Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
824697490f | ||
|
|
62e01cb9d6 | ||
|
|
87c2f82b80 |
@@ -170,6 +170,12 @@ module WPScan
|
|||||||
['--users-detection MODE',
|
['--users-detection MODE',
|
||||||
'Use the supplied mode to enumerate Users, instead of the global (--detection-mode) mode.'],
|
'Use the supplied mode to enumerate Users, instead of the global (--detection-mode) mode.'],
|
||||||
choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
|
choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
|
||||||
|
),
|
||||||
|
OptRegexp.new(
|
||||||
|
[
|
||||||
|
'--exclude-usernames REGEXP_OR_STRING',
|
||||||
|
'Exclude usernames matching the Regexp/string (case insensitive). Regexp delimiters are not required.'
|
||||||
|
], options: Regexp::IGNORECASE
|
||||||
)
|
)
|
||||||
]
|
]
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -11,6 +11,16 @@ require_relative 'users/yoast_seo_author_sitemap'
|
|||||||
|
|
||||||
module WPScan
|
module WPScan
|
||||||
module Finders
|
module Finders
|
||||||
|
# Specific Finders container to filter the usernames found
|
||||||
|
# and remove the ones matching ParsedCli.exclude_username if supplied
|
||||||
|
class UsersFinders < SameTypeFinders
|
||||||
|
def filter_findings
|
||||||
|
findings.delete_if { |user| ParsedCli.exclude_usernames.match?(user.username) } if ParsedCli.exclude_usernames
|
||||||
|
|
||||||
|
findings
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
module Users
|
module Users
|
||||||
# Users Finder
|
# Users Finder
|
||||||
class Base
|
class Base
|
||||||
@@ -28,6 +38,10 @@ module WPScan
|
|||||||
Users::AuthorIdBruteForcing.new(target) <<
|
Users::AuthorIdBruteForcing.new(target) <<
|
||||||
Users::LoginErrorMessages.new(target)
|
Users::LoginErrorMessages.new(target)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def finders
|
||||||
|
@finders ||= Finders::UsersFinders.new
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -10,7 +10,7 @@ module WPScan
|
|||||||
module Finders
|
module Finders
|
||||||
# Specific Finders container to filter the version detected
|
# Specific Finders container to filter the version detected
|
||||||
# and remove the one with low confidence to avoid false
|
# and remove the one with low confidence to avoid false
|
||||||
# positive when there is not enought information to accurately
|
# positive when there is not enough information to accurately
|
||||||
# determine it.
|
# determine it.
|
||||||
class WpVersionFinders < UniqueFinders
|
class WpVersionFinders < UniqueFinders
|
||||||
def filter_findings
|
def filter_findings
|
||||||
|
|||||||
@@ -2,5 +2,5 @@
|
|||||||
|
|
||||||
# Version
|
# Version
|
||||||
module WPScan
|
module WPScan
|
||||||
VERSION = '3.8.16'
|
VERSION = '3.8.17'
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -76,7 +76,7 @@ describe WPScan::Controller::Enumeration do
|
|||||||
config_backups_list config_backups_detection
|
config_backups_list config_backups_detection
|
||||||
db_exports_list db_exports_detection
|
db_exports_list db_exports_detection
|
||||||
medias_detection
|
medias_detection
|
||||||
users_list users_detection]
|
users_list users_detection exclude_usernames]
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
|
|||||||
s.executables = ['wpscan']
|
s.executables = ['wpscan']
|
||||||
s.require_paths = ['lib']
|
s.require_paths = ['lib']
|
||||||
|
|
||||||
s.add_dependency 'cms_scanner', '~> 0.13.2'
|
s.add_dependency 'cms_scanner', '~> 0.13.3'
|
||||||
|
|
||||||
s.add_development_dependency 'bundler', '>= 1.6'
|
s.add_development_dependency 'bundler', '>= 1.6'
|
||||||
s.add_development_dependency 'memory_profiler', '~> 1.0.0'
|
s.add_development_dependency 'memory_profiler', '~> 1.0.0'
|
||||||
|
|||||||
Reference in New Issue
Block a user