wpscan 3.3.3 → 3.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ffec7e5575986f44b69b35726856004fa2940ecf
-  data.tar.gz: 98693ec1db3bbf8f8198b99ee6aeece4312ce782
+  metadata.gz: eaa89ff7a89797ee415fe856a087fc8919c6aec8
+  data.tar.gz: 86daf1df43f7ba98edb75c5707f27c26243bb57c
 SHA512:
-  metadata.gz: 5952cf3e2d834995600a67cb5b57a1a5404b61a81ea7ec70efb40bc3d4047075d5b148c71efcf9a57efe3cce6b1323cc4ac7a619c1541f0ba01c836c7c293134
-  data.tar.gz: b6e7ab1f1e0d158bcabf23599bc4c65399a275a7b063b91e9c1826d88b2032af47ebaf34bc7a0d8ceefa9b41160c762b49c7a821c4366a301af8fc8e8503abcb
+  metadata.gz: c8158d90d7b7cfe7240188b36071e4fde25aa755a83203bd6f0da3e413234d85458986bdd6e96efb3caac44d67e1d0e4f65d3abeb2d9ebfecdd2bd731af8ae82
+  data.tar.gz: 21e3799132cd3e78263e26f16606a61f39a8abd82fec25a7cdae0a4c59f7798193f74a268f141efb0283724ce109d16ad7b748c903e9bb5a39ce756e211c612b

