diff --git a/lib/browser.rb b/lib/browser.rb
index d6f18eaf..a7cca277 100644
--- a/lib/browser.rb
+++ b/lib/browser.rb
@@ -18,7 +18,7 @@
class Browser
@@instance = nil
- @@user_agent_modes = ["static", "semi-static", "random"]
+ @@user_agent_modes = %w{ static semi-static random }
ACCESSOR_OPTIONS = [
:user_agent,
@@ -80,12 +80,12 @@ class Browser
# return the user agent, according to the user_agent_mode
def user_agent
case @user_agent_mode
- when "semi-static"
- unless @user_agent
+ when "semi-static"
+ unless @user_agent
+ @user_agent = @available_user_agents.sample
+ end
+ when "random"
@user_agent = @available_user_agents.sample
- end
- when "random"
- @user_agent = @available_user_agents.sample
end
@user_agent
end
@@ -149,11 +149,11 @@ class Browser
params = params.merge(:proxy => @proxy)
end
- if !params.has_key?(:disable_ssl_host_verification)
+ unless params.has_key?(:disable_ssl_host_verification)
params = params.merge(:disable_ssl_host_verification => true)
end
- if !params.has_key?(:disable_ssl_peer_verification)
+ unless params.has_key?(:disable_ssl_peer_verification)
params = params.merge(:disable_ssl_peer_verification => true)
end
@@ -164,7 +164,7 @@ class Browser
end
# Used to enable the cache system if :cache_timeout > 0
- if !params.has_key?(:cache_timeout)
+ unless params.has_key?(:cache_timeout)
params = params.merge(:cache_timeout => @cache_timeout)
end
diff --git a/lib/cache_file_store.rb b/lib/cache_file_store.rb
index e154b186..f3ad7275 100644
--- a/lib/cache_file_store.rb
+++ b/lib/cache_file_store.rb
@@ -36,7 +36,7 @@ class CacheFileStore
@serializer = serializer
# File.directory? for ruby <= 1.9 otherwise, it makes more sense to do Dir.exist? :/
- if !File.directory?(@storage_path)
+ unless File.directory?(@storage_path)
Dir.mkdir(@storage_path)
end
end
@@ -56,7 +56,7 @@ class CacheFileStore
end
def write_entry(key, data_to_store, cache_timeout)
- if (cache_timeout > 0)
+ if cache_timeout > 0
File.open(get_entry_file_path(key), 'w') do |f|
f.write(@serializer.dump(data_to_store))
end
diff --git a/lib/wpscan/exploit.rb b/lib/wpscan/exploit.rb
index ef13560d..b5ecabc3 100644
--- a/lib/wpscan/exploit.rb
+++ b/lib/wpscan/exploit.rb
@@ -74,7 +74,7 @@ class Exploit
session_spawn_timer = Time.new
while sessions.nil? or sessions.empty?
# wait for a session to spawn with a timeout of 1 minute
- if (Time.now - session_spawn_timer > 60)
+ if Time.now - session_spawn_timer > 60
puts "[ERROR] Session was not created... exiting."
return false
end
diff --git a/lib/wpscan/modules/web_site.rb b/lib/wpscan/modules/web_site.rb
index 2b5a3628..d7b96e88 100644
--- a/lib/wpscan/modules/web_site.rb
+++ b/lib/wpscan/modules/web_site.rb
@@ -54,6 +54,7 @@ module WebSite
# see if the remote url returns 30x redirect
# return a string with the redirection or nil
def redirection(url = nil)
+ redirection = nil
url ||= @uri.to_s
response = Browser.instance.get(url)
diff --git a/lib/wpscan/modules/wp_config_backup.rb b/lib/wpscan/modules/wp_config_backup.rb
index 2846b8b3..9414d224 100644
--- a/lib/wpscan/modules/wp_config_backup.rb
+++ b/lib/wpscan/modules/wp_config_backup.rb
@@ -47,10 +47,11 @@ module WpConfigBackup
# @return Array
def self.config_backup_files
- [
- 'wp-config.php~','#wp-config.php#','wp-config.php.save','wp-config.php.swp','wp-config.php.swo','wp-config.php_bak',
- 'wp-config.bak', 'wp-config.php.bak', 'wp-config.save'
- ] # thanks to Feross.org for these
+ %w{
+ wp-config.php~ #wp-config.php# wp-config.php.save wp-config.php.swp wp-config.php.swo wp-config.php_bak
+ wp-config.bak wp-config.php.bak wp-config.save wp-config.old wp-config.php.old wp-config.php.orig
+ wp-config.org wp-config.php.original wp-config.original
+ } # thanks to Feross.org for these
end
end
diff --git a/lib/wpscan/modules/wp_login_protection.rb b/lib/wpscan/modules/wp_login_protection.rb
index a9a70379..f86c7e70 100644
