Bugfix SecureWarning, Feature URL Scheme Detection

swisskyrepo · Sep 9, 2017 · e78cfda · e78cfda
1 parent ab4c507
commit e78cfda
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -13,6 +13,7 @@ Dependencies
 ```
 pip install requests
 pip install tornado
+pip install lxml
 ```
 
 Install

diff --git a/engine/core.py b/engine/core.py
@@ -33,6 +33,16 @@ def display(msg):
   return "\033[0m | " + msg + "\033[0m"
 
 
+
+"""
+name        : format_url()
+description : will format the URL to provide an http
+"""
+def format_url(url):
+    if not "http" in url:
+        return "http://"+url
+    return url
+
 """
 name        : database_update()
 description : download and update the database from wpscan website

diff --git a/main.py b/main.py
@@ -2,6 +2,7 @@
 # -*- coding: utf-8 -*-
 import requests
 import argparse
+from requests.packages.urllib3.exceptions import InsecureRequestWarning # Required for bad https website
 from engine.core import *
 from engine.load_plugins import *
 from engine.wordpress import *
@@ -36,14 +37,15 @@
 	# Check wordpress url
 	if results.url != None:
 		# Disable warning for ssl verify=False
+		# NOTE: This should not be removed until a correct solution is found
 		requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
 
 		# Update scripts
 		if results.update != None:
 			database_update()
 
 		# Build a new wordpress object
-		wp = Wordpress(results.url, results.random_agent, results.nocheck)
+		wp = Wordpress(format_url(results.url), results.random_agent, results.nocheck)
 
 		# Launch bruteforce
 		Brute_Engine(wp, results.brute)
-Original file line number
+Diff line change
@@ Expand Up / @@ -13,6 +13,7 @@ Dependencies @@
     ```
     pip install requests
     pip install tornado
+    pip install lxml
     ```
     Install
@@ Expand Down @@