data/README.md

@@ -35,6 +35,17 @@ bundle install && rake install
 
 Pull the repo with ```docker pull wpscanteam/wpscan```
 
+Enumerating usernames
+```
+docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u
+```
+
+Enumerating a range of usernames
+```
+docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u1-100
+```
+** replace u1-100 with a range of your choice.
+
 # Usage
 
 ```wpscan --url blog.tld``` This will scan the blog using default options with a good compromise between speed and accuracy. For example, the plugins will be checked passively but their version with a mixed detection mode (passively + aggressively). Potential config backup files will also be checked, along with other interesting findings. If a more stealthy approach is required, then ```wpscan --stealthy --url blog.tld``` can be used.
@@ -69,6 +80,19 @@ url: 'http://target.tld'
 
 Running ```wpscan``` in the current directory (pwd), is the same as ```wpscan -v --proxy socks5://127.0.0.1:9090 --url http://target.tld```
 
+
+Enumerating usernames
+```
+wpscan --url https://target.tld/ --enumerate u
+```
+
+Enumerating a range of usernames
+```
+wpscan --url https://target.tld/ --enumerate u1-100
+```
+** replace u1-100 with a range of your choice.
+
+
 # PROJECT HOME
 
 [https://wpscan.org](https://wpscan.org)

data/app/finders/users/oembed_api.rb

@@ -14,29 +14,35 @@ module WPScan
 
         # @param [ Hash ] opts
         #
-        # TODO: make this code pretty :x
-        #
         # @return [ Array<User> ]
         def aggressive(_opts = {})
-          found        = []
-          found_by_msg = 'Oembed API - %s (Aggressive Detection)'
-
           oembed_data = JSON.parse(Browser.get(api_url).body)
+          details     = user_details_from_oembed_data(oembed_data)
+
+          return [] unless details
+
+          [CMSScanner::User.new(details[0],
+                                found_by: format(found_by_msg, details[1]),
+                                confidence: details[2],
+                                interesting_entries: [api_url])]
+        rescue JSON::ParserError
+          []
+        end
+
+        def user_details_from_oembed_data(oembed_data)
+          return unless oembed_data
 
           if oembed_data['author_url'] =~ %r{/author/([^/]+)/?\z}
             details = [Regexp.last_match[1], 'Author URL', 90]
           elsif oembed_data['author_name'] && !oembed_data['author_name'].empty?
-            details = [oembed_data['author_name'].delete(' '), 'Author Name', 70]
+            details = [oembed_data['author_name'], 'Author Name', 70]
           end
 
-          return unless details
+          details
+        end
 
-          found << CMSScanner::User.new(details[0],
-                                        found_by: format(found_by_msg, details[1]),
-                                        confidence: details[2],
-                                        interesting_entries: [api_url])
-        rescue JSON::ParserError
-          found
+        def found_by_msg
+          'Oembed API - %s (Aggressive Detection)'
         end
 
         # @return [ String ] The URL of the API listing the Users

data/app/models/wp_version.rb

@@ -55,5 +55,10 @@ module WPScan
     def release_date
       @release_date ||= db_data['release_date']
     end
+
+    # @return [ String ]
+    def status
+      @status ||= db_data['status']
+    end
   end
 end

data/app/views/cli/wp_version/version.erb

@@ -1,5 +1,5 @@
 <% if @version -%>
-<%= info_icon %> WordPress version <%= @version.number %> identified (Released on <%= @version.release_date %>).
+<%= info_icon %> WordPress version <%= @version.number %> identified (<%= @version.status.capitalize %>, released on <%= @version.release_date %>).
 <%= render('@finding', item: @version) -%>
 <% else -%>
 <%= notice_icon %> The WordPress version could not be detected.

data/app/views/json/wp_version/version.erb

@@ -2,6 +2,7 @@
 "version": {
   "number": <%= @version.number.to_json %>,
   "release_date": <%= @version.release_date.to_json %>,
+  "status": <%= @version.status.to_json %>,
   <%= render('@finding', item: @version) -%>
 },
 <% else -%>

data/lib/wpscan.rb

@@ -16,9 +16,7 @@ require 'securerandom'
 require 'wpscan/helper'
 require 'wpscan/db'
 require 'wpscan/version'
-require 'wpscan/errors/wordpress'
-require 'wpscan/errors/http'
-require 'wpscan/errors/update'
+require 'wpscan/errors'
 require 'wpscan/browser'
 require 'wpscan/target'
 require 'wpscan/finders'

data/lib/wpscan/errors.rb

@@ -0,0 +1,8 @@
+module WPScan
+  class Error < StandardError
+  end
+end
+
+require_relative 'errors/http'
+require_relative 'errors/update'
+require_relative 'errors/wordpress'

data/lib/wpscan/errors/http.rb

@@ -1,6 +1,6 @@
 module WPScan
   # HTTP Error
-  class HTTPError < StandardError
+  class HTTPError < Error
     attr_reader :response
 
     # @param [ Typhoeus::Response ] res

data/lib/wpscan/errors/update.rb

@@ -1,6 +1,6 @@
 module WPScan
   # Error raised when there is a missing  DB file and --no-update supplied
-  class MissingDatabaseFile < StandardError
+  class MissingDatabaseFile < Error
     def to_s
       'Update required, you can not run a scan if a database file is missing.'
     end

data/lib/wpscan/errors/wordpress.rb

@@ -1,20 +1,20 @@
 module WPScan
   # WordPress hosted (*.wordpress.com)
-  class WordPressHostedError < StandardError
+  class WordPressHostedError < Error
     def to_s
       'Scanning *.wordpress.com hosted blogs is not supported.'
     end
   end
 
   # Not WordPress Error
-  class NotWordPressError < StandardError
+  class NotWordPressError < Error
     def to_s
       'The remote website is up, but does not seem to be running WordPress.'
     end
   end
 
   # Invalid Wp Version (used in the WpVersion#new)
-  class InvalidWordPressVersion < StandardError
+  class InvalidWordPressVersion < Error
     def to_s
       'The WordPress version is invalid'
     end

data/lib/wpscan/version.rb

@@ -1,4 +1,4 @@
 # Version
 module WPScan
-  VERSION = '3.3.3'.freeze
+  VERSION = '3.4.0'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wpscan
 version: !ruby/object:Gem::Version
-  version: 3.3.3
+  version: 3.4.0
 platform: ruby
 authors:
 - WPScanTeam
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-11-02 00:00:00.000000000 Z
+date: 2018-11-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cms_scanner
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.40.3
+        version: 0.0.41.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.40.3
+        version: 0.0.41.0
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
@@ -321,6 +321,7 @@ files:
 - lib/wpscan/db/wp_item.rb
 - lib/wpscan/db/wp_items.rb
 - lib/wpscan/db/wp_version.rb
+- lib/wpscan/errors.rb
 - lib/wpscan/errors/http.rb
 - lib/wpscan/errors/update.rb
 - lib/wpscan/errors/wordpress.rb