt file. (supply number of *items* to parse, default : 1500)
-    --generate-full-plugin-list, --gfpl                      Generate a new full data/plugins.txt file
-    --generate-theme-list, --gtl [NUMBER_OF_ITEMS]           Generate a new data/themes.txt file. (supply number of *items* to parse, default : 200)
-    --generate-full-theme-list, --gftl                       Generate a new full data/themes.txt file
-    --generate-all, --ga                                     Generate a new full plugins, full themes, popular plugins and popular themes list
--s, --stats                                                  Show WpScan Database statistics
-    --spellcheck, --sc                                       Check all files for common spelling mistakes.
+--check-vuln-ref-urls, --cvru                            Check all the vulnerabilities reference urls for 404
+--check-local-vulnerable-files, --clvf LOCAL_DIRECTORY   Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells
+s, --stats                                                  Show WpScan Database statistics.
+--spellcheck, --sc                                       Check all files for common spelling mistakes.
 
 ==WPSTOOLS EXAMPLES==
 
-- Generate a new 'most popular' plugin list, up to 1500 items ...
-ruby wpstools.rb --generate-plugin-list 1500
-
 Locally scan a wordpress installation for vulnerable files or shells:
 ruby wpstools.rb --check-local-vulnerable-files /var/www/wordpress/
 
-Or check https://github.com/fgeek/pyfiscan project.
-
 ===PROJECT HOME===
 
 www.wpscan.org
@@ -286,8 +287,6 @@ https://github.com/wpscanteam/wpscan/issues
 
 http://rdoc.info/github/wpscanteam/wpscan/frames
 
-===SPONSOR===
+===SPECIAL THANKS===
 
-WPScan is sponsored by the RandomStorm Open Source Initiative.
-
-Visit RandomStorm at http://www.randomstorm.com
+RandomStorm - https://www.randomstorm.com

README.md

@@ -1,6 +1,9 @@
 ![alt text](https://raw.githubusercontent.com/wpscanteam/wpscan/gh-pages/wpscan_logo_407x80.png "WPScan - WordPress Security Scanner")
 
-[![Build Status](https://travis-ci.org/wpscanteam/wpscan.png?branch=master)](https://travis-ci.org/wpscanteam/wpscan)
+
+[![Build Status](https://travis-ci.org/wpscanteam/CMSScanner.svg?branch=master)](https://travis-ci.org/wpscanteam/CMSScanner)
+[![Code Climate](https://img.shields.io/codeclimate/github/wpscanteam/wpscan.svg)](https://codeclimate.com/github/wpscanteam/wpscan)
+[![Dependency Status](https://img.shields.io/gemnasium/wpscanteam/wpscan.svg)](https://gemnasium.com/wpscanteam/wpscan)
 
 #### LICENSE
 
@@ -12,6 +15,7 @@ Cases of commercialization are:
 
 - Using WPScan to provide commercial managed/Software-as-a-Service services.
 - Distributing WPScan as a commercial product or as part of one.
+- Using WPScan as a value added service/product.
 
 Cases which do not require a commercial license, and thus fall under the terms of GNU General Public License, include (but are not limited to):
 
@@ -37,18 +41,22 @@ WPScan comes pre-installed on the following Linux distributions:
 
 Prerequisites:
 
-- Ruby >= 1.9.2 - Recommended: 2.1.2
+- Ruby >= 1.9.2 - Recommended: 2.1.4
 - Curl >= 7.21  - Recommended: latest - FYI the 7.29 has a segfault
 - RubyGems      - Recommended: latest
 - Git
 
 Windows is not supported.
+If installed from Github update the code base with ```git pull```. The databases are updated with ```wpscan.rb --update```.
 
 ####Installing on Ubuntu:
 
 Before Ubuntu 14.04:
 
     sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev
+    git clone https://github.com/wpscanteam/wpscan.git
+    cd wpscan
+    sudo gem install bundler && bundle install --without test
 
 From Ubuntu 14.04:
 
@@ -96,8 +104,8 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install
     curl -sSL https://get.rvm.io | bash -s stable
     source ~/.rvm/scripts/rvm
     echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc
-    rvm install 2.1.2
-    rvm use 2.1.2 --default
+    rvm install 2.1.4
+    rvm use 2.1.4 --default
     echo "gem: --no-ri --no-rdoc" > ~/.gemrc
     gem install bundler
     git clone https://github.com/wpscanteam/wpscan.git
@@ -191,12 +199,14 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install
 
     --basic-auth <username:password>  Set the HTTP Basic authentication.
 
-    --wordlist | -w <wordlist>  Supply a wordlist for the password bruter and do the brute.
+    --wordlist | -w <wordlist>  Supply a wordlist for the password brute forcer.
 
     --threads  | -t <number of threads>  The number of threads to use when multi-threading requests.
 
     --username | -U <username>  Only brute force the supplied username.
 
+    --usernames  <path-to-file>  Only brute force the usernames from the file.
+
     --cache-ttl <cache-ttl>  Typhoeus cache TTL.
 
     --request-timeout <request-timeout>  Request Timeout.
@@ -213,6 +223,8 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install
 
     --no-color Do not use colors in the output.
 
+    --log Save STDOUT to log.txt
+
 #### WPSCAN EXAMPLES
 
 Do 'non-intrusive' checks...
@@ -252,31 +264,24 @@ Debug output...
     -v, --verbose                                                Verbose output
         --check-vuln-ref-urls, --cvru                            Check all the vulnerabilities reference urls for 404
         --check-local-vulnerable-files, --clvf LOCAL_DIRECTORY   Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells
-        --generate-plugin-list, --gpl [NUMBER_OF_ITEMS]          Generate a new data/plugins.txt file. (supply number of *items* to parse, default : 1500)
-        --generate-full-plugin-list, --gfpl                      Generate a new full data/plugins.txt file
-        --generate-theme-list, --gtl [NUMBER_OF_ITEMS]           Generate a new data/themes.txt file. (supply number of *items* to parse, default : 200)
-        --generate-full-theme-list, --gftl                       Generate a new full data/themes.txt file
-        --generate-all, --ga                                     Generate a new full plugins, full themes, popular plugins and popular themes list
     -s, --stats                                                  Show WpScan Database statistics.
         --spellcheck, --sc                                       Check all files for common spelling mistakes.
 
