Fixes #1322

2019-03-22 20:20:07 +00:00
parent 8b18204a69
commit 231f5157bf
8 changed files with 63 additions and 45 deletions
--- a/lib/wpscan/finders.rb
+++ b/lib/wpscan/finders.rb
@@ -39,9 +39,6 @@ module WPScan
        #
        # @yield [ Typhoeus::Response, String ]
        def enumerate(urls, opts = {})
-          determine_request_params(urls, opts)
-          # determine_valid_response_codes(opts)
-
          create_progress_bar(opts.merge(total: urls.size))

          urls.each do |url, slug|
@@ -59,6 +56,11 @@ module WPScan
          hydra.run
        end

+        # @return [ Hash ]
+        def request_params
+          @request_params ||= target.head_or_get_request_params.merge(cache_ttl: 0)
+        end
+
        # @param [ Typhoeus::Response ] res
        # @param [ Regexp,nil ] exclude_content
        #
@@ -71,7 +73,9 @@ module WPScan

          # Perform a full get to check if homepage or custom 404
          if res.code == 200
-            full_res = Browser.get(res.effective_url, cache_ttl: 0)
+            # The cache is not disabled to avoid additional request/s when checking
+            # for directory listing
+            full_res = Browser.get(res.effective_url)

            return false if target.homepage_or_404?(full_res) ||
                            exclude_content && full_res.body.match(exclude_content)
@@ -81,23 +85,6 @@ module WPScan
        end
        # rubocop:enable Metrics/PerceivedComplexity

-        # @return [ Hash ]
-        def request_params
-          @request_params ||= { cache_ttl: 0 }
-        end
-
-        # @param [ Hash ] urls
-        # @param [ Hash ] opts
-        def determine_request_params(urls, _opts)
-          head_res = Browser.head(urls.first[0], cache_ttl: 0)
-
-          @request_params = if head_res.code == 405
-                              { method: :get, maxfilesize: 1, cache_ttl: 0 }
-                            else
-                              { method: :head, cache_ttl: 0 }
-                            end
-        end
-
        # @return [ Array<Integer> ]
        def valid_response_codes
          @valid_response_codes ||= [200, 401, 403, 301]
--- a/lib/wpscan/target.rb
+++ b/lib/wpscan/target.rb
@@ -5,6 +5,15 @@ module WPScan
  class Target < CMSScanner::Target
    include Platform::WordPress

+    # @return [ Hash ]
+    def head_or_get_request_params
+      @head_or_get_request_params ||= if Browser.head(url).code == 405
+                                        { method: :get, maxfilesize: 1 }
+                                      else
+                                        { method: :head }
+                                      end
+    end
+
    # @return [ Boolean ]
    def vulnerable?
      [@wp_version, @main_theme, @plugins, @themes, @timthumbs].each do |e|