From 07a60071bdf41c46e67a4a81fd948091e233b1a0 Mon Sep 17 00:00:00 2001 From: Erwan Date: Wed, 12 Sep 2012 17:11:21 +0200 Subject: [PATCH] Detection of the wp-content directory improved --- lib/wpscan/wp_target.rb | 4 ++-- .../wp_content_dir/wordpress-3.4.1-in-plugins.htm | 8 ++++++++ spec/lib/wpscan/wp_target_spec.rb | 6 ++++++ 3 files changed, 16 insertions(+), 2 deletions(-) create mode 100644 spec/fixtures/wpscan/wp_target/wp_content_dir/wordpress-3.4.1-in-plugins.htm diff --git a/lib/wpscan/wp_target.rb b/lib/wpscan/wp_target.rb index 15d50054..1988ce5d 100644 --- a/lib/wpscan/wp_target.rb +++ b/lib/wpscan/wp_target.rb @@ -84,10 +84,10 @@ class WpTarget unless @wp_content_dir index_body = Browser.instance.get(@uri.to_s).body - if index_body[%r{/wp-content/themes/}i] + if index_body[%r{/wp-content/(?:themes|plugins)/}i] @wp_content_dir = "wp-content" else - @wp_content_dir = index_body[%r{(?:href|src)=(?:"|')#{@uri}/?(.*)/themes/.*(?:"|')}i, 1] + @wp_content_dir = index_body[%r{(?:href|src)=(?:"|')#{@uri}/?([^"']+)/(?:themes|plugins)/.*(?:"|')}i, 1] end end @wp_content_dir diff --git a/spec/fixtures/wpscan/wp_target/wp_content_dir/wordpress-3.4.1-in-plugins.htm b/spec/fixtures/wpscan/wp_target/wp_content_dir/wordpress-3.4.1-in-plugins.htm new file mode 100644 index 00000000..029b688f --- /dev/null +++ b/spec/fixtures/wpscan/wp_target/wp_content_dir/wordpress-3.4.1-in-plugins.htm @@ -0,0 +1,8 @@ + + + + + Hello + + + diff --git a/spec/lib/wpscan/wp_target_spec.rb b/spec/lib/wpscan/wp_target_spec.rb index 254aa58a..5f978220 100644 --- a/spec/lib/wpscan/wp_target_spec.rb +++ b/spec/lib/wpscan/wp_target_spec.rb @@ -121,6 +121,12 @@ describe WpTarget do @expected = "wp-content" end + it "should find the location even if the src or href goes in the plugins dir" do + @target_url = "http://wordpress-3.4.1-in-plugins.htm" + @fixture = fixtures_dir + "/wordpress-3.4.1-in-plugins.htm" + @expected = "wp-content" + end + end describe "#wp_plugins_dir" do