 
 #### WPSTOOLS EXAMPLES
 
-Generate a new 'most popular' plugin list, up to 1500 items...
-
-```ruby wpstools.rb --generate-plugin-list 1500```
-
 Locally scan a wordpress installation for vulnerable files or shells:
 
 ```ruby wpstools.rb --check-local-vulnerable-files /var/www/wordpress/```
 
-Or check [pyfiscan](https://github.com/fgeek/pyfiscan) project.
-
 #### PROJECT HOME
 
 [http://www.wpscan.org](http://www.wpscan.org)
 
+#### VULNERABILITY DATABASE
+
+[https://www.wpvulndb.com](https://www.wpvulndb.com)
+
 #### GIT REPOSITORY
 
 [https://github.com/wpscanteam/wpscan](https://github.com/wpscanteam/wpscan)
@@ -289,6 +294,6 @@ Or check [pyfiscan](https://github.com/fgeek/pyfiscan) project.
 
 [http://rdoc.info/github/wpscanteam/wpscan/frames](http://rdoc.info/github/wpscanteam/wpscan/frames)
 
-#### SPONSOR
+#### SPECIAL THANKS
 
-WPScan is sponsored by the [RandomStorm](http://www.randomstorm.com) Open Source Initiative.
+[RandomStorm](https://www.randomstorm.com)

lib/common/cache_file_store.rb

@@ -9,15 +9,17 @@
 #
 
 require 'yaml'
+require 'fileutils'
 
 class CacheFileStore
-  attr_reader :storage_path, :serializer
+  attr_reader :storage_path, :cache_dir, :serializer
 
   # The serializer must have the 2 methods .load and .dump
   #   (Marshal and YAML have them)
   # YAML is Human Readable, contrary to Marshal which store in a binary format
   # Marshal does not need any "require"
   def initialize(storage_path, serializer = Marshal)
+    @cache_dir    = File.expand_path(storage_path)
     @storage_path = File.expand_path(File.join(storage_path, storage_dir))
     @serializer   = serializer
 
@@ -29,16 +31,24 @@ class CacheFileStore
   end
 
   def clean
-    Dir[File.join(@storage_path, '*')].each do |f|
+    # clean old directories
+    Dir[File.join(@cache_dir, '*')].each do |f|
+      if File.directory?(f)
+        # delete directory if create time is older than 4 hours
+        FileUtils.rm_rf(f) if File.mtime(f) < (Time.now - (60*240))
+      else
         File.delete(f) unless File.symlink?(f)
       end
     end
+  end
 
   def read_entry(key)
+    begin
       @serializer.load(File.read(get_entry_file_path(key)))
     rescue
       nil
     end
+  end
 
   def write_entry(key, data_to_store, cache_ttl)
     if cache_ttl > 0

lib/common/collections/wp_items.rb

@@ -14,7 +14,7 @@ class WpItems < Array
     self.wp_target = wp_target
   end
 
-  # @param [String,] argv
+  # @param [String] argv
   #
   # @return [ void ]
   def add(*args)

lib/common/collections/wp_items/detectable.rb

@@ -23,10 +23,7 @@ class WpItems < Array
         homepage_hash:   wp_target.homepage_hash,
         exclude_content: options[:exclude_content] ? %r{#{options[:exclude_content]}} : nil
       }
-
-      # If we only want the vulnerable ones, the passive detection is ignored
-      # Otherwise, a passive detection is performed, and results will be merged
-      results = options[:only_vulnerable] ? new : passive_detection(wp_target, options)
+      results          = passive_detection(wp_target, options)
 
       targets.each do |target_item|
         request = browser.forge_request(target_item.url, request_params)
@@ -55,8 +52,11 @@ class WpItems < Array
 
       # run the remaining requests
       hydra.run
+
+      results.select!(&:vulnerable?) if options[:only_vulnerable]
       results.sort!
-      results # can't just return results.sort because the #sort returns an array, and we want a WpItems
+
+      results  # can't just return results.sort as it would return an array, and we want a WpItems
     end
 
     # @param [ Integer ] targets_size

lib/common/collections/wp_users/output.rb

@@ -38,6 +38,7 @@ class WpUsers < WpItems
       junk = get_equal_string_end(display_names)
       unless junk.nil? or junk.empty?
         self.each do |u|
+          u.display_name ||= ''
           u.display_name = u.display_name.sub(/#{Regexp.escape(junk)}$/, '')
         end
       end

lib/common/common_helper.rb

@@ -34,7 +34,7 @@ WP_VERSIONS_XSD     = File.join(DATA_DIR, 'wp_versions.xsd')
 LOCAL_FILES_XSD     = File.join(DATA_DIR, 'local_vulnerable_files.xsd')
 USER_AGENTS_FILE    = File.join(DATA_DIR, 'user-agents.txt')
 
-WPSCAN_VERSION       = '2.5'
+WPSCAN_VERSION       = '2.6'
 
 $LOAD_PATH.unshift(LIB_DIR)
 $LOAD_PATH.unshift(WPSCAN_LIB_DIR)
@@ -137,7 +137,7 @@ def banner
   puts
   puts '        WordPress Security Scanner by the WPScan Team '
   puts "                       Version #{WPSCAN_VERSION}"
-  puts '     Sponsored by the RandomStorm Open Source Initiative'
+  puts '          Sponsored by Sucuri - https://sucuri.net'
   puts '   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_'
   puts '_______________________________________________________________'
   puts

lib/common/db_updater.rb

@@ -3,7 +3,7 @@
 # DB Updater
 class DbUpdater
   FILES = %w(
-    local_vulnerable_files.xml local_vulnerable_files.xsd malwares.txt
+    local_vulnerable_files.xml local_vulnerable_files.xsd
     plugins_full.txt plugins.txt themes_full.txt themes.txt
     timthumbs.txt user-agents.txt wp_versions.xml wp_versions.xsd
     plugin_vulns.json theme_vulns.json wp_vulns.json
@@ -73,7 +73,7 @@ class DbUpdater
 
     res = Browser.get(file_url, request_params)
     fail "Error while downloading #{file_url}" unless res.code == 200
-    File.write(file_path, res.body)
+    File.open(file_path, 'wb') { |f| f.write(res.body) }
 
     local_file_checksum(filename)
   end

lib/common/hacks.rb

@@ -49,11 +49,11 @@ end
 
 # Override for puts to enable logging
 def puts(o = '')
-  # remove color for logging
-  if o.respond_to?(:gsub)
-    temp = o.gsub(/\e\[\d+m/, '')
+  if $log && o.respond_to?(:gsub)
+    temp = o.gsub(/\e\[\d+m/, '') # remove color for logging
     File.open(LOG_FILE, 'a+') { |f| f.puts(temp) }
   end
+  
   super(o)
 end
 

lib/common/models/vulnerability/urls.rb

@@ -30,7 +30,7 @@ class Vulnerability
     end
 
     def url_id(id)
-      "https://wpvulndb.com/vulnerability/#{id}"
+      "https://wpvulndb.com/vulnerabilities/#{id}"
     end
   end
 end

lib/common/models/wp_item/infos.rb

@@ -12,7 +12,9 @@ class WpItem
 
     # @return [ String,nil ] The url to the readme file, nil if not found
     def readme_url
-      %w{readme.txt README.txt}.each do |readme|
+      # See https://github.com/wpscanteam/wpscan/pull/737#issuecomment-66375445
+      # for any question about the order
+      %w{readme.txt README.txt Readme.txt ReadMe.txt README.TXT readme.TXT}.each do |readme|
         url = @uri.merge(readme).to_s
         return url if url_is_200?(url)
       end

lib/common/models/wp_item/versionable.rb

@@ -13,7 +13,7 @@ class WpItem
         # This check is needed because readme_url can return nil
         if has_readme?
           response = Browser.get(readme_url)
-          @version = response.body[%r{stable tag: #{WpVersion.version_pattern}}i, 1]
+          @version = response.body[%r{(?:stable tag|version): #{WpVersion.version_pattern}}i, 1]
         end
       end
       @version

lib/common/models/wp_theme/childtheme.rb

@@ -3,6 +3,10 @@
 class WpTheme < WpItem
   module Childtheme
 
+    def parent_theme_limit
+      3
+    end
+
     def is_child_theme?
       return true unless @theme_template.nil?
       false

lib/common/models/wp_theme/versionable.rb

@@ -2,16 +2,8 @@
 
 class WpTheme < WpItem
   module Versionable
-
     def version
-      unless @version
-        @version = Browser.get(style_url).body[%r{Version:\s*([^\s]+)}i, 1]
-
-        # Get Version from readme.txt
-        @version ||= super
+      @version ||= Browser.get(style_url).body[%r{Version:\s*([^\s]+)}i, 1]
     end
-      @version
-    end
-
   end
 end

lib/common/models/wp_user/brute_forcable.rb

@@ -25,10 +25,10 @@ class WpUser < WpItem
       hydra        = browser.hydra
       queue_count  = 0
       found        = false
-      progress_bar = self.progress_bar(count_file_lines(wordlist), options)