--- a/lib/wpscan/modules/wp_login_protection.rb
+++ b/lib/wpscan/modules/wp_login_protection.rb
@@ -18,7 +18,7 @@
module WpLoginProtection
- @@login_protection_method_pattern = /^has_(.*)_protection\?/i
+ LOGIN_PROTECTION_METHOD_PATTERN = /^has_(.*)_protection\?/i
# Used as cache
@login_protection_plugin = nil
@@ -31,10 +31,10 @@ module WpLoginProtection
# return a WpPlugin object or nil if no one is found
def login_protection_plugin
unless @login_protection_plugin
- protected_methods.grep(@@login_protection_method_pattern).each do |symbol_to_call|
+ protected_methods.grep(LOGIN_PROTECTION_METHOD_PATTERN).each do |symbol_to_call|
if send(symbol_to_call)
- plugin_name = symbol_to_call[@@login_protection_method_pattern, 1].gsub('_', '-')
+ plugin_name = symbol_to_call[LOGIN_PROTECTION_METHOD_PATTERN, 1].gsub('_', '-')
return @login_protection_plugin = WpPlugin.new(
:name => plugin_name,
diff --git a/lib/wpscan/msfrpc_client.rb b/lib/wpscan/msfrpc_client.rb
index d9c73cf4..49d3a980 100644
--- a/lib/wpscan/msfrpc_client.rb
+++ b/lib/wpscan/msfrpc_client.rb
@@ -71,84 +71,73 @@ class RpcClient
def get_exploit_info(name)
authenticate()
- result = @server.call('module.info', @auth_token, 'exploit', name)
- return result
+ @server.call('module.info', @auth_token, 'exploit', name)
end
# retrieve exploit options
def get_options(name)
authenticate()
- result = @server.call('module.options', @auth_token, 'exploit',name)
- return result
+ @server.call('module.options', @auth_token, 'exploit',name)
end
# retrieve the exploit payloads
def get_payloads(name)
authenticate()
- result = @server.call('module.compatible_payloads', @auth_token, name)
- return result
+ @server.call('module.compatible_payloads', @auth_token, name)
end
# execute exploit
def exploit(name, opts)
authenticate()
- result = @server.call('module.execute', @auth_token, 'exploit', name, opts)
- return result
+ @server.call('module.execute', @auth_token, 'exploit', name, opts)
end
# list msf jobs
def jobs()
authenticate()
- result = @server.call('job.list', @auth_token)
- return result
+ @server.call('job.list', @auth_token)
end
# list msf sessions
def sessions()
authenticate()
- result = @server.call('session.list', @auth_token)
- return result
+ @server.call('session.list', @auth_token)
end
# kill msf session
def kill_session(id)
authenticate()
- result = @server.call('session.stop', @auth_token, id)
- return result
+ @server.call('session.stop', @auth_token, id)
end
# reads any pending output from session
def read_shell(id)
authenticate()
- result = @server.call('session.shell_read', @auth_token, id)
- return result
+ @server.call('session.shell_read', @auth_token, id)
end
# writes the specified input into the session
def write_shell(id, data)
authenticate()
- result = @server.call('session.shell_write', @auth_token, id, data)
- return result
+ @server.call('session.shell_write', @auth_token, id, data)
end
def meterpreter_read(id)
authenticate()
- result = @server.call('session.meterpreter_read', @auth_token, id)
- return result
+ @server.call('session.meterpreter_read', @auth_token, id)
end
def meterpreter_write(id, data)
authenticate()
- result = @server.call('session.meterpreter_write', @auth_token, id, data)
- return result
+ @server.call('session.meterpreter_write', @auth_token, id, data)
end
end
diff --git a/lib/wpscan/wp_detector.rb b/lib/wpscan/wp_detector.rb
index fffc491b..ff8fe6b7 100644
--- a/lib/wpscan/wp_detector.rb
+++ b/lib/wpscan/wp_detector.rb
@@ -36,7 +36,7 @@ class WpDetector
break
end
end
- if not already_present
+ unless already_present
result << enum_result
end
end
diff --git a/lib/wpscan/wp_enumerator.rb b/lib/wpscan/wp_enumerator.rb
index ac2919a7..d9f85602 100644
--- a/lib/wpscan/wp_enumerator.rb
+++ b/lib/wpscan/wp_enumerator.rb
@@ -94,7 +94,7 @@ class WpEnumerator
type = options[:type]
targets_url = []
