garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commit Graph

  • 0b5d7ad147 Fix #112 Multiple redirections detection erwanlr 2013-01-19 15:03:58 +01:00
  • 9b34b6597f ruby 1.9.1 removed from travis (no longer supported, see https://gist.github.com/1223640) erwanlr 2013-01-17 15:38:34 +01:00
  • b24528cfe5 Fix : Rspec failure with random user agent erwanlr 2013-01-17 15:08:23 +01:00
  • 6060b13de4 Another try with ruby 1.9.1 & travis erwanlr 2013-01-17 14:23:18 +01:00
  • 88a2838a4c .simplecov added (for real this time :D) erwanlr 2013-01-17 13:43:21 +01:00
  • 30b3c7fa7b .simplecov added erwanlr 2013-01-17 13:32:17 +01:00
  • 0894b8f5b5 explot files removed erwanlr 2013-01-17 13:29:19 +01:00
  • 5d50cbe4a7 ruby-1.9.1 added to travis erwanlr 2013-01-17 13:26:52 +01:00
  • 339811ab4b Merge branch 'master' into plugins erwanlr 2013-01-17 13:13:12 +01:00
  • 5d19bdf83d puts override reactivated erwanlr 2013-01-17 13:11:21 +01:00
  • d9fd20c6fe WPSTools plugins mode activated erwanlr 2013-01-17 13:08:01 +01:00
  • 949e39fd2d --format documentation only on travis Christian Mehlmauer 2013-01-16 20:35:49 +01:00
  • 8057f6127f Fixed error on ruby 1.8 Christian Mehlmauer 2013-01-14 23:48:39 +01:00
  • 8d232a8c39 Added w3-total-cache exploit and rspec tests for errors on loading the main script (issue #110) Christian Mehlmauer 2013-01-14 23:31:05 +01:00
  • 1d7923c7b7 fix theme detection Christian Mehlmauer 2013-01-14 15:24:49 +01:00
  • 04fab49d44 rspec tests Christian Mehlmauer 2013-01-14 15:05:55 +01:00
  • 36585891a1 output wordpress url on all items Christian Mehlmauer 2013-01-14 14:53:24 +01:00
  • 96d82405df Bugfix in Versiondetection. Without this Fix a very long string is detected as WPVersion and wpscan crashes on determing the vulns from XML because the string is used as xpath Christian Mehlmauer 2013-01-14 14:27:12 +01:00
  • 91187a0db3 Fix replace regex to include ESC characters Christian Mehlmauer 2013-01-14 12:43:52 +01:00
  • 37e4461ddd Updater cleanup erwanlr 2013-01-14 10:51:25 +01:00
  • 255bbcdac2 bugfixing Christian Mehlmauer 2013-01-13 23:56:30 +01:00
  • 716e07803c removed debug output Christian Mehlmauer 2013-01-13 22:04:49 +01:00
  • 253d6e2928 added basic logging to wpscan Christian Mehlmauer 2013-01-13 22:02:13 +01:00
  • 8c5d960b14 Merge branch 'master' of github.com:wpscanteam/wpscan Christian Mehlmauer 2013-01-13 21:08:52 +01:00
  • 1377ee2653 added metasploit references Christian Mehlmauer 2013-01-13 21:08:07 +01:00
  • c913715ec9 Spec for reset_head git updater. ethicalhack3r 2013-01-13 20:34:26 +01:00
  • 7ac9f79439 Added '{repo_directory_arguments()}' to has_local_changes? ethicalhack3r 2013-01-13 20:17:14 +01:00
  • ecaf0894dd Detect local changes before a git update. See issue #75. ethicalhack3r 2013-01-13 20:06:20 +01:00
  • 7522a44b0a Added syntax checks for the original XML files so travis can complain about syntax errors Christian Mehlmauer 2013-01-12 19:27:07 +01:00
  • 22fb817fe3 typo Christian Mehlmauer 2013-01-12 18:22:27 +01:00
  • 12b0d18052 Merge pull request #108 from CharlieEriksen/master Christian Mehlmauer 2013-01-12 09:19:29 -08:00
  • 650550363d Fixing line ending Charlie Eriksen 2013-01-12 17:06:25 +00:00
  • 3d0b236c80 Adding a bunch of vulns Charlie Eriksen 2013-01-12 17:02:43 +00:00