+      progress_bar = self.progress_bar(count_file_lines(wordlist)+1, options)
 
       File.open(wordlist).each do |password|
-        password.chop!
+        password.chomp!
 
         # A successfull login will redirect us to the redirect_to parameter
         # Generate a random one on each request
@@ -63,6 +63,7 @@ class WpUser < WpItem
 
       # run all of the remaining requests
       hydra.run
+      puts if options[:show_progression] # mandatory to avoid the output of the progressbar to be overriden
     end
 
     # @param [ Integer ] targets_size

lib/common/models/wp_version/findable.rb

@@ -100,18 +100,6 @@ class WpVersion < WpItem
       )
     end
 
-    # Attempts to find the WordPress version from,
-    # the generator tag in the RSS2 feed source.
-    #
-    # Have not been able to find an example of this - Ryan
-    #def find_from_rss2_generator(target_uri)
-    #  scan_url(
-    #    target_uri,
-    #    %r{<generator>http://wordpress.org/?v=(#{WpVersion.version_pattern})</generator>}i,
-    #    'feed/rss/'
-    #  )
-    #end
-
     # Attempts to find the WordPress version from,
     # the generator tag in the Atom source.
     #
@@ -126,18 +114,6 @@ class WpVersion < WpItem
       )
     end
 
-    # Attempts to find the WordPress version from,
-    # the generator tag in the comment rss source.
-    #
-    # Have not been able to find an example of this - Ryan
-    #def find_from_comments_rss_generator(target_uri)
-    # scan_url(
-    # target_uri,
-    # %r{<!-- generator="WordPress/#{WpVersion.version_pattern}" -->}i,
-    # 'comments/feed/'
-    # )
-    #end
-
     # Uses data/wp_versions.xml to try to identify a
     # wordpress version.
     #

lib/wpscan/wp_target.rb

@@ -1,7 +1,6 @@
 # encoding: UTF-8
 
 require 'web_site'
-require 'wp_target/malwares'
 require 'wp_target/wp_readme'
 require 'wp_target/wp_registrable'
 require 'wp_target/wp_config_backup'
@@ -11,7 +10,6 @@ require 'wp_target/wp_custom_directories'
 require 'wp_target/wp_full_path_disclosure'
 
 class WpTarget < WebSite
-  include WpTarget::Malwares
   include WpTarget::WpReadme
   include WpTarget::WpRegistrable
   include WpTarget::WpConfigBackup

lib/wpscan/wp_target/malwares.rb

@@ -1,50 +0,0 @@
-# encoding: UTF-8
-
-class WpTarget < WebSite
-  module Malwares
-    # Used as cache :
-    #   nil => malwares not checked,
-    #   [] => no malwares,
-    #   otherwise array of malwares url found
-    @malwares = nil
-
-    def has_malwares?(malwares_file_path = nil)
-      !malwares(malwares_file_path).empty?
-    end
-
-    # return array of string (url of malwares found)
-    def malwares(malwares_file_path = nil)
-      unless @malwares
-        malwares_found = []
-        malwares_file = Malwares.malwares_file(malwares_file_path)
-        index_page_body = Browser.get(@uri.to_s).body
-
-        File.open(malwares_file, 'r') do |file|
-          file.readlines.collect do |url|
-            chomped_url = url.chomp
-
-            if chomped_url.length > 0
-              malwares_found += index_page_body.scan(Malwares.malware_pattern(chomped_url))
-            end
-          end
-        end
-
-        malwares_found.flatten!
-        malwares_found.uniq!
-
-        @malwares = malwares_found
-      end
-      @malwares
-    end
-
-    def self.malwares_file(malwares_file_path)
-      malwares_file_path || DATA_DIR + '/malwares.txt'
-    end
-
-    def self.malware_pattern(url_regex)
-      # no need to escape regex here, because malware.txt contains regex
-      %r{<(?:script|iframe).* src=(?:"|')(#{url_regex}[^"']*)(?:"|')[^>]*>}i
-    end
-
-  end
-end

lib/wpscan/wpscan_helper.rb

@@ -97,8 +97,9 @@ def help
   puts '                                    If no protocol is given (format host:port), HTTP will be used.'
   puts '--proxy-auth <username:password>    Supply the proxy login credentials.'
   puts '--basic-auth <username:password>    Set the HTTP Basic authentication.'
-  puts '--wordlist | -w <wordlist>          Supply a wordlist for the password bruter and do the brute.'
+  puts '--wordlist | -w <wordlist>          Supply a wordlist for the password brute forcer.'
   puts '--username | -U <username>          Only brute force the supplied username.'
+  puts '--usernames     <path-to-file>      Only brute force the usernames from the file.'
   puts '--threads  | -t <number of threads> The number of threads to use when multi-threading requests.'
   puts '--cache-ttl       <cache-ttl>       Typhoeus cache TTL.'
   puts '--request-timeout <request-timeout> Request Timeout.'
@@ -106,6 +107,7 @@ def help
   puts '--max-threads     <max-threads>     Maximum Threads.'
   puts '--help     | -h                     This help screen.'
   puts '--verbose  | -v                     Verbose output.'
+  puts '--version                           Output the current version and exit.'
   puts
 end
 

lib/wpscan/wpscan_options.rb

@@ -14,6 +14,7 @@ class WpscanOptions
     :enumerate_usernames,
     :enumerate_usernames_range,
     :no_color,
+    :log,
     :proxy,
     :proxy_auth,
     :threads,
@@ -23,6 +24,7 @@ class WpscanOptions
     :update,
     :verbose,
     :username,
+    :usernames,
     :password,
     :follow_redirection,
     :wp_content_dir,
@@ -68,6 +70,12 @@ class WpscanOptions
     end
   end
 
+  def usernames=(file)
+    fail "The file #{file} does not exist" unless File.exists?(file)
+
+    @usernames = file
+  end
+
   def proxy=(proxy)
     if proxy.index(':') == nil
       raise 'Invalid proxy format. Should be host:port.'
@@ -237,6 +245,7 @@ class WpscanOptions
       ['--url', '-u', GetoptLong::REQUIRED_ARGUMENT],
       ['--enumerate', '-e', GetoptLong::OPTIONAL_ARGUMENT],
       ['--username', '-U', GetoptLong::REQUIRED_ARGUMENT],
+      ['--usernames', GetoptLong::REQUIRED_ARGUMENT],
       ['--wordlist', '-w', GetoptLong::REQUIRED_ARGUMENT],
       ['--threads', '-t', GetoptLong::REQUIRED_ARGUMENT],
       ['--force', '-f', GetoptLong::NO_ARGUMENT],
@@ -261,7 +270,8 @@ class WpscanOptions
       ['--max-threads', GetoptLong::REQUIRED_ARGUMENT],
       ['--batch', GetoptLong::NO_ARGUMENT],
       ['--no-color', GetoptLong::NO_ARGUMENT],
-      ['--cookie', GetoptLong::REQUIRED_ARGUMENT]
+      ['--cookie', GetoptLong::REQUIRED_ARGUMENT],
+      ['--log', GetoptLong::NO_ARGUMENT]
     )
   end
 

lib/wpstools/plugins/checker/checker_plugin.rb

@@ -35,7 +35,7 @@ class CheckerPlugin < Plugin
       json.each do |asset|
         asset[asset.keys.inject]['vulnerabilities'].each do |url|
           unless url['url'].nil?
-            url['url'].split(',').each do |url|
+            url['url'].each do |url|
               urls << url
             end
           end

spec/lib/common/cache_file_store_spec.rb

@@ -30,14 +30,15 @@ describe CacheFileStore do
 
   describe '#clean' do
     it "should remove all files from the cache dir (#{@cache_dir}" do
-      # let's create some files into the directory first
-      (0..5).each do |i|
-        File.new(@cache.storage_path + "/file_#{i}.txt", File::CREAT)
-      end
-
-      expect(count_files_in_dir(@cache.storage_path, 'file_*.txt')).to eq 6
+      # clean is executed by other tests before
+      before = count_files_in_dir(@cache.cache_dir)
+      test_dir = File.expand_path("#{@cache.cache_dir}/test")
+      Dir.mkdir test_dir
+      #change the modification date
+      %x[ touch -t 200701310846.26 #{test_dir} ]
+      expect(count_files_in_dir(@cache.cache_dir)).to eq (before + 1)
       @cache.clean
-      expect(count_files_in_dir(@cache.storage_path)).to eq 0
+      expect(count_files_in_dir(@cache.cache_dir)).to eq before
     end
   end
 

spec/lib/common/collections/wp_users/output_spec.rb

@@ -25,19 +25,19 @@ describe 'WpUsers::Output' do
       subject.push(@input)
       subject.flatten!
       subject.remove_junk_from_display_names
-      expect(subject).to be === @expected
