garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

more advanced version detection

Browse Source
This commit is contained in:
Christian Mehlmauer
2016-05-31 14:51:09 +02:00
parent 5118c68f45
commit 0243522854
4 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/common/models/wp_item/findable.rb
View File

@@ -9,8 +9,7 @@ class WpItem
#
# @return [ void ]
def found_from=(method)
found = method[%r{find_from_(.*)}, 1]
@found_from = found.gsub('_', ' ') if found
@found_from = method.to_s.to_s.gsub(/find_from_/, '').gsub(/_/, ' ')
end
module Findable

2
lib/common/models/wp_theme/findable.rb
View File

@@ -11,7 +11,7 @@ class WpTheme < WpItem
def find(target_uri)
methods.grep(/^find_from_/).each do |method|
if wp_theme = self.send(method, target_uri)
wp_theme.found_from = method
wp_theme.found_from = method.to_s
return wp_theme
end

15
lib/common/models/wp_version/findable.rb
View File

@@ -12,6 +12,7 @@ class WpVersion < WpItem
#
# @return [ WpVersion ]
def find(target_uri, wp_content_dir, wp_plugins_dir, versions_xml)
versions = {}
methods.grep(/^find_from_/).each do |method|
if method === :find_from_advanced_fingerprinting
@@ -21,9 +22,21 @@ class WpVersion < WpItem
end
if version
return new(target_uri, number: version, found_from: method)
if versions.key?(version)
versions[version] << method.to_s
else
versions[version] = [ method.to_s ]
end
end
end
if versions.length > 0
determined_version = versions.max_by { |k, v| v.length }
if determined_version
return new(target_uri, number: determined_version[0], found_from: determined_version[1].join(', '))
end
end
nil
end

2
lib/common/models/wp_version/output.rb
View File

@@ -12,7 +12,7 @@ class WpVersion < WpItem
puts " | Released: #{metadata[:release_date]}"
puts " | Changelog: #{metadata[:changelog_url]}"
else
puts info("WordPress version #{self.number} identified from #{self.found_from} #{"(Released on #{metadata[:release_date]})" if metadata[:release_date]}")
puts info("WordPress version #{self.number} #{"(Released on #{metadata[:release_date]}) identified from #{self.found_from}" if metadata[:release_date]}")
end
vulnerabilities = self.vulnerabilities