  • 9c292ab885 Rspec formatting Christian Mehlmauer 2013-01-12 14:33:52 +01:00
  • 2593a2e992 Merge branch 'master' of github.com:wpscanteam/wpscan Christian Mehlmauer 2013-01-11 21:40:57 +01:00
  • b9b86e18da Seems to be a false positive: http://seclists.org/bugtraq/2013/Jan/50 Cannot reproduce it on my site too. Also the google dork in the advisory is for nextgen-gallery Christian Mehlmauer 2013-01-11 21:40:01 +01:00
  • ea4f40342b Added 2013 to README files. ethicalhack3r 2013-01-11 18:10:43 +01:00
  • 9aba823614 Added Chris to WPScan Team. ethicalhack3r 2013-01-11 17:48:53 +01:00
  • 70da78a240 Updated rdoc. ethicalhack3r 2013-01-11 17:41:38 +01:00
  • fb124f770c Changed the Copyright notice to include 2013. ethicalhack3r 2013-01-11 17:40:37 +01:00
  • 6d3e2af067 Fix #105 Proxy error checked before scanning erwanlr 2013-01-11 17:10:49 +01:00
  • 91a38b6a11 Fix : Rspec bad URI error erwanlr 2013-01-11 16:42:55 +01:00
  • 9f53000e89 Gallery 3.8.3 Arbitrary File Read Christian Mehlmauer 2013-01-11 07:03:53 +01:00
  • 062109ae8b Travis Christian Mehlmauer 2013-01-10 22:12:12 +01:00
  • 80a0793744 Accidently left debugging 'p' in the code. Removed. ethicalhack3r 2013-01-10 12:01:52 +01:00
  • db2e127c4e Added the wordpress.org plugin URL. See issue #100. ethicalhack3r 2013-01-10 11:59:47 +01:00
  • 5133b6b579 Added XMLRPC issues to WP 3.5. See issue #99. ethicalhack3r 2013-01-10 11:02:12 +01:00
  • 8726cba0b9 Merge pull request #103 from FireFart/xml Ryan Dewhurst 2013-01-10 01:50:09 -08:00
  • 5f0b96f3e9 Docs Christian Mehlmauer 2013-01-09 23:05:48 +01:00
  • 4062e4dfbc Renamed XML Christian Mehlmauer 2013-01-09 23:01:30 +01:00
  • c63d879d56 Updated popular plugins Christian Mehlmauer 2013-01-09 22:59:12 +01:00
  • a6ad818496 Support multiple references Christian Mehlmauer 2013-01-09 22:48:24 +01:00
  • 320e419518 Added new vulns (verified them with WP3.5 and the latest Plugin version) Christian Mehlmauer 2013-01-09 22:10:43 +01:00
  • 6236c8b8f5 Updated to include Chris's twitter. Welcome! Ryan Dewhurst 2013-01-09 19:28:59 +01:00
  • 525491af89 spec/fixtures renamed to spec/samples erwanlr 2013-01-09 12:42:22 +01:00
  • cf102a04b1 Added google-document-embedder Arbitrary File Disclosure erwanlr 2013-01-08 17:00:17 +01:00
  • 95bab0546e Added extended-user-profile FPD erwanlr 2013-01-08 16:51:21 +01:00
  • 9254e809fc Added superslider-show FPD erwanlr 2013-01-08 16:49:47 +01:00
  • 140cc4882f Adedd multibox FPD erwanlr 2013-01-08 16:45:17 +01:00
  • f23a5abf60 Added OpenInviter Information Disclosure <- hot one xD) erwanlr 2013-01-07 18:21:46 +01:00
  • 1956e3ff46 Fomatting, local vuln hashes added erwanlr 2013-01-07 16:58:07 +01:00
  • 980aa7198a Added html & htm extension in the local scanning erwanlr 2013-01-07 14:39:37 +01:00
  • 8894e42adf missing xml encoding & tag added erwanlr 2013-01-07 14:29:40 +01:00
  • 87d5d93030 Fix #98 wpstools options to locally scan a wp installation for vulnerable files erwanlr 2013-01-07 14:24:21 +01:00
  • db7416c5a6 Added plugin wp-superb-slideshow FPD erwanlr 2013-01-06 15:45:14 +01:00
  • 2742500df5 Added RokBox multiple vulns erwanlr 2013-01-06 15:42:50 +01:00
  • 1ed133c4c8 Added theme onepagewebsite FPD erwanlr 2013-01-06 15:37:08 +01:00