+      expect(subject).to eq @expected
     end
 
-    it 'should return an empty array' do
+    it 'returns an empty array' do
       @expected = @input
     end
 
-    it 'should return input object' do
+    it 'returns input object' do
       @input.push(WpUser.new(nil))
       @expected = @input
     end
 
-    it 'should return input object' do
+    it 'returns input object' do
       @input.push(WpUser.new(''))
       @expected = @input
     end
@@ -50,23 +50,37 @@ describe 'WpUsers::Output' do
       @expected.push(WpUser.new('', login: '', id: 2, display_name: 'ijrjd'))
     end
 
-    it 'should return unmodified input object' do
+    it 'returns unmodified input object' do
       @input.push(WpUser.new('', login: '', id: 1, display_name: 'lkjh asdfa'))
       @input.push(WpUser.new('', login: '', id: 2, display_name: 'ijrjd asdf'))
       @expected = @input
     end
 
-    it 'should return input object' do
+    it 'returns input object' do
       @input.push(WpUser.new('', login: '', id: 1, display_name: 'lkjh asdf'))
       @expected = @input
     end
 
-    it 'should return an empty display_name' do
+    it 'returns an empty display_name' do
       @input.push(WpUser.new('', login: '', id: 1, display_name: 'lkhj asdf'))
       @input.push(WpUser.new('', login: '', id: 2, display_name: 'lkhj asdf'))
       @expected = WpUsers.new(0)
       @expected.push(WpUser.new('', login: '', id: 1, display_name: ''))
       @expected.push(WpUser.new('', login: '', id: 2, display_name: ''))
     end
+
+    context 'when a user has no display_name' do
+      it 'returns an empty display_name' do
+        @input.push(WpUser.new('', login: '', id: 1, display_name: 'lkhj asdf'))
+        @input.push(WpUser.new('', login: '', id: 2, display_name: 'lkhj asdf'))
+        @input.push(WpUser.new('', login: '', id: 3))
+
+        @expected = WpUsers.new(0)
+
+        (1..3).each do |id|
+          @expected.push(WpUser.new('', login: '', id: id, display_name: ''))
+        end
+      end
+    end
   end
 end

spec/lib/wpscan/wp_target_spec.rb

@@ -18,7 +18,6 @@ describe WpTarget do
 
   before { Browser::reset }
 
-  it_behaves_like 'WpTarget::Malwares'
   it_behaves_like 'WpTarget::WpReadme'
   it_behaves_like 'WpTarget::WpRegistrable'
   it_behaves_like 'WpTarget::WpConfigBackup'

spec/samples/common/models/wp_item/versionable/wp-photo-plus-5.1.15.txt

@@ -0,0 +1,9 @@
+=== WP Photo Album Plus ===
+Contributors: opajaap
+Tags: photo, album, photoalbum, gallery, slideshow, sidebar widget, photowidget, photoblog, widget, qtranslate, cubepoints, multisite, network, lightbox, comment, watermark, iptc, exif, responsive, mobile
+Stable tag: trunk
+Version: 5.1.15
+Author: J.N. Breetvelt
+Author URI: http://www.opajaap.nl/
+Requires at least: 3.1
+Tested up to: 3.7.1

spec/samples/wpscan/wp_target/malwares/clean.html

@@ -1,137 +0,0 @@
-<!DOCTYPE html>
-<!--[if IE 6]>
-<html id="ie6" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 7]>
-<html id="ie7" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 8]>
-<html id="ie8" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if !(IE 6) | !(IE 7) | !(IE 8)  ]><!-->
-<html dir="ltr" lang="en-US">
-<!--<![endif]-->
-<head>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width" />
-<title>Wordpress 3.3.2 | Just another WordPress site</title>
-<link rel="profile" href="http://gmpg.org/xfn/11" />
-<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/style.css" />
-<link rel="pingback" href="http://lamp/wordpress-3.3.2/xmlrpc.php" />
-<!--[if lt IE 9]>
-<script src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
-<![endif]-->
-<meta name='robots' content='noindex,nofollow' />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Feed" href="http://lamp/wordpress-3.3.2/?feed=rss2" />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Comments Feed" href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" />
-<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.3.2/xmlrpc.php?rsd" />
-<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.3.2/wp-includes/wlwmanifest.xml" /> 
-<meta name="generator" content="WordPress 3.3.2" />
-	<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
-</head>
-
-<body class="home blog single-author two-column right-sidebar">
-<div id="page" class="hfeed">
-	<header id="branding" role="banner">
-			<hgroup>
-				<h1 id="site-title"><span><a href="http://lamp/wordpress-3.3.2/" title="Wordpress 3.3.2" rel="home">Wordpress 3.3.2</a></span></h1>
-				<h2 id="site-description">Just another WordPress site</h2>
-			</hgroup>
-
-						<a href="http://lamp/wordpress-3.3.2/">
-									<img src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/images/headers/pine-cone.jpg" width="1000" height="288" alt="" />
-							</a>
-			
-								<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-			
-			<nav id="access" role="navigation">
-				<h3 class="assistive-text">Main menu</h3>
-								<div class="skip-link"><a class="assistive-text" href="#content" title="Skip to primary content">Skip to primary content</a></div>
-				<div class="skip-link"><a class="assistive-text" href="#secondary" title="Skip to secondary content">Skip to secondary content</a></div>
-								<div class="menu"><ul><li class="current_page_item"><a href="http://lamp/wordpress-3.3.2/" title="Home">Home</a></li><li class="page_item page-item-2"><a href="http://lamp/wordpress-3.3.2/?page_id=2">Sample Page</a></li></ul></div>
-			</nav><!-- #access -->
-	</header><!-- #branding -->
-
-
-	<div id="main">
-		<div id="primary">
-			<div id="content" role="main">
-
-			
-				
-								
-					
-	<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
-		<header class="entry-header">
-						<h1 class="entry-title"><a href="http://lamp/wordpress-3.3.2/?p=1" title="Permalink to Hello world!" rel="bookmark">Hello world!</a></h1>
-			
-						<div class="entry-meta">
-				<span class="sep">Posted on </span><a href="http://lamp/wordpress-3.3.2/?p=1" title="1:05 pm" rel="bookmark"><time class="entry-date" datetime="2012-05-02T13:05:44+00:00" pubdate>May 2, 2012</time></a><span class="by-author"> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="http://lamp/wordpress-3.3.2/?author=1" title="View all posts by admin" rel="author">admin</a></span></span>			</div><!-- .entry-meta -->
-			
-						<div class="comments-link">
-				<a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!">2</a>			</div>
-					</header><!-- .entry-header -->
-
-				<div class="entry-content">
-			<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
-					</div><!-- .entry-content -->
-		
-		<footer class="entry-meta">
-												<span class="cat-links">
-				<span class="entry-utility-prep entry-utility-prep-cat-links">Posted in</span> <a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a>			</span>
-									
-									<span class="sep"> | </span>
-						<span class="comments-link"><a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!"><b>2</b> Replies</a></span>
-			
-					</footer><!-- #entry-meta -->
-	</article><!-- #post-1 -->
-
-				
-				
-			
-			</div><!-- #content -->
-		</div><!-- #primary -->
-
-		<div id="secondary" class="widget-area" role="complementary">
-			<aside id="search-2" class="widget widget_search">	<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-</aside>		<aside id="recent-posts-2" class="widget widget_recent_entries">		<h3 class="widget-title">Recent Posts</h3>		<ul>
-				<li><a href="http://lamp/wordpress-3.3.2/?p=1" title="Hello world!">Hello world!</a></li>
-				</ul>
-		</aside><aside id="recent-comments-2" class="widget widget_recent_comments"><h3 class="widget-title">Recent Comments</h3><ul id="recentcomments"><li class="recentcomments">Pwet on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-2">Hello world!</a></li><li class="recentcomments"><a href='http://wordpress.org/' rel='external nofollow' class='url'>Mr WordPress</a> on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-1">Hello world!</a></li></ul></aside><aside id="archives-2" class="widget widget_archive"><h3 class="widget-title">Archives</h3>		<ul>
