renamed http-wp-enum and http-wp-plugins to http-wordpress-* for consistency with the naming of http-wordpress-brute

CHANGELOG

@@ -168,10 +168,10 @@ o [NSE] Added 27 scripts, bringing the total to 243!  You can learn
   + http-wordpress-brute performs brute force password auditing
     against Wordpress CMS/blog installations. [Paulino Calderon]
 
-  + http-wp-enum enumerates usernames in Wordpress blog/CMS
+  + http-wordpress-enum enumerates usernames in Wordpress blog/CMS
-    installations by exploiting an information disclosure vulnerability
+    installations by exploiting an information disclosure
-    existing in versions 2.6, 3.1, 3.1.1, 3.1.3 and 3.2-beta2 and
+    vulnerability existing in versions 2.6, 3.1, 3.1.1, 3.1.3 and
-    possibly others. [Paulino Calderon]
+    3.2-beta2 and possibly others. [Paulino Calderon]
 
   + imap-brute performs brute force password auditing against IMAP
     servers using either LOGIN, PLAIN, CRAM-MD5, DIGEST-MD5 or NTLM
@@ -417,6 +417,10 @@ o [NSE] Added the make_array and make_object functions to our json
 o [NSE] The ip-geolocation-ipinfodb now allows you to specify an
   IPInfoDB API key using the apikey NSE argument. [Gorjan]
 
+o [NSE] Renamed http-wp-plugins to http-wordpress-plugins script for
+  consistency with http-wordpress-brute and now
+  http-wordpress-enum. [Fyodor]
+
 Nmap 5.59BETA1 [2011-06-30]
 
 o [NSE] Added 40 scripts, bringing the total to 217!  You can learn

scripts/http-wordpress-enum.nse

@@ -7,24 +7,24 @@ Original advisory:
 
 ---
 -- @usage
--- nmap -p80 --script http-wp-enum <target>
+-- nmap -p80 --script http-wordpress-enum <target>
--- nmap -sV --script http-wp-enum --script-args limit=50 <target>
+-- nmap -sV --script http-wordpress-enum --script-args limit=50 <target>
 --
 -- @output
 -- PORT   STATE SERVICE REASON
 -- 80/tcp open  http    syn-ack
--- | http-wp-enum: 
+-- | http-wordpress-enum: 
 -- | Username found: admin
 -- | Username found: mauricio
 -- | Username found: cesar
 -- | Username found: lean
 -- | Username found: alex
 -- | Username found: ricardo
--- |_Search stopped at ID #25. Increase the upper limit if necessary with 'http-wp-enum.limit'
+-- |_Search stopped at ID #25. Increase the upper limit if necessary with 'http-wordpress-enum.limit'
 -- 
--- @args http-wp-enum.limit Upper limit for ID search. Default: 25
+-- @args http-wordpress-enum.limit Upper limit for ID search. Default: 25
--- @args http-wp-enum.basepath Base path to Wordpress. Default: /
+-- @args http-wordpress-enum.basepath Base path to Wordpress. Default: /
--- @args http-wp-enum.out If set it saves the username list in this file.
+-- @args http-wordpress-enum.out If set it saves the username list in this file.
 ---
 
 author = "Paulino Calderon"
@@ -96,9 +96,9 @@ end
 --MAIN
 ---
 action = function(host, port)
-  local basepath = stdnse.get_script_args("http-wp-enum.basepath") or "/"
+  local basepath = stdnse.get_script_args("http-wordpress-enum.basepath") or "/"
-  local limit = stdnse.get_script_args("http-wp-enum.limit") or 25
+  local limit = stdnse.get_script_args("http-wordpress-enum.limit") or 25
-  local filewrite = stdnse.get_script_args("http-wp-enum.out")
+  local filewrite = stdnse.get_script_args("http-wordpress-enum.out")
   local output = {""}
   local users = {}
   --First, we check this is WP
@@ -130,7 +130,7 @@ action = function(host, port)
   end
  
   if #output > 1 then
-    output[#output+1] = string.format("Search stopped at ID #%s. Increase the upper limit if necessary with 'http-wp-enum.limit'", limit)
+    output[#output+1] = string.format("Search stopped at ID #%s. Increase the upper limit if necessary with 'http-wordpress-enum.limit'", limit)
     return stdnse.strjoin("\n", output)
   end
 end

scripts/http-wordpress-plugins.nse

@@ -13,18 +13,18 @@ check the first 100 ones. Users can tweak this with an option (see below).
 ]]
 
