refactoring

lib/browser.rb

@@ -18,7 +18,7 @@
 
 class Browser
   @@instance = nil
-  @@user_agent_modes = ["static", "semi-static", "random"]
+  @@user_agent_modes = %w{ static semi-static random }
 
   ACCESSOR_OPTIONS = [
     :user_agent,
@@ -149,11 +149,11 @@ class Browser
       params = params.merge(:proxy => @proxy)
     end
 
-    if !params.has_key?(:disable_ssl_host_verification)
+    unless params.has_key?(:disable_ssl_host_verification)
       params = params.merge(:disable_ssl_host_verification => true)
     end
 
-    if !params.has_key?(:disable_ssl_peer_verification)
+    unless params.has_key?(:disable_ssl_peer_verification)
       params = params.merge(:disable_ssl_peer_verification => true)
     end
 
@@ -164,7 +164,7 @@ class Browser
     end
 
     # Used to enable the cache system if :cache_timeout > 0
-    if !params.has_key?(:cache_timeout)
+    unless params.has_key?(:cache_timeout)
       params = params.merge(:cache_timeout => @cache_timeout)
     end
 

lib/cache_file_store.rb

@@ -36,7 +36,7 @@ class CacheFileStore
     @serializer   = serializer
 
     # File.directory? for ruby <= 1.9 otherwise, it makes more sense to do Dir.exist? :/
-    if !File.directory?(@storage_path)
+    unless File.directory?(@storage_path)
       Dir.mkdir(@storage_path)
     end
   end
@@ -56,7 +56,7 @@ class CacheFileStore
   end
 
   def write_entry(key, data_to_store, cache_timeout)
-    if (cache_timeout > 0)
+    if cache_timeout > 0
       File.open(get_entry_file_path(key), 'w') do |f|
         f.write(@serializer.dump(data_to_store))
       end

lib/wpscan/exploit.rb

@@ -74,7 +74,7 @@ class Exploit
       session_spawn_timer = Time.new
       while sessions.nil? or sessions.empty?
         # wait for a session to spawn with a timeout of 1 minute
-        if (Time.now - session_spawn_timer > 60)
+        if Time.now - session_spawn_timer > 60
           puts "[ERROR] Session was not created... exiting."
           return false
         end

lib/wpscan/modules/web_site.rb

@@ -54,6 +54,7 @@ module WebSite
   # see if the remote url returns 30x redirect
   # return a string with the redirection or nil
   def redirection(url = nil)
+    redirection = nil
     url ||= @uri.to_s
     response = Browser.instance.get(url)
 

lib/wpscan/modules/wp_config_backup.rb

@@ -47,10 +47,11 @@ module WpConfigBackup
 
   # @return Array
   def self.config_backup_files
-    [
-      'wp-config.php~','#wp-config.php#','wp-config.php.save','wp-config.php.swp','wp-config.php.swo','wp-config.php_bak',
-      'wp-config.bak', 'wp-config.php.bak', 'wp-config.save'
-    ] # thanks to Feross.org for these
+    %w{
+      wp-config.php~ #wp-config.php# wp-config.php.save wp-config.php.swp wp-config.php.swo wp-config.php_bak
+      wp-config.bak wp-config.php.bak wp-config.save wp-config.old wp-config.php.old wp-config.php.orig
+      wp-config.org wp-config.php.original wp-config.original
+    } # thanks to Feross.org for these
   end
 
 end

lib/wpscan/modules/wp_login_protection.rb

@@ -18,7 +18,7 @@
 
 module WpLoginProtection
 
-  @@login_protection_method_pattern = /^has_(.*)_protection\?/i
+  LOGIN_PROTECTION_METHOD_PATTERN = /^has_(.*)_protection\?/i
   # Used as cache
   @login_protection_plugin = nil
 
@@ -31,10 +31,10 @@ module WpLoginProtection
   # return a WpPlugin object or nil if no one is found
   def login_protection_plugin
     unless @login_protection_plugin
-      protected_methods.grep(@@login_protection_method_pattern).each do |symbol_to_call|
+      protected_methods.grep(LOGIN_PROTECTION_METHOD_PATTERN).each do |symbol_to_call|
 
         if send(symbol_to_call)
-          plugin_name = symbol_to_call[@@login_protection_method_pattern, 1].gsub('_', '-')
+          plugin_name = symbol_to_call[LOGIN_PROTECTION_METHOD_PATTERN, 1].gsub('_', '-')
 
           return @login_protection_plugin = WpPlugin.new(
               :name => plugin_name,

lib/wpscan/msfrpc_client.rb

@@ -71,84 +71,73 @@ class RpcClient
 
   def get_exploit_info(name)
     authenticate()
-    result = @server.call('module.info', @auth_token, 'exploit', name)
-    return result
+    @server.call('module.info', @auth_token, 'exploit', name)
   end
 
   # retrieve exploit options
 
   def get_options(name)
     authenticate()
-    result = @server.call('module.options', @auth_token, 'exploit',name)
-    return result
+    @server.call('module.options', @auth_token, 'exploit',name)
   end
 
   # retrieve the exploit payloads
 
   def get_payloads(name)
     authenticate()
-    result = @server.call('module.compatible_payloads', @auth_token, name)
-    return result
+    @server.call('module.compatible_payloads', @auth_token, name)
   end
 
   # execute exploit
 
   def exploit(name, opts)
     authenticate()
-    result = @server.call('module.execute', @auth_token, 'exploit', name, opts)
-    return result
+    @server.call('module.execute', @auth_token, 'exploit', name, opts)
   end
  