-			<li><a href='http://lamp/wordpress-3.3.2/?m=201205' title='May 2012'>May 2012</a></li>
-		</ul>
-</aside><aside id="categories-2" class="widget widget_categories"><h3 class="widget-title">Categories</h3>		<ul>
-	<li class="cat-item cat-item-1"><a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts filed under Uncategorized">Uncategorized</a>
-</li>
-		</ul>
-</aside><aside id="meta-2" class="widget widget_meta"><h3 class="widget-title">Meta</h3>			<ul>
-						<li><a href="http://lamp/wordpress-3.3.2/wp-login.php">Log in</a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=rss2" title="Syndicate this site using RSS 2.0">Entries <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" title="The latest comments to all posts in RSS">Comments <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress.org</a></li>
-						</ul>
-</aside>		</div><!-- #secondary .widget-area -->
-
-	</div><!-- #main -->
-
-	<footer id="colophon" role="contentinfo">
-
-			
-
-			<div id="site-generator">
-								<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform" rel="generator">Proudly powered by WordPress</a>
-			</div>
-	</footer><!-- #colophon -->
-</div><!-- #page -->
-
-
-</body>
-</html>

spec/samples/wpscan/wp_target/malwares/malwares.txt

@@ -1,3 +0,0 @@
-http://.*.rr.nu
-http://www.thesea.org/media.php
-

spec/samples/wpscan/wp_target/malwares/multiple-infections.html

@@ -1,145 +0,0 @@
-<!DOCTYPE html>
-<!--[if IE 6]>
-<html id="ie6" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 7]>
-<html id="ie7" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 8]>
-<html id="ie8" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if !(IE 6) | !(IE 7) | !(IE 8)  ]><!-->
-<html dir="ltr" lang="en-US">
-<!--<![endif]-->
-<head>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width" />
-<title>Wordpress 3.3.2 | Just another WordPress site</title>
-<link rel="profile" href="http://gmpg.org/xfn/11" />
-<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/style.css" />
-<link rel="pingback" href="http://lamp/wordpress-3.3.2/xmlrpc.php" />
-<!--[if lt IE 9]>
-<script src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
-<![endif]-->
-<!--
-
-  INFECTED : (commented to prevent real infection) 
-  <script src="http://irstde24clined.rr.nu/mm.php?d=1"></script>
-  <script src='http://atio79srem.rr.nu/pmg.php?dr=1'></script>
-  <script type="text/javascript">document.write('<iframe src="http://www.thesea.org/media.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>');</script>
-
--->
-<meta name='robots' content='noindex,nofollow' />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Feed" href="http://lamp/wordpress-3.3.2/?feed=rss2" />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Comments Feed" href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" />
-<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.3.2/xmlrpc.php?rsd" />
-<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.3.2/wp-includes/wlwmanifest.xml" /> 
-<meta name="generator" content="WordPress 3.3.2" />
-	<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
-</head>
-
-<body class="home blog single-author two-column right-sidebar">
-<div id="page" class="hfeed">
-	<header id="branding" role="banner">
-			<hgroup>
-				<h1 id="site-title"><span><a href="http://lamp/wordpress-3.3.2/" title="Wordpress 3.3.2" rel="home">Wordpress 3.3.2</a></span></h1>
-				<h2 id="site-description">Just another WordPress site</h2>
-			</hgroup>
-
-						<a href="http://lamp/wordpress-3.3.2/">
-									<img src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/images/headers/pine-cone.jpg" width="1000" height="288" alt="" />
-							</a>
-			
-								<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-			
-			<nav id="access" role="navigation">
-				<h3 class="assistive-text">Main menu</h3>
-								<div class="skip-link"><a class="assistive-text" href="#content" title="Skip to primary content">Skip to primary content</a></div>
-				<div class="skip-link"><a class="assistive-text" href="#secondary" title="Skip to secondary content">Skip to secondary content</a></div>
-								<div class="menu"><ul><li class="current_page_item"><a href="http://lamp/wordpress-3.3.2/" title="Home">Home</a></li><li class="page_item page-item-2"><a href="http://lamp/wordpress-3.3.2/?page_id=2">Sample Page</a></li></ul></div>
-			</nav><!-- #access -->
-	</header><!-- #branding -->
-
-
-	<div id="main">
-		<div id="primary">
-			<div id="content" role="main">
-
-			
-				
-								
-					
-	<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
-		<header class="entry-header">
-						<h1 class="entry-title"><a href="http://lamp/wordpress-3.3.2/?p=1" title="Permalink to Hello world!" rel="bookmark">Hello world!</a></h1>
-			
-						<div class="entry-meta">
-				<span class="sep">Posted on </span><a href="http://lamp/wordpress-3.3.2/?p=1" title="1:05 pm" rel="bookmark"><time class="entry-date" datetime="2012-05-02T13:05:44+00:00" pubdate>May 2, 2012</time></a><span class="by-author"> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="http://lamp/wordpress-3.3.2/?author=1" title="View all posts by admin" rel="author">admin</a></span></span>			</div><!-- .entry-meta -->
-			
-						<div class="comments-link">
-				<a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!">2</a>			</div>
-					</header><!-- .entry-header -->
-
-				<div class="entry-content">
-			<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
-					</div><!-- .entry-content -->
-		
-		<footer class="entry-meta">
-												<span class="cat-links">
-				<span class="entry-utility-prep entry-utility-prep-cat-links">Posted in</span> <a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a>			</span>
-									
-									<span class="sep"> | </span>
-						<span class="comments-link"><a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!"><b>2</b> Replies</a></span>
-			
-					</footer><!-- #entry-meta -->
-	</article><!-- #post-1 -->
-
-				
-				
-			
-			</div><!-- #content -->
-		</div><!-- #primary -->
-
-		<div id="secondary" class="widget-area" role="complementary">
-			<aside id="search-2" class="widget widget_search">	<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-</aside>		<aside id="recent-posts-2" class="widget widget_recent_entries">		<h3 class="widget-title">Recent Posts</h3>		<ul>
-				<li><a href="http://lamp/wordpress-3.3.2/?p=1" title="Hello world!">Hello world!</a></li>
-				</ul>
-		</aside><aside id="recent-comments-2" class="widget widget_recent_comments"><h3 class="widget-title">Recent Comments</h3><ul id="recentcomments"><li class="recentcomments">Pwet on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-2">Hello world!</a></li><li class="recentcomments"><a href='http://wordpress.org/' rel='external nofollow' class='url'>Mr WordPress</a> on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-1">Hello world!</a></li></ul></aside><aside id="archives-2" class="widget widget_archive"><h3 class="widget-title">Archives</h3>		<ul>
-			<li><a href='http://lamp/wordpress-3.3.2/?m=201205' title='May 2012'>May 2012</a></li>
-		</ul>
-</aside><aside id="categories-2" class="widget widget_categories"><h3 class="widget-title">Categories</h3>		<ul>
-	<li class="cat-item cat-item-1"><a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts filed under Uncategorized">Uncategorized</a>
-</li>
-		</ul>
-</aside><aside id="meta-2" class="widget widget_meta"><h3 class="widget-title">Meta</h3>			<ul>
-						<li><a href="http://lamp/wordpress-3.3.2/wp-login.php">Log in</a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=rss2" title="Syndicate this site using RSS 2.0">Entries <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" title="The latest comments to all posts in RSS">Comments <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress.org</a></li>
