Method: WPScan::Finders::Users::LoginErrorMessages#aggressive

Defined in:: app/finders/users/login_error_messages.rb

#aggressive(opts = {}) ⇒ `Array<User>`

Parameters:

opts (Hash) (defaults to: {})

Options Hash (opts):

:list (String)

Returns:

(Array<User>)

# File 'app/finders/users/login_error_messages.rb', line 18

def aggressive(opts = {})
  found = []

  usernames(opts).each do |username|
    res   = target.do_login(username, SecureRandom.hex[0, 8])
    error = res.html.css('div#login_error').text.strip

    return found if error.empty? # Protection plugin / error disabled

    next unless /The password you entered for the username|Incorrect Password/i.match?(error)

    found << Model::User.new(username, found_by: found_by, confidence: 100)
  end

  found
end

Method: WPScan::Finders::Users::LoginErrorMessages#aggressive

#aggressive(opts = {}) ⇒ Array<User>

#aggressive(opts = {}) ⇒ `Array<User>`