garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

more advanced version detection

Browse Source
This commit is contained in:
Christian Mehlmauer
2016-05-31 14:51:09 +02:00
parent 5118c68f45
commit 0243522854
4 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/common/models/wp_item/findable.rb
View File

@@ -9,8 +9,7 @@ class WpItem
# #
# @return [ void ] # @return [ void ]
def found_from=(method) def found_from=(method)
found = method[%r{find_from_(.*)}, 1] @found_from = method.to_s.to_s.gsub(/find_from_/, '').gsub(/_/, ' ')
@found_from = found.gsub('_', ' ') if found
end end
module Findable module Findable

2
lib/common/models/wp_theme/findable.rb
View File

@@ -11,7 +11,7 @@ class WpTheme < WpItem
def find(target_uri) def find(target_uri)
methods.grep(/^find_from_/).each do |method| methods.grep(/^find_from_/).each do |method|
if wp_theme = self.send(method, target_uri) if wp_theme = self.send(method, target_uri)
wp_theme.found_from = method wp_theme.found_from = method.to_s
return wp_theme return wp_theme
end end

15
lib/common/models/wp_version/findable.rb
View File

@@ -12,6 +12,7 @@ class WpVersion < WpItem
# #
# @return [ WpVersion ] # @return [ WpVersion ]
def find(target_uri, wp_content_dir, wp_plugins_dir, versions_xml) def find(target_uri, wp_content_dir, wp_plugins_dir, versions_xml)
versions = {}
methods.grep(/^find_from_/).each do |method| methods.grep(/^find_from_/).each do |method|
if method === :find_from_advanced_fingerprinting if method === :find_from_advanced_fingerprinting
@@ -21,9 +22,21 @@ class WpVersion < WpItem
end end
if version if version
return new(target_uri, number: version, found_from: method) if versions.key?(version)
versions[version] << method.to_s
else
versions[version] = [ method.to_s ]
end end
end end
end
if versions.length > 0
determined_version = versions.max_by { |k, v| v.length }
if determined_version
return new(target_uri, number: determined_version[0], found_from: determined_version[1].join(', '))
end
end
nil nil
end end

2
lib/common/models/wp_version/output.rb
View File

@@ -12,7 +12,7 @@ class WpVersion < WpItem
puts " | Released: #{metadata[:release_date]}" puts " | Released: #{metadata[:release_date]}"
puts " | Changelog: #{metadata[:changelog_url]}" puts " | Changelog: #{metadata[:changelog_url]}"
else else
puts info("WordPress version #{self.number} identified from #{self.found_from} #{"(Released on #{metadata[:release_date]})" if metadata[:release_date]}") puts info("WordPress version #{self.number} #{"(Released on #{metadata[:release_date]}) identified from #{self.found_from}" if metadata[:release_date]}")
end end
vulnerabilities = self.vulnerabilities vulnerabilities = self.vulnerabilities