-						</ul>
-</aside>		</div><!-- #secondary .widget-area -->
-
-	</div><!-- #main -->
-
-	<footer id="colophon" role="contentinfo">
-
-			
-
-			<div id="site-generator">
-								<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform" rel="generator">Proudly powered by WordPress</a>
-			</div>
-	</footer><!-- #colophon -->
-</div><!-- #page -->
-
-
-</body>
-</html>

spec/samples/wpscan/wp_target/malwares/single-iframe-infection.html

@@ -1,143 +0,0 @@
-<!DOCTYPE html>
-<!--[if IE 6]>
-<html id="ie6" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 7]>
-<html id="ie7" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 8]>
-<html id="ie8" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if !(IE 6) | !(IE 7) | !(IE 8)  ]><!-->
-<html dir="ltr" lang="en-US">
-<!--<![endif]-->
-<head>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width" />
-<title>Wordpress 3.3.2 | Just another WordPress site</title>
-<link rel="profile" href="http://gmpg.org/xfn/11" />
-<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/style.css" />
-<link rel="pingback" href="http://lamp/wordpress-3.3.2/xmlrpc.php" />
-<!--[if lt IE 9]>
-<script src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
-<![endif]-->
-<!--
-
-  INFECTED : (commented to prevent real infection) 
-  <iframe name="Twitter" src="http://www.thesea.org/media.php" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>
-
--->
-<meta name='robots' content='noindex,nofollow' />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Feed" href="http://lamp/wordpress-3.3.2/?feed=rss2" />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Comments Feed" href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" />
-<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.3.2/xmlrpc.php?rsd" />
-<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.3.2/wp-includes/wlwmanifest.xml" /> 
-<meta name="generator" content="WordPress 3.3.2" />
-	<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
-</head>
-
-<body class="home blog single-author two-column right-sidebar">
-<div id="page" class="hfeed">
-	<header id="branding" role="banner">
-			<hgroup>
-				<h1 id="site-title"><span><a href="http://lamp/wordpress-3.3.2/" title="Wordpress 3.3.2" rel="home">Wordpress 3.3.2</a></span></h1>
-				<h2 id="site-description">Just another WordPress site</h2>
-			</hgroup>
-
-						<a href="http://lamp/wordpress-3.3.2/">
-									<img src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/images/headers/pine-cone.jpg" width="1000" height="288" alt="" />
-							</a>
-			
-								<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-			
-			<nav id="access" role="navigation">
-				<h3 class="assistive-text">Main menu</h3>
-								<div class="skip-link"><a class="assistive-text" href="#content" title="Skip to primary content">Skip to primary content</a></div>
-				<div class="skip-link"><a class="assistive-text" href="#secondary" title="Skip to secondary content">Skip to secondary content</a></div>
-								<div class="menu"><ul><li class="current_page_item"><a href="http://lamp/wordpress-3.3.2/" title="Home">Home</a></li><li class="page_item page-item-2"><a href="http://lamp/wordpress-3.3.2/?page_id=2">Sample Page</a></li></ul></div>
-			</nav><!-- #access -->
-	</header><!-- #branding -->
-
-
-	<div id="main">
-		<div id="primary">
-			<div id="content" role="main">
-
-			
-				
-								
-					
-	<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
-		<header class="entry-header">
-						<h1 class="entry-title"><a href="http://lamp/wordpress-3.3.2/?p=1" title="Permalink to Hello world!" rel="bookmark">Hello world!</a></h1>
-			
-						<div class="entry-meta">
-				<span class="sep">Posted on </span><a href="http://lamp/wordpress-3.3.2/?p=1" title="1:05 pm" rel="bookmark"><time class="entry-date" datetime="2012-05-02T13:05:44+00:00" pubdate>May 2, 2012</time></a><span class="by-author"> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="http://lamp/wordpress-3.3.2/?author=1" title="View all posts by admin" rel="author">admin</a></span></span>			</div><!-- .entry-meta -->
-			
-						<div class="comments-link">
-				<a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!">2</a>			</div>
-					</header><!-- .entry-header -->
-
-				<div class="entry-content">
-			<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
-					</div><!-- .entry-content -->
-		
-		<footer class="entry-meta">
-												<span class="cat-links">
-				<span class="entry-utility-prep entry-utility-prep-cat-links">Posted in</span> <a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a>			</span>
-									
-									<span class="sep"> | </span>
-						<span class="comments-link"><a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!"><b>2</b> Replies</a></span>
-			
-					</footer><!-- #entry-meta -->
-	</article><!-- #post-1 -->
-
-				
-				
-			
-			</div><!-- #content -->
-		</div><!-- #primary -->
-
-		<div id="secondary" class="widget-area" role="complementary">
-			<aside id="search-2" class="widget widget_search">	<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-</aside>		<aside id="recent-posts-2" class="widget widget_recent_entries">		<h3 class="widget-title">Recent Posts</h3>		<ul>
-				<li><a href="http://lamp/wordpress-3.3.2/?p=1" title="Hello world!">Hello world!</a></li>
-				</ul>
-		</aside><aside id="recent-comments-2" class="widget widget_recent_comments"><h3 class="widget-title">Recent Comments</h3><ul id="recentcomments"><li class="recentcomments">Pwet on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-2">Hello world!</a></li><li class="recentcomments"><a href='http://wordpress.org/' rel='external nofollow' class='url'>Mr WordPress</a> on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-1">Hello world!</a></li></ul></aside><aside id="archives-2" class="widget widget_archive"><h3 class="widget-title">Archives</h3>		<ul>
-			<li><a href='http://lamp/wordpress-3.3.2/?m=201205' title='May 2012'>May 2012</a></li>
-		</ul>
-</aside><aside id="categories-2" class="widget widget_categories"><h3 class="widget-title">Categories</h3>		<ul>
-	<li class="cat-item cat-item-1"><a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts filed under Uncategorized">Uncategorized</a>
-</li>
-		</ul>
-</aside><aside id="meta-2" class="widget widget_meta"><h3 class="widget-title">Meta</h3>			<ul>
-						<li><a href="http://lamp/wordpress-3.3.2/wp-login.php">Log in</a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=rss2" title="Syndicate this site using RSS 2.0">Entries <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" title="The latest comments to all posts in RSS">Comments <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress.org</a></li>
-						</ul>
-</aside>		</div><!-- #secondary .widget-area -->
-
-	</div><!-- #main -->
-
-	<footer id="colophon" role="contentinfo">
-
-			
-
-			<div id="site-generator">
-								<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform" rel="generator">Proudly powered by WordPress</a>
-			</div>
-	</footer><!-- #colophon -->
-</div><!-- #page -->
-
-
-</body>
-</html>

spec/samples/wpscan/wp_target/malwares/single-infection.html

@@ -1,143 +0,0 @@
-<!DOCTYPE html>
-<!--[if IE 6]>
-<html id="ie6" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 7]>
-<html id="ie7" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if IE 8]>
-<html id="ie8" dir="ltr" lang="en-US">
-<![endif]-->
-<!--[if !(IE 6) | !(IE 7) | !(IE 8)  ]><!-->
-<html dir="ltr" lang="en-US">
-<!--<![endif]-->
-<head>
-<meta charset="UTF-8" />
-<meta name="viewport" content="width=device-width" />
-<title>Wordpress 3.3.2 | Just another WordPress site</title>
-<link rel="profile" href="http://gmpg.org/xfn/11" />
-<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/style.css" />
-<link rel="pingback" href="http://lamp/wordpress-3.3.2/xmlrpc.php" />