 ---
--- @args http-wp-plugins.root If set, points to the blog root directory on the website. If not, the script will try to find a WP directory installation or fall back to root.
+-- @args http-wordpress-plugins.root If set, points to the blog root directory on the website. If not, the script will try to find a WP directory installation or fall back to root.
--- @args http-wp-plugins.search As the plugins list contains tens of thousand of plugins, this script will only search the 100 most popular ones by default.
+-- @args http-wordpress-plugins.search As the plugins list contains tens of thousand of plugins, this script will only search the 100 most popular ones by default.
 -- Use this option with a number or "all" as an argument for a more comprehensive brute force.
 --
 -- @usage
--- nmap --script=http-wp-plugins --script-arg http-wp-plugins.root="/blog/",http-wp-plugins.search=500 <targets>
+-- nmap --script=http-wordpress-plugins --script-arg http-wordpress-plugins.root="/blog/",http-wordpress-plugins.search=500 <targets>
 --
 --@output
 -- Interesting ports on my.woot.blog (123.123.123.123):
 -- PORT   STATE SERVICE REASON
 -- 80/tcp open  http    syn-ack
--- | http-wp-plugins:
+-- | http-wordpress-plugins:
 -- | search amongst the 500 most popular plugins
 -- |   akismet
 -- |   wp-db-backup
@@ -66,9 +66,9 @@ action = function(host, port)
   end
 
   local wp_autoroot
-  local wp_root = stdnse.get_script_args("http-wp-plugins.root")
+  local wp_root = stdnse.get_script_args("http-wordpress-plugins.root")
   local plugins_search = DEFAULT_PLUGINS_SEARCH
-  local plugins_search_arg = stdnse.get_script_args("http-wp-plugins.search")
+  local plugins_search_arg = stdnse.get_script_args("http-wordpress-plugins.search")
 
   if plugins_search_arg == "all" then
     plugins_search = nil
@@ -143,7 +143,7 @@ action = function(host, port)
   for i, data in pairs(pipeline_returns) do
     -- if it's not a four-'o-four, it probably means that the plugin is present
     if http.page_exists(data, result_404, body_404, bfqueries[i][1], true) then
-      stdnse.print_debug(1, "http-wp-plugins.nse: Found a plugin: %s", bfqueries[i][2])
+      stdnse.print_debug(1, "http-wordpress-plugins.nse: Found a plugin: %s", bfqueries[i][2])
       table.insert(result, bfqueries[i][2])
     end
   end
@@ -153,7 +153,7 @@ action = function(host, port)
     result.name = "search amongst the " .. plugin_count .. " most popular plugins"
     return stdnse.format_output(true, result)
   else
-    return "nothing found amongst the " .. plugin_count .. " most popular plugins, use --script-arg http-wp-plugins.search=<number|all> for deeper analysis)\n"
+    return "nothing found amongst the " .. plugin_count .. " most popular plugins, use --script-arg http-wordpress-plugins.search=<number|all> for deeper analysis)\n"
   end
 
 end

scripts/script.db

@@ -101,8 +101,8 @@ Entry { filename = "http-vmware-path-vuln.nse", categories = { "safe", "vuln", }
 Entry { filename = "http-vuln-cve2011-3192.nse", categories = { "safe", "vuln", } }
 Entry { filename = "http-waf-detect.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "http-wordpress-brute.nse", categories = { "auth", "intrusive", } }
-Entry { filename = "http-wp-enum.nse", categories = { "auth", "discovery", "intrusive", "vuln", } }
+Entry { filename = "http-wordpress-enum.nse", categories = { "auth", "discovery", "intrusive", "vuln", } }
-Entry { filename = "http-wp-plugins.nse", categories = { "discovery", "intrusive", } }
+Entry { filename = "http-wordpress-plugins.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "iax2-version.nse", categories = { "version", } }
 Entry { filename = "imap-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "imap-capabilities.nse", categories = { "default", "safe", } }
@@ -124,6 +124,7 @@ Entry { filename = "ldap-novell-getpass.nse", categories = { "discovery", "safe"
 Entry { filename = "ldap-rootdse.nse", categories = { "discovery", "safe", } }
 Entry { filename = "ldap-search.nse", categories = { "discovery", "safe", } }
 Entry { filename = "lexmark-config.nse", categories = { "discovery", "safe", } }
+Entry { filename = "lltd-discovery.nse", categories = { "discovery", "safe", } }
 Entry { filename = "modbus-discover.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "mongodb-databases.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "mongodb-info.nse", categories = { "default", "discovery", "safe", } }