garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs

Browse Source
This commit is contained in:
Christian Mehlmauer
2013-01-27 01:16:44 +01:00
parent 60a6f16ddd
commit 1afe12657f
38 changed files with 3644 additions and 437 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
doc/WpPlugins.html
View File

@@ -224,22 +224,24 @@
<div class="method-source-code" id="plugins_from_aggressive_detection-source">
<pre><span class="ruby-comment"># File lib/wpscan/modules/wp_plugins.rb, line 24</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">plugins_from_aggressive_detection</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>].<span class="ruby-identifier">nil?</span> <span class="ruby-keyword">or</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">==</span> <span class="ruby-string">''</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] = <span class="ruby-constant">PLUGINS_VULNS_FILE</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:file</span>] = <span class="ruby-identifier">options</span>[<span class="ruby-value">:file</span>] <span class="ruby-operator">||</span> (<span class="ruby-identifier">options</span>[<span class="ruby-value">:full</span>] <span class="ruby-operator">?</span> <span class="ruby-constant">PLUGINS_FULL_FILE</span> <span class="ruby-operator">:</span> <span class="ruby-constant">PLUGINS_FILE</span>)
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] = (<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">!=</span> <span class="ruby-keyword">nil</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">!=</span> <span class="ruby-string">&quot;&quot;</span>) <span class="ruby-operator">?</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">:</span> <span class="ruby-constant">PLUGINS_VULNS_FILE</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath</span>] = <span class="ruby-node">&quot;//plugin[@name='#{@name}']/vulnerability&quot;</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath_2</span>] = <span class="ruby-string">&quot;//plugin&quot;</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:type</span>] = <span class="ruby-string">&quot;plugins&quot;</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath_2</span>] = <span class="ruby-string">'//plugin'</span>
<span class="ruby-identifier">options</span>[<span class="ruby-value">:type</span>] = <span class="ruby-string">'plugins'</span>
<span class="ruby-identifier">result</span> = <span class="ruby-constant">WpDetector</span>.<span class="ruby-identifier">aggressive_detection</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">plugins</span> = []
<span class="ruby-identifier">result</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">r</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">plugins</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-constant">WpPlugin</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-value">:base_url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">base_url</span>,
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">path</span>,
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">wp_content_dir</span>,
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">name</span>,
<span class="ruby-value">:type</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;plugins&quot;</span>,
<span class="ruby-value">:wp_plugins_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">wp_plugins_dir</span>
<span class="ruby-identifier">base_url</span><span class="ruby-operator">:</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">base_url</span>,
<span class="ruby-identifier">path</span><span class="ruby-operator">:</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">path</span>,
<span class="ruby-identifier">wp_content_dir</span><span class="ruby-operator">:</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">wp_content_dir</span>,
<span class="ruby-identifier">name</span><span class="ruby-operator">:</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">name</span>,
<span class="ruby-identifier">type</span><span class="ruby-operator">:</span> <span class="ruby-string">'plugins'</span>,
<span class="ruby-identifier">wp_plugins_dir</span><span class="ruby-operator">:</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">wp_plugins_dir</span>
)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">plugins</span>.<span class="ruby-identifier">sort_by</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">p</span><span class="ruby-operator">|</span> <span class="ruby-identifier">p</span>.<span class="ruby-identifier">name</span> }
@@ -278,19 +280,19 @@ plugins can be found in the source code :</p>
<div class="method-source-code" id="plugins_from_passive_detection-source">
<pre><span class="ruby-comment"># File lib/wpscan/modules/wp_plugins.rb, line 52</span>
<pre><span class="ruby-comment"># File lib/wpscan/modules/wp_plugins.rb, line 54</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">plugins_from_passive_detection</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">plugins</span> = []
<span class="ruby-identifier">temp</span> = <span class="ruby-constant">WpDetector</span>.<span class="ruby-identifier">passive_detection</span>(<span class="ruby-identifier">options</span>[<span class="ruby-value">:base_url</span>], <span class="ruby-string">&quot;plugins&quot;</span>, <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>])
<span class="ruby-identifier">temp</span> = <span class="ruby-constant">WpDetector</span>.<span class="ruby-identifier">passive_detection</span>(<span class="ruby-identifier">options</span>[<span class="ruby-value">:base_url</span>], <span class="ruby-string">'plugins'</span>, <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>])
<span class="ruby-identifier">temp</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">item</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">plugins</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-constant">WpPlugin</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-value">:base_url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>.<span class="ruby-identifier">base_url</span>,
<span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>.<span class="ruby-identifier">name</span>,
<span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>.<span class="ruby-identifier">path</span>,
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>],
<span class="ruby-value">:type</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;plugins&quot;</span>,
<span class="ruby-value">:wp_plugins_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_plugins_dir</span>]
<span class="ruby-identifier">base_url</span><span class="ruby-operator">:</span> <span class="ruby-identifier">item</span>.<span class="ruby-identifier">base_url</span>,
<span class="ruby-identifier">name</span><span class="ruby-operator">:</span> <span class="ruby-identifier">item</span>.<span class="ruby-identifier">name</span>,
<span class="ruby-identifier">path</span><span class="ruby-operator">:</span> <span class="ruby-identifier">item</span>.<span class="ruby-identifier">path</span>,
<span class="ruby-identifier">wp_content_dir</span><span class="ruby-operator">:</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>],
<span class="ruby-identifier">type</span><span class="ruby-operator">:</span> <span class="ruby-string">'plugins'</span>,
<span class="ruby-identifier">wp_plugins_dir</span><span class="ruby-operator">:</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_plugins_dir</span>]
)
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">plugins</span>.<span class="ruby-identifier">sort_by</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">p</span><span class="ruby-operator">|</span> <span class="ruby-identifier">p</span>.<span class="ruby-identifier">name</span> }