-<!--[if lt IE 9]>
-<script src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
-<![endif]-->
-<!--
-
-  INFECTED : (commented to prevent real infection) 
-  <script src="http://irstde24clined.rr.nu/mm.php?d=1"></script>
-
--->
-<meta name='robots' content='noindex,nofollow' />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Feed" href="http://lamp/wordpress-3.3.2/?feed=rss2" />
-<link rel="alternate" type="application/rss+xml" title="Wordpress 3.3.2 &raquo; Comments Feed" href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" />
-<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.3.2/xmlrpc.php?rsd" />
-<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.3.2/wp-includes/wlwmanifest.xml" /> 
-<meta name="generator" content="WordPress 3.3.2" />
-	<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
-</head>
-
-<body class="home blog single-author two-column right-sidebar">
-<div id="page" class="hfeed">
-	<header id="branding" role="banner">
-			<hgroup>
-				<h1 id="site-title"><span><a href="http://lamp/wordpress-3.3.2/" title="Wordpress 3.3.2" rel="home">Wordpress 3.3.2</a></span></h1>
-				<h2 id="site-description">Just another WordPress site</h2>
-			</hgroup>
-
-						<a href="http://lamp/wordpress-3.3.2/">
-									<img src="http://lamp/wordpress-3.3.2/wp-content/themes/twentyeleven/images/headers/pine-cone.jpg" width="1000" height="288" alt="" />
-							</a>
-			
-								<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-			
-			<nav id="access" role="navigation">
-				<h3 class="assistive-text">Main menu</h3>
-								<div class="skip-link"><a class="assistive-text" href="#content" title="Skip to primary content">Skip to primary content</a></div>
-				<div class="skip-link"><a class="assistive-text" href="#secondary" title="Skip to secondary content">Skip to secondary content</a></div>
-								<div class="menu"><ul><li class="current_page_item"><a href="http://lamp/wordpress-3.3.2/" title="Home">Home</a></li><li class="page_item page-item-2"><a href="http://lamp/wordpress-3.3.2/?page_id=2">Sample Page</a></li></ul></div>
-			</nav><!-- #access -->
-	</header><!-- #branding -->
-
-
-	<div id="main">
-		<div id="primary">
-			<div id="content" role="main">
-
-			
-				
-								
-					
-	<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
-		<header class="entry-header">
-						<h1 class="entry-title"><a href="http://lamp/wordpress-3.3.2/?p=1" title="Permalink to Hello world!" rel="bookmark">Hello world!</a></h1>
-			
-						<div class="entry-meta">
-				<span class="sep">Posted on </span><a href="http://lamp/wordpress-3.3.2/?p=1" title="1:05 pm" rel="bookmark"><time class="entry-date" datetime="2012-05-02T13:05:44+00:00" pubdate>May 2, 2012</time></a><span class="by-author"> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="http://lamp/wordpress-3.3.2/?author=1" title="View all posts by admin" rel="author">admin</a></span></span>			</div><!-- .entry-meta -->
-			
-						<div class="comments-link">
-				<a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!">2</a>			</div>
-					</header><!-- .entry-header -->
-
-				<div class="entry-content">
-			<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
-					</div><!-- .entry-content -->
-		
-		<footer class="entry-meta">
-												<span class="cat-links">
-				<span class="entry-utility-prep entry-utility-prep-cat-links">Posted in</span> <a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a>			</span>
-									
-									<span class="sep"> | </span>
-						<span class="comments-link"><a href="http://lamp/wordpress-3.3.2/?p=1#comments" title="Comment on Hello world!"><b>2</b> Replies</a></span>
-			
-					</footer><!-- #entry-meta -->
-	</article><!-- #post-1 -->
-
-				
-				
-			
-			</div><!-- #content -->
-		</div><!-- #primary -->
-
-		<div id="secondary" class="widget-area" role="complementary">
-			<aside id="search-2" class="widget widget_search">	<form method="get" id="searchform" action="http://lamp/wordpress-3.3.2/">
-		<label for="s" class="assistive-text">Search</label>
-		<input type="text" class="field" name="s" id="s" placeholder="Search" />
-		<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
-	</form>
-</aside>		<aside id="recent-posts-2" class="widget widget_recent_entries">		<h3 class="widget-title">Recent Posts</h3>		<ul>
-				<li><a href="http://lamp/wordpress-3.3.2/?p=1" title="Hello world!">Hello world!</a></li>
-				</ul>
-		</aside><aside id="recent-comments-2" class="widget widget_recent_comments"><h3 class="widget-title">Recent Comments</h3><ul id="recentcomments"><li class="recentcomments">Pwet on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-2">Hello world!</a></li><li class="recentcomments"><a href='http://wordpress.org/' rel='external nofollow' class='url'>Mr WordPress</a> on <a href="http://lamp/wordpress-3.3.2/?p=1#comment-1">Hello world!</a></li></ul></aside><aside id="archives-2" class="widget widget_archive"><h3 class="widget-title">Archives</h3>		<ul>
-			<li><a href='http://lamp/wordpress-3.3.2/?m=201205' title='May 2012'>May 2012</a></li>
-		</ul>
-</aside><aside id="categories-2" class="widget widget_categories"><h3 class="widget-title">Categories</h3>		<ul>
-	<li class="cat-item cat-item-1"><a href="http://lamp/wordpress-3.3.2/?cat=1" title="View all posts filed under Uncategorized">Uncategorized</a>
-</li>
-		</ul>
-</aside><aside id="meta-2" class="widget widget_meta"><h3 class="widget-title">Meta</h3>			<ul>
-						<li><a href="http://lamp/wordpress-3.3.2/wp-login.php">Log in</a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=rss2" title="Syndicate this site using RSS 2.0">Entries <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://lamp/wordpress-3.3.2/?feed=comments-rss2" title="The latest comments to all posts in RSS">Comments <abbr title="Really Simple Syndication">RSS</abbr></a></li>
-			<li><a href="http://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress.org</a></li>
-						</ul>
-</aside>		</div><!-- #secondary .widget-area -->
-
-	</div><!-- #main -->
-
-	<footer id="colophon" role="contentinfo">
-
-			
-
-			<div id="site-generator">
-								<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform" rel="generator">Proudly powered by WordPress</a>
-			</div>
-	</footer><!-- #colophon -->
-</div><!-- #page -->
-
-
-</body>
-</html>

spec/shared_examples/wp_item_infos.rb

@@ -8,7 +8,7 @@ shared_examples 'WpItem::Infos' do
   #  let(:error_log_url) { }
 
   describe '#readme_url' do
-    after { expect(subject.readme_url).to be === @expected }
+    after { expect(subject.readme_url).to eql @expected }
 
     it 'returns nil' do
       stub_request(:get, /.*/).to_return(status: 404)
@@ -16,7 +16,7 @@ shared_examples 'WpItem::Infos' do
     end
 
     context 'when the file exists' do
-      %w{readme.txt README.txt}.each do |readme|
+      %w{readme.txt README.TXT}.each do |readme|
         it 'returns the correct url' do
           url       = uri.merge(readme).to_s
           @expected = url
@@ -31,7 +31,7 @@ shared_examples 'WpItem::Infos' do
   describe '#has_readme?' do
     after do
       allow(subject).to receive_messages(readme_url: @stub)
-      expect(subject.has_readme?).to be === @expected
+      expect(subject.has_readme?).to eql @expected
     end
 
     context 'when readme_url is nil'
@@ -56,7 +56,7 @@ shared_examples 'WpItem::Infos' do
   describe '#has_changelog?' do
     after :each do
       stub_request(:get, subject.changelog_url).to_return(status: @status)
-      expect(subject.has_changelog?).to be === @expected
+      expect(subject.has_changelog?).to eql @expected
     end
 
     it 'returns true on a 200' do
@@ -73,7 +73,7 @@ shared_examples 'WpItem::Infos' do
   describe '#has_directory_listing?' do
     after do
       stub_request(:get, subject.uri.to_s).to_return(@stub_return)
-      expect(subject.has_directory_listing?).to be === @expected
