diff --git a/app/finders/db_exports/known_locations.rb b/app/finders/db_exports/known_locations.rb index 69ad5cf5..6db29397 100644 --- a/app/finders/db_exports/known_locations.rb +++ b/app/finders/db_exports/known_locations.rb @@ -39,8 +39,7 @@ module WPScan # # @return [ Hash ] def potential_urls(opts = {}) - urls = {} - domain_name = (PublicSuffix.domain(target.uri.host) || target.uri.host)[/(^[\w|-]+)/, 1] + urls = {} File.open(opts[:list]).each_with_index do |path, index| path.gsub!('{domain_name}', domain_name) @@ -51,6 +50,14 @@ module WPScan urls end + def domain_name + @domain_name ||= if Resolv::AddressRegex.match?(target.uri.host) + target.uri.host + else + (PublicSuffix.domain(target.uri.host) || target.uri.host)[/(^[\w|-]+)/, 1] + end + end + def create_progress_bar(opts = {}) super(opts.merge(title: ' Checking DB Exports -')) end diff --git a/lib/wpscan.rb b/lib/wpscan.rb index e8e035dd..95500741 100644 --- a/lib/wpscan.rb +++ b/lib/wpscan.rb @@ -13,6 +13,7 @@ require 'uri' require 'time' require 'readline' require 'securerandom' +require 'resolv' # Monkey Patches/Fixes/Override require 'wpscan/typhoeus/response' # Adds a from_vuln_api? method # Custom Libs diff --git a/spec/app/finders/db_exports/known_locations_spec.rb b/spec/app/finders/db_exports/known_locations_spec.rb index 41cb0ff9..cbcf0546 100644 --- a/spec/app/finders/db_exports/known_locations_spec.rb +++ b/spec/app/finders/db_exports/known_locations_spec.rb @@ -64,6 +64,14 @@ describe WPScan::Finders::DbExports::KnownLocations do expect(finder.potential_urls(opts).keys).to include "#{url}/dc-2.sql" end end + + context 'when an IP address' do + let(:url) { 'http://192.168.1.12' } + + it 'replaces {domain_name} by the IP address' do + expect(finder.potential_urls(opts).keys).to include "#{url}/192.168.1.12.sql" + end + end end describe '#aggressive' do