Commit Graph

57 Commits (c241018ff6c824606939a59b352d5208a611f311)

Author SHA1 Message Date
William Vu 013781fb9c
Land #5292, WordPress custom file version check 2015-05-05 11:21:18 -05:00
William Vu 18791ce933 Clean up code 2015-05-05 11:19:40 -05:00
Christian Mehlmauer 55967172be
allow custom regex 2015-05-02 21:06:15 +02:00
Christian Mehlmauer 9678479abb
check version from custom file 2015-05-02 18:34:10 +02:00
Tom Sellers c441ff81a1 Update comment in wordpress/version.rb
The comment 'All versions are vulnerable' makes sense on line 163 where there is no introduced or fixed version.  On line 175 though there is a fixed version, just no introduced version.  Adjusting comment text.
2015-05-01 17:05:31 -05:00
Christian Mehlmauer dc8f266345
fix readme detection bug 2015-04-16 14:57:29 +02:00
Christian Mehlmauer 9df09a1d60 readme detection 2015-04-16 14:41:30 +02:00
rastating 3669fb678d Fix parameter default value 2015-02-26 21:15:33 +00:00
rastating 06cb30a20a Remove duplicated code 2015-02-24 22:43:59 +00:00
rastating 37a55cce74 Abstracted version comparison code 2015-02-22 16:20:46 +00:00
rastating 3d38d46729 Add extra version checking methods
Added the ability to check style.css for theme versions as version
tagging in style.css is a requirement of WordPress theme development.
Also updated existing readme checking to allow for a nil fixed_version
parameter in scenarios where all versions are vulnerable in an EOL
product.
2015-02-22 16:20:46 +00:00
Christian Mehlmauer c820431879
Land #4770, Wordpress Ultimate CSV Importer user extract module 2015-02-22 08:52:45 +01:00
rastating 708340ec5a Tidy up various bits of code 2015-02-21 12:53:33 +00:00
rastating 7e1e0f8196 Add plugin upload functionality 2015-02-21 01:20:20 +00:00
rastating e0d87a8886 Update to use store_loot for CSV export 2015-02-17 19:21:31 +00:00
rastating a22f5c1287 Add extra readme check for case sensitive servers 2015-02-14 23:43:04 +00:00
Christian Mehlmauer 2c956c0a0f
add wordpress platform theme rce 2015-01-31 22:02:44 +01:00
jvazquez-r7 03169f231b Handle one redirection on wordpress_and_online? 2015-01-30 10:26:23 -06:00
jvazquez-r7 c098de27ee Do safer body check 2015-01-30 10:22:43 -06:00
jvazquez-r7 bc65d2f526 Make filename compatible with namespace 2015-01-30 10:22:07 -06:00
Christian Mehlmauer 7504358db3
code style and typos 2015-01-30 15:57:32 +01:00
Christian Mehlmauer a0eaf2f626
add wordpress ghost scanner module 2015-01-30 15:29:51 +01:00
Christian Mehlmauer 5b964bba6a
Land #4518, Wordpress long password DoS 2015-01-18 23:55:06 +01:00
Christian Mehlmauer 14b1d8dc5f
no space required 2015-01-08 23:43:06 +01:00
Christian Mehlmauer f7eb9a6cf8
update wordpress version detection regex 2015-01-08 23:36:59 +01:00
rastating 294cd80a08 Update documentation for wordpress_login 2015-01-07 18:32:52 +00:00
rastating e90e98547b Add configurable timeout to WordPress login 2015-01-07 17:06:31 +00:00
Christian Mehlmauer 056046f38b
update wordpress readme regex 2015-01-01 23:13:20 +01:00
Christian Mehlmauer d6e60453d6
Added Wordpress XMLRPC DoS 2014-08-07 11:38:44 +02:00
Christian Mehlmauer d334797116
Updated foxpress module 2014-07-28 22:23:22 +02:00
jvazquez-r7 2d5fd5e0d5 Use constant for WORDPRESS_VERSION_PATTERN 2014-07-28 09:22:50 -05:00
jvazquez-r7 b061d24b84 Favor & over and 2014-07-28 09:05:53 -05:00
Christian Mehlmauer c1a0f707ef
typos 2014-07-22 22:29:01 +02:00
Christian Mehlmauer 073a8c5233
redirection returns an URI 2014-07-22 19:55:26 +02:00
Christian Mehlmauer a6479a77d6
Implented feedback from @jhart-r7 2014-07-22 19:49:58 +02:00
Christian Mehlmauer baff003ecc
extracted check version to module
also added some wordpress specs and applied
rubocop
2014-07-22 17:02:35 +02:00
Christian Mehlmauer 29bb788d96
Better login detection for wordpress 2014-07-15 07:04:14 +02:00
Christian Mehlmauer 144c6aecba
Added WPTouch fileupload exploit 2014-07-14 21:35:18 +02:00
FireFart 617f6d53fe user_id starts at 1 2013-09-24 23:41:02 +02:00
FireFart 7a2762f4a7 more regexes 2013-09-24 20:20:06 +02:00
FireFart dc8f94bac1 Added wordpress version detection 2013-09-24 08:59:56 +02:00
FireFart e1aefe07e1 clarify documentation 2013-09-24 00:08:33 +02:00
FireFart 7c4708b1df -) Fix get_cookies to return multiple cookies. Before it only returned the first cookie
-) Bugfix
2013-09-23 23:59:45 +02:00
FireFart bfe88fa089 added wordpress login checks for 2.0 and 2.5 2013-09-23 23:32:31 +02:00
Tab Assassin f5a4c05dbc Retab changes for PR #2267 2013-09-05 14:11:03 -05:00
Christian Mehlmauer 7afa789547 fix indentation 2013-08-26 11:37:40 +02:00
Christian Mehlmauer 45ad043102 moderated comments are now also working (even for unauthenticated users) 2013-08-25 11:02:15 +02:00
Christian Mehlmauer 035258389f use feed first before trying to bruteforce 2013-08-25 10:16:43 +02:00
Christian Mehlmauer 5f7ccf1cbe naming..again 2013-08-24 18:58:00 +02:00
Christian Mehlmauer 9af1341179 consistent naming 2013-08-24 18:51:07 +02:00