wpscan 3.8.9 → 3.8.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/password_attack.rb +2 -1
- data/lib/wpscan/target/platform/wordpress.rb +4 -1
- data/lib/wpscan/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 80bb171dc3d30fab68355160acacb8359681a85fb7f43ca11dc17968cb8b354f
|
|
4
|
+
data.tar.gz: ae033388eb73cbe1bc736edf32b54170cf12f0fb085ee76799fa207ca885a5d7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d0023c87de0d517a6eaf08ea8faf7a1a4681cad7a217bb8ee0201aa52f2ef209f64954cde27ea7d9ea2926e24800e377c43d2a4885ed15b3439468292006fb44
|
|
7
|
+
data.tar.gz: c01434b18a3682a190cf101e3a94622742dded2b5320c03bbb15eb515056531845feea68cc119351f428a73dbd966e6c1cffeb201844daca9734289f925e7e36
|
|
@@ -19,7 +19,8 @@ module WPScan
|
|
|
19
19
|
OptChoice.new(['--password-attack ATTACK',
|
|
20
20
|
'Force the supplied attack to be used rather than automatically determining one.'],
|
|
21
21
|
choices: %w[wp-login xmlrpc xmlrpc-multicall],
|
|
22
|
-
normalize: %i[downcase underscore to_sym])
|
|
22
|
+
normalize: %i[downcase underscore to_sym]),
|
|
23
|
+
OptString.new(['--login-uri URI', 'The URI of the login page if different from /wp-login.php'])
|
|
23
24
|
]
|
|
24
25
|
end
|
|
25
26
|
|
|
@@ -139,11 +139,14 @@ module WPScan
|
|
|
139
139
|
# the first time the method is called, and the effective_url is then used
|
|
140
140
|
# if suitable, otherwise the default wp-login will be.
|
|
141
141
|
#
|
|
142
|
+
# If the login_uri CLI option has been provided, it will be returne w/o redirection check.
|
|
143
|
+
#
|
|
142
144
|
# @return [ String, false ] The URL to the login page or false if not detected
|
|
143
145
|
def login_url
|
|
144
146
|
return @login_url unless @login_url.nil?
|
|
147
|
+
return @login_url = url(ParsedCli.login_uri) if ParsedCli.login_uri
|
|
145
148
|
|
|
146
|
-
@login_url = url('wp-login.php')
|
|
149
|
+
@login_url = url('wp-login.php')
|
|
147
150
|
|
|
148
151
|
res = Browser.get_and_follow_location(@login_url)
|
|
149
152
|
|
data/lib/wpscan/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: wpscan
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.8.
|
|
4
|
+
version: 3.8.10
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- WPScanTeam
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-10-
|
|
11
|
+
date: 2020-10-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: cms_scanner
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 0.
|
|
103
|
+
version: 1.0.0
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 0.
|
|
110
|
+
version: 1.0.0
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: rubocop-performance
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|