rastating
diff --git a/‎.gitignore
Lines changed: 14 additions & 86 deletions b/‎.gitignore
Lines changed: 14 additions & 86 deletions
diff --git a/‎.rubocop.yml
Lines changed: 20 additions & 6 deletions b/‎.rubocop.yml
Lines changed: 20 additions & 6 deletions
diff --git a/‎.travis.yml
Lines changed: 5 additions & 3 deletions b/‎.travis.yml
Lines changed: 5 additions & 3 deletions
diff --git a/‎.yardopts
Lines changed: 3 additions & 1 deletion b/‎.yardopts
Lines changed: 3 additions & 1 deletion
diff --git a/‎CONTRIBUTING.md
Lines changed: 6 additions & 1 deletion b/‎CONTRIBUTING.md
Lines changed: 6 additions & 1 deletion
diff --git a/‎Gemfile
Lines changed: 1 addition & 11 deletions b/‎Gemfile
Lines changed: 1 addition & 11 deletions
diff --git a/‎Gemfile.lock
Lines changed: 0 additions & 48 deletions b/‎Gemfile.lock
Lines changed: 0 additions & 48 deletions
diff --git a/‎README.md
Lines changed: 23 additions & 12 deletions b/‎README.md
Lines changed: 23 additions & 12 deletions
diff --git a/‎VERSION
Lines changed: 0 additions & 1 deletion b/‎VERSION
Lines changed: 0 additions & 1 deletion
@@ -1,107 +1,35 @@
-*.gem
-*.rbc
-/.config
-/coverage/
-/InstalledFiles
-/pkg/
-/spec/reports/
-/spec/examples.txt
-/test/tmp/
-/test/version_tmp/
-/tmp/
-
-## Specific to RubyMotion:
-.dat*
-.repl_history
-build/
-
-## Documentation cache and generated files:
-/.yardoc/
-/_yardoc/
-/doc/
-/rdoc/
+# =========================
+# Generated files
+# =========================
 
-## Environment normalisation:
-/.bundle/
-/vendor/bundle
-/lib/bundler/man/
+*.gem
+*.db
+*.db-journal
+.yardoc/
+doc/
+coverage/
 
-# for a library or gem, you might want to ignore these files since the code is
-# intended to run in multiple environments; otherwise, check them in:
-# Gemfile.lock
-# .ruby-version
-# .ruby-gemset
+# =========================
+# Environment files
+# =========================
 
-# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
-.rvmrc
+Gemfile.lock
 
 # =========================
 # Operating System Files
 # =========================
 
-# OSX
+# MacOS
 # =========================
 
 .DS_Store
 .AppleDouble
 .LSOverride
 
-# Thumbnails
-._*
-
-# Files that might appear in the root of a volume
-.DocumentRevisions-V100
-.fseventsd
-.Spotlight-V100
-.TemporaryItems
-.Trashes
-.VolumeIcon.icns
-
-# Directories potentially created on remote AFP share
-.AppleDB
-.AppleDesktop
-Network Trash Folder
-Temporary Items
-.apdisk
-
 # Windows
 # =========================
 
-# Windows image file caches
 Thumbs.db
 ehthumbs.db
-
-# Folder config file
 Desktop.ini
-
-# Recycle Bin used on file shares
 $RECYCLE.BIN/
-
-# Windows Installer files
-*.cab
-*.msi
-*.msm
-*.msp
-
-# Windows shortcuts
-*.lnk
-
-# Sublime Plugins
-sftp-config.json
-
-# Atom Plugins
-deployment-config.json
-
-# NPM
-node_modules/
-npm-debug.log
-
-# TypeScript type defs
-typings/
-
-# Compiled Angular TypeScript
-lib/web/public/app/**/*.js
-lib/web/public/app/**/*.map
-
-# SQLite databases
-db/*
@@ -1,3 +1,6 @@
+AllCops:
+  TargetRubyVersion: 2.4
+
 Style/ClassAndModuleChildren:
   Description: 'Most modules will use the non-nested syntax'
   Enabled: false
@@ -9,14 +12,14 @@ Metrics/ClassLength:
   Description: 'Most modules and payloads are quite large. This is ok.'
   Enabled: true
   Exclude:
-    - 'modules/**/*'
-    - 'payloads/**/*'
+    - 'lib/wpxf/modules/**/*'
+    - 'lib/wpxf/payloads/**/*'
 
 Style/Documentation:
   Enabled: true
   Description: 'Most modules do not have class documentation.'
   Exclude:
-    - 'modules/**/*'
+    - 'lib/wpxf/modules/**/*'
 