+      expect(subject.has_directory_listing?).to eql @expected
     end
 
     context 'when the body contains <title>Index of' do
@@ -103,11 +103,11 @@ shared_examples 'WpItem::Infos' do
   describe '#has_error_log?' do
     after do
       stub_request(:get, subject.error_log_url).to_return(@stub_return)
-      expect(subject.has_error_log?).to be === @expected
+      expect(subject.has_error_log?).to eql @expected
     end
 
     it 'returns true if the pattern is detected' do
-      @stub_return = { status: 200, body: File.new( MODELS_FIXTURES + '/wp_item/error_log') }
+      @stub_return = { status: 200, body: File.new(MODELS_FIXTURES + '/wp_item/error_log') }
       @expected    = true
     end
 

spec/shared_examples/wp_item_versionable.rb

@@ -27,11 +27,20 @@ shared_examples 'WpItem::Versionable' do
       end
 
       context 'when the version is valid' do
+        context 'when leaked from the stable tag' do
           it 'returns it' do
             @file     = '/simple-login-lockdown-0.4.txt'
             @expected = '0.4'
           end
         end
+
+        context 'when leaked from the version' do
+          it 'returns it' do
+            @file     = '/wp-photo-plus-5.1.15.txt'
+            @expected = '5.1.15'
+          end
+        end
+      end
     end
   end
 

spec/shared_examples/wp_target/malwares.rb

@@ -1,55 +0,0 @@
-# encoding: UTF-8
-
-shared_examples 'WpTarget::Malwares' do
-
-  let(:fixtures_dir)  { SPEC_FIXTURES_WPSCAN_WP_TARGET_DIR + '/malwares' }
-  let(:malwares_file) { fixtures_dir + '/malwares.txt' }
-
-  describe '#malwares_file' do
-    it 'returns the correct file path' do
-      expect(WpTarget::Malwares.malwares_file(malwares_file)).to be === malwares_file
-    end
-  end
-
-  describe '#malwares & #has_malwares' do
-    after :each do
-      if @fixture
-        stub_request_to_fixture(
-          url: wp_target.url, fixture: File.new(File.join(fixtures_dir, @fixture))
-        )
-      end
-
-      malwares = wp_target.malwares(malwares_file)
-
-      expect(malwares.sort).to be === @expected.sort
-      expect(wp_target.has_malwares?).to be === (@expected.empty? ? false : true)
-    end
-
-    it 'returns an empty array on a 404' do
-      stub_request(:get, wp_target.url).to_return(status: 404)
-
-      @expected = []
-    end
-
-    it 'returns an array empty array if no infection found' do
-      @fixture  = '/clean.html'
-      @expected = []
-    end
-
-    it 'returns an array with 1 malware url (.rr.nu check)' do
-      @fixture  = '/single-infection.html'
-      @expected = ['http://irstde24clined.rr.nu/mm.php?d=1']
-    end
-
-    it 'returns an array with 1 malware url (iframe check)' do
-      @fixture  = '/single-iframe-infection.html'
-      @expected = ['http://www.thesea.org/media.php']
-    end
-
-    it 'returns an array with 3 malwares url' do
-      @fixture  = '/multiple-infections.html'
-      @expected = ['http://irstde24clined.rr.nu/mm.php?d=1', 'http://atio79srem.rr.nu/pmg.php?dr=1', 'http://www.thesea.org/media.php']
-    end
-  end
-
-end

spec/shared_examples/wp_theme_versionable.rb

@@ -21,28 +21,11 @@ shared_examples 'WpTheme::Versionable' do
     end
 
     context 'when the version is not found' do
-      let(:file)       { 'twentyeleven-unknow.css' }
-      let(:readme_url) { subject.uri.merge('readme.txt').to_s }
-
-      context 'from the style_url' do
-        it 'gets it from the readme' do
-          stub_request(:get, readme_url).to_return(status: 200, body: 'Stable Tag: 1.3.4')
-
-          @file     = file
-          @expected = '1.3.4'
-        end
-      end
-
-      context 'from both style & readme' do
       it 'returns nil' do
-          allow(subject).to receive_messages(readme_url: readme_url)
-          stub_request(:get, readme_url).to_return(status: 404)
-
-          @file     = file
+        @file     = 'twentyeleven-unknow.css'
         @expected = nil
       end
     end
-    end
 
     context 'when the stylesheet is inline' do
       it 'returns the correct version' do

wpscan.rb

@@ -8,11 +8,13 @@ def main
   # delete old logfile, check if it is a symlink first.
   File.delete(LOG_FILE) if File.exist?(LOG_FILE) and !File.symlink?(LOG_FILE)
 
-  banner()
-
   begin
     wpscan_options = WpscanOptions.load_from_arguments
 
+    $log = wpscan_options.log
+
+    banner() # called after $log set
+
     unless wpscan_options.has_options?
       # first parameter only url?
       if ARGV.length == 1
@@ -66,7 +68,7 @@ def main
       proxy_response = Browser.get(wp_target.url)
 
       unless WpTarget::valid_response_codes.include?(proxy_response.code)
-        raise "Proxy Error :\r\n#{proxy_response.headers}"
+        raise "Proxy Error :\r\nResponse Code: #{proxy_response.code}\r\nResponse Headers: #{proxy_response.headers}"
       end
     end
 
@@ -95,6 +97,12 @@ def main
       raise 'Basic authentication is required, please provide it with --basic-auth <login:password>'
     end
 
+    # test for valid credentials
+    unless wpscan_options.basic_auth.nil?
+      res = Browser.get_and_follow_location(wp_target.url)
+      raise 'Invalid credentials supplied' if res && res.code == 401
+    end
+
     # Remote website is wordpress?
     unless wpscan_options.force
       unless wp_target.wordpress?
@@ -135,7 +143,7 @@ def main
     end
 
     if wp_target.has_readme?
-      puts "#{warning('[!]')} The WordPress '#{wp_target.readme_url}' file exists"
+      puts "#{warning('[!]')} The WordPress '#{wp_target.readme_url}' file exists exposing a version number"
     end
 
     if wp_target.has_full_path_disclosure?
@@ -186,17 +194,6 @@ def main
       puts "#{warning('[!]')} Upload directory has directory listing enabled: #{wp_target.upload_dir_url}"
     end
 
-    if wp_target.has_malwares?
-      malwares = wp_target.malwares
-      puts "#{critical('[!]')} #{malwares.size} malware(s) found:"
-
-      malwares.each do |malware_url|
-        puts
-        puts ' | ' + critical("#{malware_url}")
-      end
-      puts
-    end
-
     enum_options = {
       show_progression: true,
       exclude_content: wpscan_options.exclude_content_based
@@ -216,7 +213,10 @@ def main
       wp_theme.output(wpscan_options.verbose)
 
       # Check for parent Themes
-      while wp_theme.is_child_theme?
+      parent_theme_count = 0
+      while wp_theme.is_child_theme? && parent_theme_count <= wp_theme.parent_theme_limit
+        parent_theme_count += 1
+
         parent = wp_theme.get_parent_theme
         puts
         puts "#{info('[+]')} Detected parent theme: #{parent}"
@@ -305,8 +305,8 @@ def main
       end
     end
 
-    # If we haven't been supplied a username, enumerate them...
-    if !wpscan_options.username and wpscan_options.wordlist or wpscan_options.enumerate_usernames
+    # If we haven't been supplied a username/usernames list, enumerate them...
+    if !wpscan_options.username && !wpscan_options.usernames && wpscan_options.wordlist || wpscan_options.enumerate_usernames
       puts
       puts "#{info('[+]')} Enumerating usernames ..."
 
@@ -333,11 +333,21 @@ def main
       else
         puts "#{info('[+]')} Identified the following #{wp_users.size} user/s:"
         wp_users.output(margin_left: ' ' * 4)
+        if wp_users[0].login == "admin"
+           puts "#{warning('[!]')} Default first WordPress username 'admin' is still used"
+        end
       end
 
     else
-      # FIXME : Change the .username to .login (and also the --username in the CLI)
-      wp_users = WpUsers.new << WpUser.new(wp_target.uri, login: wpscan_options.username)
+      wp_users = WpUsers.new
+
+      if wpscan_options.usernames
+        File.open(wpscan_options.usernames).each do |username|
+          wp_users << WpUser.new(wp_target.uri, login: username.chomp)
+        end
+      else
+        wp_users << WpUser.new(wp_target.uri, login: wpscan_options.username)
+      end
     end
 
     # Start the brute forcer