  • 80ec2ec86e Added 4 premium themes FPD erwanlr 2013-01-06 15:33:53 +01:00
  • 192b5862b4 grou-random-image-widget FPD erwanlr 2013-01-06 15:25:49 +01:00
  • 6f406fe807 Sintic_gallery FPD & file upload erwanlr 2013-01-06 15:23:21 +01:00
  • ba2a4fa0aa Theme vulns identation erwanlr 2013-01-06 15:05:38 +01:00
  • f8ba2b71f8 Added Moneymasters FDP & File upload erwanlr 2013-01-06 15:02:39 +01:00
  • 2f76277a28 Added wp-useronline Persistent XSS & FPD erwanlr 2013-01-04 16:35:51 +01:00
  • 0c555a70c0 Useless comment removed erwanlr 2013-01-04 16:16:15 +01:00
  • 42c68fe683 show_progression used in brute forcing erwanlr 2013-01-04 15:30:35 +01:00
  • c0eadd22db show_progress_bar renamed to show_progression erwanlr 2013-01-04 15:15:14 +01:00
  • e2bb5dc24f Added Shopping cart multi (SQLi & file upload) erwanlr 2013-01-03 16:35:07 +01:00
  • 473a2446ae Added Reflex Gallery file upload erwanlr 2013-01-03 16:33:08 +01:00
  • a91c45e548 Added uploader 1.0.4 file upload erwanlr 2013-01-03 16:19:54 +01:00
  • 716ff61ff9 Added xerte-online upload file erwanlr 2013-01-03 15:50:57 +01:00
  • c850b231e0 Added advanced-custom-fields <= 3.5.1 RFI erwanlr 2013-01-03 15:01:46 +01:00
  • b95110375e sitepress-multilingual-cms FPD added erwanlr 2013-01-01 16:09:12 +01:00
  • b9d17524dc Fix #97 Added ruby-dev to package installation erwanlr 2013-01-01 15:36:01 +01:00
  • 6ebf8dc32f Fix #97 Added ruby-dev to package installation erwanlr 2013-01-01 15:35:20 +01:00
  • a4ace91e68 Fix #96 Username detection from header location when a trailing slash is present erwanlr 2013-01-01 15:30:01 +01:00
  • 9b14a8d038 Fix #54 False positive when a plugin directory redirects to the homepage erwanlr 2012-12-21 12:21:40 +01:00
  • c0a05a4119 Ref #52 RSS url detection erwanlr 2012-12-20 17:46:06 +01:00
  • 221068ef1b Indentation erwanlr 2012-12-20 17:02:43 +01:00
  • 6df6cdc997 Typo & indentation erwanlr 2012-12-20 16:57:17 +01:00
  • 42ee4b9183 Ref #54 Implementation of WebSite.homepage_hash erwanlr 2012-12-20 16:53:13 +01:00
  • b5390be6b5 WpTarget.error_404_hash moved to WebSite module erwanlr 2012-12-20 16:22:04 +01:00
  • 38c81384e8 WebSite module reworked erwanlr 2012-12-19 17:49:56 +01:00
  • 052721a8a2 @thesp0nge added to contributors (basic authentification) erwanlr 2012-12-19 16:40:39 +01:00
  • 1d53861331 Gemfile.lock added to .gitignore erwanlr 2012-12-19 16:35:44 +01:00
  • 3ed20649f9 Group development & test created in Gemfile, README updated to reflect it erwanlr 2012-12-19 16:34:17 +01:00
  • 9d74a289f8 Group development & test created in Gemfile, README updated to reflect it erwanlr 2012-12-19 16:33:11 +01:00
  • 36b10250d1 Merge pull request #89 from mstanislav/master Ryan Dewhurst 2012-12-13 11:15:22 -08:00
  • 56e96dc97b Addition of an AUTHBYPASS type for plugins that will operate without a valid WordPress session and/or adequate privilege, creating a vulnerability due to its functionality. Also, added a portable-phpMyAdmin vulnerability to the plugin vulnerability listing utilizing the aforementioned new type. Mark Stanislav 2012-12-13 14:07:22 -05:00
  • d77a312844 Merge pull request #88 from FireFart/xmlrpc erwanlr 2012-12-13 08:17:59 -08:00
  • 5415af538a docs Christian Mehlmauer 2012-12-13 16:47:05 +01:00