 Metrics/LineLength:
   Description: 'Modules often pattern match against very long strings when identifying targets.'
@@ -34,11 +37,11 @@ Style/WordArray:
 
 Style/RedundantBegin:
   Exclude:
-    - 'modules/**/*'
+    - 'lib/wpxf/modules/**/*'
 
 Documentation:
   Exclude:
-    - 'modules/**/*'
+    - 'lib/wpxf/modules/**/*'
 
 Style/IndentArray:
   Enabled: false
@@ -49,6 +52,14 @@ Lint/UnusedMethodArgument:
   Exclude:
     - 'lib/wpxf/**/*'
 
+Style/ConditionalAssignment:
+  Enabled: false
+  Description: 'On long lines, this results in really bad formatting issues.'
+
+Style/IfUnlessModifier:
+  Enabled: false
+  Description: 'The modifier does not always increase readability.'
+
 Style/ClassVars:
   Enabled: false
   Description: 'There are genuine use cases for using class vars.'
@@ -62,4 +73,7 @@ Metrics/BlockLength:
 Layout/EmptyLinesAroundArguments:
   Description: 'Produces false positives when using multi-line strings with spaces.'
   Exclude:
-    - 'modules/**/*'
+    - 'lib/wpxf/modules/**/*'
+
+Lint/AmbiguousRegexpLiteral:
+  Enabled: false
@@ -1,12 +1,14 @@
 language: ruby
 rvm:
-  - 2.3.7
   - 2.4.4
   - 2.5.1
 before_install:
   - "echo 'gem: --no-ri --no-rdoc' > ~/.gemrc"
-  - "gem install bundler"
-script: bundle exec rspec
+  - gem install bundler
+before_script:
+  - export WPXF_ENV=test
+script:
+  - bundle exec rspec
 branches:
   except:
     - gh-pages
@@ -1,6 +1,8 @@
 --exclude lib/wpxf/net/typhoeus_helper.rb
 --exclude lib/wpxf/net/http_options.rb
---exclude payloads/socket_helper.rb
 --exclude lib/wpxf/core.rb
+--exclude lib/wpxf/cli/**/*
+--exclude lib/wpxf/modules/**/*
+--exclude lib/wpxf/payloads/**/*
 
 lib/wpxf/**/*.rb
@@ -1,8 +1,13 @@
 # How to contribute
 Contributions are always welcome, however, to keep things consistent, please review the following guidelines.
 
+## Setting up your environment
+Ensure that you have Ruby >= 2.4.4 installed on your system and then install all required dependencies by opening a command prompt / terminal in the WPXF folder and running ```bundle install```.
+
+If bundler is not present on your system, you can install it by running ```gem install bundler```.
+
 ## Update unit tests
-If you change a core piece of functionality (i.e. in ```lib/wpxf/*```) then ensure the corresponding unit tests in the ```spec``` folder are updated.
+If you change a core piece of functionality (i.e. in ```lib/*```) then ensure the corresponding unit tests in the ```spec``` folder are updated.
 
 For more information on writing unit tests with RSpec, see https://relishapp.com/rspec
 
 
@@ -1,14 +1,4 @@
 # frozen_string_literal: true
 
 source 'https://rubygems.org'
-gem 'colorize', '>=0.8.1'
-gem 'mime-types', '>=3.1'
-gem 'nokogiri', '~>1.8.2'
-gem 'require_all', '~>2.0'
-gem 'rubyzip', '~>1.2.1'
-gem 'slop', '~>4.6.2'
-gem 'typhoeus', '~>1.3.0'
-
-group :test do
-  gem 'rspec', '~>3.7'
-end
+gemspec
@@ -1,12 +1,23 @@
-# wordpress-exploit-framework
-[![Build Status](https://travis-ci.org/rastating/wordpress-exploit-framework.svg?branch=master)](https://travis-ci.org/rastating/wordpress-exploit-framework) [![Maintainability](https://api.codeclimate.com/v1/badges/5414ccc4e7a1f5e38c79/maintainability)](https://codeclimate.com/github/rastating/wordpress-exploit-framework/maintainability)
+<p align="center"><img src="https://raw.githubusercontent.com/rastating/wordpress-exploit-framework/gh-pages/static/wordpress-exploit-framework-200px.png" /></p>
 
