From ce6b395733f6a99774a17349153d580fb2e0bcc1 Mon Sep 17 00:00:00 2001
From: Swissky <maxropelewski@gmail.com>
Date: Sun, 11 Jun 2017 16:54:29 +0200
Subject: [PATCH] HTTPS support - work even with bad https

---
 engine/fuzz.py | 6 +++---
 engine/scan.py | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/engine/fuzz.py b/engine/fuzz.py
index dd528ac..5b1fca7 100644
--- a/engine/fuzz.py
+++ b/engine/fuzz.py
@@ -36,7 +36,7 @@ class Fuzz_Engine:
 			for component in data:
 				component = component.strip()
 				iter_aggressive += 1
-				http_client.fetch(wordpress.url + component, aggressive_request_component, method='HEAD') == True
+				http_client.fetch(wordpress.url + component, aggressive_request_component, method='HEAD', validate_cert=False) == True
 			ioloop.IOLoop.instance().start()
 
 
@@ -59,7 +59,7 @@ class Fuzz_Engine:
 			for theme in data:
 				theme = theme.strip()
 				iter_aggressive += 1
-				http_client.fetch(wordpress.url + theme + "style.css", aggressive_request_plugins, method='HEAD') == True
+				http_client.fetch(wordpress.url + theme + "style.css", aggressive_request_plugins, method='HEAD', validate_cert=False) == True
 			ioloop.IOLoop.instance().start()
 
 
@@ -81,7 +81,7 @@ class Fuzz_Engine:
 			for plugin in data:
 				plugin = plugin.strip()
 				iter_aggressive += 1
-				http_client.fetch(wordpress.url + plugin, aggressive_request_plugins, method='HEAD') == True
+				http_client.fetch(wordpress.url + plugin, aggressive_request_plugins, method='HEAD', validate_cert=False) == True
 			ioloop.IOLoop.instance().start()
 
 
diff --git a/engine/scan.py b/engine/scan.py
index 75ccdd7..9610aec 100644
--- a/engine/scan.py
+++ b/engine/scan.py
@@ -40,7 +40,7 @@ class Scan_Engine:
 	description : detect the version of WordPress based on the generator tag in index.php/feed/
 	"""
 	def fingerprint_wp_version_feed_based(self, wordpress):
-		r = requests.get(wordpress.url + "index.php/feed", headers={"User-Agent":wordpress.agent}).text
+		r = requests.get(wordpress.url + "index.php/feed", headers={"User-Agent":wordpress.agent}, verify=False).text
 		regex = re.compile('generator>https://wordpress.org/\?v=(.*?)<\/generator')
 		match = regex.findall(r)
 		if match != []:
@@ -207,7 +207,7 @@ class Scan_Engine:
 			http_client = httpclient.AsyncHTTPClient()
 			for plugin in data.keys():
 				iter_aggressive += 1
-				http_client.fetch(wordpress.url+'/wp-content/themes/' + plugin, aggressive_request_themes, method='HEAD') == True
+				http_client.fetch(wordpress.url+'/wp-content/themes/' + plugin, aggressive_request_themes, method='HEAD', validate_cert=False) == True
 			ioloop.IOLoop.instance().start()
 
 
@@ -228,7 +228,7 @@ class Scan_Engine:
 			http_client = httpclient.AsyncHTTPClient()
 			for plugin in data.keys():
 				iter_aggressive += 1
-				http_client.fetch(wordpress.url+'/wp-content/plugins/' + plugin, aggressive_request_plugins, method='HEAD') == True
+				http_client.fetch(wordpress.url+'/wp-content/plugins/' + plugin, aggressive_request_plugins, method='HEAD', validate_cert=False) == True
 			ioloop.IOLoop.instance().start()