- if only_vulnerable == false
+ unless only_vulnerable
# Open and parse the 'most popular' plugin list...
File.open(file, 'r') do |f|
f.readlines.collect do |line|
diff --git a/lib/wpscan/wp_theme.rb b/lib/wpscan/wp_theme.rb
index 7e7c2d95..ac3c0217 100644
--- a/lib/wpscan/wp_theme.rb
+++ b/lib/wpscan/wp_theme.rb
@@ -58,7 +58,8 @@ class WpTheme < WpItem
def self.find_from_css_link(target_uri)
response = Browser.instance.get(target_uri.to_s, { :follow_location => true, :max_redirects => 2 })
- if matches = %r{https?://[^"']+/themes/([^"']+)/style.css}i.match(response.body)
+ matches = %r{https?://[^"']+/themes/([^"']+)/style.css}i.match(response.body)
+ if matches
style_url = matches[0]
theme_name = matches[1]
@@ -76,7 +77,8 @@ class WpTheme < WpItem
body = Browser.instance.get(target_uri.to_s).body
regexp = %r{\s+}
- if matches = regexp.match(body)
+ matches = regexp.match(body)
+ if matches
woo_theme_name = matches[1]
woo_theme_version = matches[2]
woo_framework_version = matches[3] # Not used at this time
diff --git a/lib/wpscan/wpscan_options.rb b/lib/wpscan/wpscan_options.rb
index bd94a0da..4f31aefb 100644
--- a/lib/wpscan/wpscan_options.rb
+++ b/lib/wpscan/wpscan_options.rb
@@ -176,7 +176,8 @@ class WpscanOptions
if value =~ /u/
@enumerate_usernames = true
# Check for usernames range
- if matches = %r{\[([\d]+)-([\d]+)\]}.match(value)
+ matches = %r{\[([\d]+)-([\d]+)\]}.match(value)
+ if matches
@enumerate_usernames_range = (matches[1].to_i..matches[2].to_i)
end
end
diff --git a/lib/wpstools/generate_list.rb b/lib/wpstools/generate_list.rb
index e51705d0..8f87c48d 100644
--- a/lib/wpstools/generate_list.rb
+++ b/lib/wpstools/generate_list.rb
@@ -92,8 +92,7 @@ class Generate_List
@hydra.run
found_items.sort!
- found_items.uniq!
- return found_items
+ found_items.uniq
end
# Save the file
diff --git a/lib/wpstools/parse_svn.rb b/lib/wpstools/parse_svn.rb
index aa61e667..486f6b07 100644
--- a/lib/wpstools/parse_svn.rb
+++ b/lib/wpstools/parse_svn.rb
@@ -36,8 +36,7 @@ class Svn_Parser
dirs = get_root_directories
end
urls = get_svn_project_urls(dirs)
- entries = get_svn_file_entries(urls)
- return entries
+ get_svn_file_entries(urls)
end
#Private methods start here
@@ -51,8 +50,7 @@ class Svn_Parser
dirs << dir[0]
end
dirs.sort!
- dirs.uniq!
- return dirs
+ dirs.uniq
end
def get_svn_project_urls(dirs)
@@ -89,7 +87,7 @@ class Svn_Parser
end
end
@svn_hydra.run
- return urls
+ urls
end
# Get a file in each directory
@@ -124,7 +122,7 @@ class Svn_Parser
end
end
@svn_hydra.run
- return entries
+ entries
end
def contains_trunk(body)
@@ -132,6 +130,6 @@ class Svn_Parser
if !!(body =~ %r[trunk/]i)
contains = true
end
- return contains
+ contains
end
end
diff --git a/spec/lib/wpscan/modules/wp_login_protection_spec.rb b/spec/lib/wpscan/modules/wp_login_protection_spec.rb
index 7ee4c9cd..801508b7 100644
--- a/spec/lib/wpscan/modules/wp_login_protection_spec.rb
+++ b/spec/lib/wpscan/modules/wp_login_protection_spec.rb
@@ -35,7 +35,7 @@ shared_examples_for "WpLoginProtection" do
# there is not false positive : for example the login-lock must not be detected as login-lockdown
describe "#has_.*_protection?" do
- pattern = WpLoginProtection.class_variable_get(:@@login_protection_method_pattern)
+ pattern = WpLoginProtection::LOGIN_PROTECTION_METHOD_PATTERN
fixtures =
%w{
wp-login-clean.php wp-login-login_lockdown.php wp-login-login_lock.php