-A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
+<h1 align="center">WordPress Exploit Framework</h1>
+<p align="center">
+  <a href="https://travis-ci.org/rastating/wordpress-exploit-framework"><img src="https://travis-ci.org/rastating/wordpress-exploit-framework.svg?branch=development" alt="Build Status" height="20" /></a> <a href="https://codeclimate.com/github/rastating/wordpress-exploit-framework/maintainability"><img src="https://api.codeclimate.com/v1/badges/5414ccc4e7a1f5e38c79/maintainability" alt="Maintainability" height="20" /></a> <a href="https://coveralls.io/github/rastating/wordpress-exploit-framework?branch=development"><img src="https://coveralls.io/repos/github/rastating/wordpress-exploit-framework/badge.svg?branch=development" alt="Coverage Status" height="20" /></a> <a href="https://badge.fury.io/rb/wpxf"><img src="https://badge.fury.io/rb/[email protected]" alt="Gem Version" height="20"></a>
+</p>
 
-### What do I need to run it?
-Ensure that you have Ruby >= 2.4.3 installed on your system and then install all required dependencies by opening a command prompt / terminal in the WPXF folder and running ```bundle install```.
+<p align="center">
+  A Ruby framework designed to aid in the penetration testing of WordPress systems.
+</p>
+
+<hr>
+
+### Installation
+To install the latest stable build, run `gem install wpxf`.
 
-If bundler is not present on your system, you can install it by running ```gem install bundler```.
+After installation, you can launch the WordPress Exploit Framework console by running `wpxf`.
+
+### What do I need to run it?
+Ruby >= 2.4.4 is required to run WordPress Exploit Framework.
 
 ### Troubleshooting Installation
 #### Debian Systems
@@ -23,16 +34,16 @@ sudo apt-get install ruby-dev zlib1g-dev liblzma-dev
 ```
 
 #### Windows Systems
-If you are experiencing errors that indicate that ```libcurl.dll``` could not be loaded, you will need to ensure the latest libcurl binary is included in your Ruby bin folder, or any other folder that is in your environment's PATH variable.
+If you are experiencing errors that indicate that `libcurl.dll` could not be loaded, you will need to ensure the latest libcurl binary is included in your Ruby bin folder, or any other folder that is in your environment's PATH variable.
 
-The latest version can be downloaded from http://curl.haxx.se/download.html. As of 16/05/2016, the latest release is marked as ```Win32 2000/XP zip	7.40.0 libcurl SSL```. After downloading the archive, extract the contents of the bin directory into your Ruby bin directory (if prompted, don't overwrite any existing DLLs).
+The latest version can be downloaded from http://curl.haxx.se/download.html. As of 16/05/2016, the latest release is marked as `Win32 2000/XP zip	7.40.0 libcurl SSL`. After downloading the archive, extract the contents of the bin directory into your Ruby bin directory (if prompted, don't overwrite any existing DLLs).
 
 ### How do I use it?
-Open a command prompt / terminal in the directory that you have downloaded WordPress Exploit Framework to, and start it by running ```ruby wpxf.rb```.
+Start the WordPress Exploit Framework console by running `wpxf`.
 
-Once loaded, you'll be presented with the wpxf prompt, from here you can search for modules using the ```search``` command or load a module using the ```use``` command.
+Once loaded, you'll be presented with the wpxf prompt, from here you can search for modules using the `search` command or load a module using the `use` command.
 
-Loading a module into your environment will allow you to set options with the ```set``` command and view information about the module using ```info```.
+Loading a module into your environment will allow you to set options with the `set` command and view information about the module using `info`.
 
 Below is an example of how one would load the symposium_shell_upload exploit module, set the module and payload options and run the exploit against the target.
 
@@ -81,7 +92,7 @@ Exploit modules require you to specify a payload which subsequently gets execute
 * **exec:** runs a shell command on the remote server and returns the output to the WPXF session.
 * **reverse_tcp:** uploads a script that will establish a reverse TCP shell.
 
-All these payloads, with the exception of ```custom``` and the Meterpreter payloads, will delete themselves after they have been executed, to avoid leaving them lying around on the target machine after use or in the event that they are being used to establish a shell which fails.
+All these payloads, with the exception of `custom` and the Meterpreter payloads, will delete themselves after they have been executed, to avoid leaving them lying around on the target machine after use or in the event that they are being used to establish a shell which fails.
 
 ### How can I write my own modules and payloads?
 Guides on writing modules and payloads can be found on [The Wiki](https://github.com/rastating/wordpress-exploit-framework/wiki) and full documentation of the API can be found at http://www.getwpxf.com/.