Closed pvdl closed 10 years ago
I was and still am against any colour (I know that there is currently colour in WPScan, I lost that fight a while ago :p) in the output for the following reasons:
Having all things align left mean that in your 2) example, a quick look might result in 'there are 3 unrelated findings' which would be wrong: the 2 vulns identified are related to the plugin found
4) - yea new tags !
What about a new cli option --no-colors?
Yes, a --no-colors or --color is an good idea! Maybe we also need to make a better 'View' part (MVC) in WPScan. It makes it easier to output in more formats also BTW I agree with @erwanlr's comment.
The MVC part is planned in the CMSScanner gem (there is a draft of it in the mvc-pattern branch of WPScan), but I am struggling with some dependencies injections & other things which need to be thought first :/
@erwanlr 2) The '|' characters binds the plugin with the related vulns. It more less unfolds it as one item with its vulns if found.
I am working on the layout as described.
If you want to see it:
git checkout layout-423
Do your WPScan stuf here
Not happy with the new colors?
git checkout master
@FireFart Can you assist with the --no-color switch? It can be made very basic. Depending on the switch the method 'colorize' in lib/common/common_helper.rb needs to be adjusted. Something like
def colorize(text, color_code)
if no-color
"#{text}"
else
"\e[#{color_code}m#{text}\e[0m"
end
By-passing a variable in a method is not correct programming This is a better try:
def colorize(text, color_code, colorswitch)
if colorswitch
"\e[#{color_code}m#{text}\e[0m"
else
"#{text}"
end
@FireFart, @erwanlr, @ethicalhack3r,
Please try it:
This branch is only the second bullet point!! (no-color option can be done later)
git checkout layout-423
Switch back:
git checkout master
I merged the master branch over because of the typhoeus issue
Thanks for confirming. I saw a lot 'red errors' on my screen. Is this easy to fix? Or should I do my 'homework' again?
I am afraid this branch is a little bit messed up now! I will take the good part out of it and remove the messed-up branch afterwards. Focus is on point 2. Remove indent of the vulnerabilities
Yeah it was the red error :D I added a commit to make the color output nicer. Tell me what you think.
Why do you think it's messed up?`The changes are visible here: https://github.com/wpscanteam/wpscan/compare/layout-423
I've done some work on the CMSScanner gem and the formatting to show you how easy it will be to create/override a formatter (e.g https://github.com/wpscanteam/CMSScanner/commit/3542828ef02ef460ffe5ff65149d040d0be15012 where the cli-no-colour overrides the cli and disable the colour in all output ;))
@FireFart, aha. I did not a compare between the branches, but saw all the commits in the layout-branch. All these commits are to make the layout-branch as much equal to the master branch.
A bundele install
solved the red errors.
All is fine now!
No colours:
'Pipe' terminal output through:
sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]//g"
This command removes the 'Terminal Escape Sequence codes'
What do you say about @pvdl 's changes to the layout branch? Should me merge it?
Ok there are some merge conflicts :(
@FireFart , I'll try to solve it and merge it. Be patient. This week less time.
1 - Introduce 'bold' to distinguish chapters. So e.g. these line become also bold, so you see more easily when a new chapter begins.
2 - Remove indent of the vulnerabilities I like to have it all aligned left. Current:
New:
3 - Vulnerability red text to normal color. In some case it is more friendly to read. Only the [!] tag is red.
4 - Introduce some new [] tags I don't have a purpose for now, but maybe useful in the future [-] amber colored. Warning [i] blue colored Informational. (Fixed in?) [*] Chapter xyz. (No color, bold) [?] Question / interaction (BTW there is already one!)
Please share your thoughts...