Bumps version

README.md

@@ -1,7 +1,7 @@
 ![alt text](https://raw.githubusercontent.com/wpscanteam/wpscan/gh-pages/wpscan_logo_407x80.png "WPScan - WordPress Security Scanner")
 
 [![Gem Version](https://badge.fury.io/rb/wpscan.svg)](https://badge.fury.io/rb/wpscan)
-[![Build Status](https://travis-ci.org/wpscanteam/wpscan.svg?branch=master)](https://travis-ci.org/wpscanteam/wpscan-v3)
+[![Build Status](https://travis-ci.org/wpscanteam/wpscan.svg?branch=master)](https://travis-ci.org/wpscanteam/wpscan)
 [![Code Climate](https://codeclimate.com/github/wpscanteam/wpscan/badges/gpa.svg)](https://codeclimate.com/github/wpscanteam/wpscan)
 [![Patreon Donate](https://img.shields.io/badge/patreon-donate-green.svg)](https://www.patreon.com/wpscan)
 

app/finders/users/rss_generator.rb

@@ -17,7 +17,13 @@ module WPScan
 
             begin
               res.xml.xpath('//item/dc:creator').each do |node|
-                potential_usernames << node.text.to_s unless node.text.to_s.length > 40
+                potential_username = node.text.to_s
+
+                # Ignoring potential username longer than 60 characters and containing accents
+                # as they are considered invalid. See https://github.com/wpscanteam/wpscan/issues/1215
+                next if potential_username.length > 60 || potential_username =~ /[^\x00-\x7F]/
+
+                potential_usernames << potential_username
               end
             rescue Nokogiri::XML::XPath::SyntaxError
               next

lib/wpscan/version.rb

@@ -1,4 +1,4 @@
 # Version
 module WPScan
-  VERSION = '3.3.0'.freeze
+  VERSION = '3.3.1'.freeze
 end

spec/app/finders/users/rss_generator_spec.rb

@@ -32,7 +32,7 @@ describe WPScan::Finders::Users::RSSGenerator do
             found_by: 'Rss Generator (Aggressive Detection)'
           ),
           CMSScanner::User.new(
-            'Aa Días-Gildés',
+            'Aa Dias-Gildes',
             confidence: 50,
             found_by: 'Rss Generator (Aggressive Detection)'
           )
@@ -53,7 +53,7 @@ describe WPScan::Finders::Users::RSSGenerator do
             found_by: 'Rss Generator (Passive Detection)'
           ),
           CMSScanner::User.new(
-            'Aa Días-Gildés',
+            'Aa Dias-Gildes',
             confidence: 50,
             found_by: 'Rss Generator (Passive Detection)'
           )
@@ -71,7 +71,7 @@ describe WPScan::Finders::Users::RSSGenerator do
               found_by: 'Rss Generator (Aggressive Detection)'
             ),
             CMSScanner::User.new(
-              'Aa Días-Gildés',
+              'Aa Dias-Gildes',
               confidence: 50,
               found_by: 'Rss Generator (Aggressive Detection)'
             )
@@ -90,7 +90,7 @@ describe WPScan::Finders::Users::RSSGenerator do
               found_by: 'Rss Generator (Aggressive Detection)'
             ),
             CMSScanner::User.new(
-              'Aa Días-Gildés',
+              'Aa Dias-Gildes',
               confidence: 50,
               found_by: 'Rss Generator (Aggressive Detection)'
             )

spec/fixtures/finders/users/rss_generator/feed.xml

@@ -38,6 +38,15 @@
       <link>http://ex.lo/2018/09/23/hello-world/</link>
       <comments>http://ex.lo/2018/09/23/hello-world/#comments</comments>
       <pubDate>Sun, 23 Sep 2018 11:31:56 +0000</pubDate>
+      <dc:creator><![CDATA[Aa Dias-Gildes]]></dc:creator>
+    </item>
+
+    <item>
+      <title>Hello world!</title>
+      <link>http://ex.lo/2018/09/23/hello-world/</link>
+      <comments>http://ex.lo/2018/09/23/hello-world/#comments</comments>
+      <pubDate>Sun, 23 Sep 2018 11:31:56 +0000</pubDate>
+      <!-- Should be ignored as invalid username (contains accent) -->
       <dc:creator><![CDATA[Aa Días-Gildés]]></dc:creator>
     </item>
 
@@ -46,6 +55,7 @@
       <link>http://ex.lo/2018/09/23/hello-world/</link>
       <comments>http://ex.lo/2018/09/23/hello-world/#comments</comments>
       <pubDate>Sun, 23 Sep 2018 11:31:56 +0000</pubDate>
+      <!-- Should be ignored as invalid username (too long, > 60 chars) -->
       <dc:creator><dc:creator><![CDATA[Michael Schrage. <p>Michael Schrage is a researcher at the MIT Sloan School of Management Initiative on the Digital Economy, where he does research and advisory work on how digital media transforms agency, human capital, and innovation.</p>
 ]]></dc:creator></dc:creator>
     </item>

wpscan.gemspec

@@ -16,41 +16,12 @@ Gem::Specification.new do |s|
   s.homepage              = 'https://wpscan.org/'
   s.license               = 'Dual'
 
-  s.files                 = Dir.glob('**/*').reject do |file|
+  s.files                 = Dir.glob('lib/**/*') + Dir.glob('app/**/*')
-    file =~ %r{^(?:
-      spec\/.*
-      |Gemfile
-      |Rakefile
-      |Dockerfile
-      |coverage\/.*
-      |.+\.gem
-      |.+\.rbc
-      |\.bundle
-      |\.config
-      |pkg\/.*
-      |rdoc\/.*
-      |Gemfile\.lock
-      |.yardoc\/.*
-      |_yardoc\/.*
-      |doc\/.*
-      |wpscan\.gemspec
-      |\.rspec
-      |\.gitignore
-      |\.gitlab-ci.yml
-      |\.rubocop.yml
-      |\.travis.yml
-      |\.ruby-gemset
-      |\.ruby-version
-      |\.dockerignore
-      |.*\.sublime\-.*
-      |bin\/wpscan-docker.*
-      )$}x
-  end
   s.test_files            = []
-  s.executables           = s.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  s.executables           = ['wpscan']
-  s.require_path          = 'lib'
+  s.require_paths         = ['lib']
 
-  s.add_dependency 'cms_scanner', '~> 0.0.40'
+  s.add_dependency 'cms_scanner', '~> 0.0.40.1'
 
   # Already required by CMSScanner, so version restrictions loosen
   s.add_dependency 'activesupport', '~> 5.2'