garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rdoc

Browse Source
This commit is contained in:
Christian Mehlmauer
2012-09-19 22:43:34 +02:00
parent b73c1a6422
commit 1073da25c1
52 changed files with 589 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

136
doc/WpUsernames.html
View File

@@ -59,6 +59,12 @@
<li><a href="#method-i-author_url">#author_url</a></li>
<li><a href="#method-i-extract_real_name_from_body">#extract_real_name_from_body</a></li>
<li><a href="#method-i-get_real_name_from_response">#get_real_name_from_response</a></li>
<li><a href="#method-i-get_real_name_from_url">#get_real_name_from_url</a></li>
<li><a href="#method-i-usernames">#usernames</a></li>
</ul>
@@ -140,6 +146,8 @@
<li><a href="./WpItem.html">WpItem</a></li>
<li><a href="./WpLoginProtection.html">WpLoginProtection</a></li>
<li><a href="./WpOptions.html">WpOptions</a></li>
<li><a href="./WpPlugin.html">WpPlugin</a></li>
@@ -216,7 +224,7 @@
<div class="method-source-code" id="author_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 49</span>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 82</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">author_url</span>(<span class="ruby-identifier">author_id</span>)
<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-node">&quot;?author=#{author_id}&quot;</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>
@@ -230,6 +238,114 @@
</div><!-- author_url-method -->
<div id="extract_real_name_from_body-method" class="method-detail ">
<a name="method-i-extract_real_name_from_body"></a>
<div class="method-heading">
<span class="method-name">extract_real_name_from_body</span><span
class="method-args">(body)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="extract_real_name_from_body-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 78</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">extract_real_name_from_body</span>(<span class="ruby-identifier">body</span>)
<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%{&lt;title&gt;([^&lt;]*)&lt;/title&gt;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
</div><!-- extract_real_name_from_body-source -->
</div>
</div><!-- extract_real_name_from_body-method -->
<div id="get_real_name_from_response-method" class="method-detail ">
<a name="method-i-get_real_name_from_response"></a>
<div class="method-heading">
<span class="method-name">get_real_name_from_response</span><span
class="method-args">(resp)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="get_real_name_from_response-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 70</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_real_name_from_response</span>(<span class="ruby-identifier">resp</span>)
<span class="ruby-identifier">real_name</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">200</span>
<span class="ruby-identifier">real_name</span> = <span class="ruby-identifier">extract_real_name_from_body</span>(<span class="ruby-identifier">resp</span>.<span class="ruby-identifier">body</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">real_name</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- get_real_name_from_response-source -->
</div>
</div><!-- get_real_name_from_response-method -->
<div id="get_real_name_from_url-method" class="method-detail ">
<a name="method-i-get_real_name_from_url"></a>
<div class="method-heading">
<span class="method-name">get_real_name_from_url</span><span
class="method-args">(url)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="get_real_name_from_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/modules/wp_usernames.rb, line 61</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_real_name_from_url</span>(<span class="ruby-identifier">url</span>)
<span class="ruby-identifier">resp</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">url</span>, { <span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span> })
<span class="ruby-identifier">real_name</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">200</span>
<span class="ruby-identifier">real_name</span> = <span class="ruby-identifier">extract_real_name_from_body</span>(<span class="ruby-identifier">resp</span>.<span class="ruby-identifier">body</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">real_name</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- get_real_name_from_url-source -->
</div>
</div><!-- get_real_name_from_url-method -->
<div id="usernames-method" class="method-detail ">
<a name="method-i-usernames"></a>
@@ -263,12 +379,24 @@ href="http://seclists.org/fulldisclosure/2011/May/493">seclists.org/fulldisclosu
<span class="ruby-identifier">usernames</span> = []
<span class="ruby-identifier">range</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">author_id</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">response</span> = <span class="ruby-identifier">browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">author_url</span>(<span class="ruby-identifier">author_id</span>))
<span class="ruby-identifier">url</span> = <span class="ruby-identifier">author_url</span>(<span class="ruby-identifier">author_id</span>)
<span class="ruby-identifier">response</span> = <span class="ruby-identifier">browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">url</span>)
<span class="ruby-identifier">username</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-identifier">real_name</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">301</span> <span class="ruby-comment"># username in location?</span>
<span class="ruby-identifier">usernames</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">headers_hash</span>[<span class="ruby-string">'location'</span>][<span class="ruby-regexp">%{/author/([^/]+)/}</span>, <span class="ruby-value">1</span>]
<span class="ruby-identifier">username</span> = <span class="ruby-identifier">response</span>.<span class="ruby-identifier">headers_hash</span>[<span class="ruby-string">'location'</span>][<span class="ruby-regexp">%{/author/([^/]+)/}</span>, <span class="ruby-value">1</span>]
<span class="ruby-comment"># Get the real name from the redirect site</span>
<span class="ruby-identifier">real_name</span> = <span class="ruby-identifier">get_real_name_from_url</span>(<span class="ruby-identifier">url</span>)
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">200</span> <span class="ruby-comment"># username in body?</span>
<span class="ruby-identifier">usernames</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%{posts by (.*) feed}</span>, <span class="ruby-value">1</span>]
<span class="ruby-identifier">username</span> = <span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%{posts by (.*) feed}</span>, <span class="ruby-value">1</span>]
<span class="ruby-identifier">real_name</span> = <span class="ruby-identifier">get_real_name_from_response</span>(<span class="ruby-identifier">response</span>)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">username</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">nil</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">real_name</span> <span class="ruby-operator">==</span> <span class="ruby-keyword">nil</span>
<span class="ruby-identifier">usernames</span> <span class="ruby-operator">&lt;&lt;</span> { <span class="ruby-value">:id</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">author_id</span>,
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">username</span> <span class="ruby-operator">?</span> <span class="ruby-identifier">username</span> <span class="ruby-operator">:</span> <span class="ruby-string">&quot;empty&quot;</span>,
<span class="ruby-value">:real_name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">real_name</span> <span class="ruby-operator">?</span> <span class="ruby-identifier">real_name</span> <span class="ruby-operator">:</span> <span class="ruby-string">&quot;empty&quot;</span>}
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>