   # list msf jobs
 
   def jobs()
     authenticate()
-    result = @server.call('job.list', @auth_token)
-    return result
+    @server.call('job.list', @auth_token)
   end
 
   # list msf sessions
 
   def sessions()
     authenticate()
-    result = @server.call('session.list', @auth_token)
-    return result
+    @server.call('session.list', @auth_token)
   end
 
   # kill msf session
 
   def kill_session(id)
     authenticate()
-    result = @server.call('session.stop', @auth_token, id)
-    return result
+    @server.call('session.stop', @auth_token, id)
   end
 
   # reads any pending output from session
 
   def read_shell(id)
     authenticate()
-    result = @server.call('session.shell_read', @auth_token, id)
-    return result
+    @server.call('session.shell_read', @auth_token, id)
   end
 
   # writes the specified input into the session
 
   def write_shell(id, data)
     authenticate()
-    result = @server.call('session.shell_write', @auth_token, id, data)
-    return result
+    @server.call('session.shell_write', @auth_token, id, data)
   end
 
   def meterpreter_read(id)
     authenticate()
-    result = @server.call('session.meterpreter_read', @auth_token, id)
-    return result
+    @server.call('session.meterpreter_read', @auth_token, id)
   end
 
   def meterpreter_write(id, data)
     authenticate()
-    result = @server.call('session.meterpreter_write', @auth_token, id, data)
-    return result
+    @server.call('session.meterpreter_write', @auth_token, id, data)
   end
 
 end

lib/wpscan/wp_detector.rb

@@ -36,7 +36,7 @@ class WpDetector
           break
         end
       end
-      if not already_present
+      unless already_present
         result << enum_result
       end
     end

lib/wpscan/wp_enumerator.rb

@@ -94,7 +94,7 @@ class WpEnumerator
     type              = options[:type]
     targets_url       = []
 
-    if only_vulnerable == false
+    unless only_vulnerable
       # Open and parse the 'most popular' plugin list...
       File.open(file, 'r') do |f|
         f.readlines.collect do |line|

lib/wpscan/wp_theme.rb

@@ -58,7 +58,8 @@ class WpTheme < WpItem
   def self.find_from_css_link(target_uri)
     response = Browser.instance.get(target_uri.to_s, { :follow_location => true, :max_redirects => 2 })
 
-    if matches = %r{https?://[^"']+/themes/([^"']+)/style.css}i.match(response.body)
+    matches = %r{https?://[^"']+/themes/([^"']+)/style.css}i.match(response.body)
+    if matches
       style_url = matches[0]
       theme_name = matches[1]
 
@@ -76,7 +77,8 @@ class WpTheme < WpItem
     body = Browser.instance.get(target_uri.to_s).body
     regexp = %r{<meta name="generator" content="([^\s"]+)\s?([^"]+)?" />\s+<meta name="generator" content="WooFramework\s?([^"]+)?" />}
 
-    if matches = regexp.match(body)
+    matches = regexp.match(body)
+    if matches
       woo_theme_name        = matches[1]
       woo_theme_version     = matches[2]
       woo_framework_version = matches[3] # Not used at this time

lib/wpscan/wpscan_options.rb

@@ -176,7 +176,8 @@ class WpscanOptions
     if value =~ /u/
       @enumerate_usernames = true
       # Check for usernames range
-      if matches = %r{\[([\d]+)-([\d]+)\]}.match(value)
+      matches = %r{\[([\d]+)-([\d]+)\]}.match(value)
+      if matches
         @enumerate_usernames_range = (matches[1].to_i..matches[2].to_i)
       end
     end

lib/wpstools/generate_list.rb

@@ -92,8 +92,7 @@ class Generate_List
     @hydra.run
 
     found_items.sort!
-    found_items.uniq!
-    return found_items
+    found_items.uniq
   end
 
   # Save the file

lib/wpstools/parse_svn.rb

@@ -36,8 +36,7 @@ class Svn_Parser
       dirs = get_root_directories
     end
     urls = get_svn_project_urls(dirs)
-    entries = get_svn_file_entries(urls)
-    return entries
+    get_svn_file_entries(urls)
   end
 
   #Private methods start here
@@ -51,8 +50,7 @@ class Svn_Parser
       dirs << dir[0]
     end
     dirs.sort!
-    dirs.uniq!
-    return dirs
+    dirs.uniq
   end
 
   def get_svn_project_urls(dirs)
@@ -89,7 +87,7 @@ class Svn_Parser
       end
     end
     @svn_hydra.run
-    return urls
+    urls
   end
   
   # Get a file in each directory
@@ -124,7 +122,7 @@ class Svn_Parser
       end
     end
     @svn_hydra.run
-    return entries
+    entries
   end
 
   def contains_trunk(body)
@@ -132,6 +130,6 @@ class Svn_Parser
     if !!(body =~ %r[<li><a href="trunk/">trunk/</a></li>]i)
       contains = true
     end
-    return contains
+    contains
   end
 end

spec/lib/wpscan/modules/wp_login_protection_spec.rb

@@ -35,7 +35,7 @@ shared_examples_for "WpLoginProtection" do
   # there is not false positive : for example the login-lock must not be detected as login-lockdown
   describe "#has_.*_protection?" do
 
-    pattern         = WpLoginProtection.class_variable_get(:@@login_protection_method_pattern)
+    pattern         = WpLoginProtection::LOGIN_PROTECTION_METHOD_PATTERN
     fixtures        =
         %w{
             wp-login-clean.php wp-login-login_lockdown.php wp-login-login_lock.php