From 2fe675abce87249862bbdaa39f1db44c5dff9808 Mon Sep 17 00:00:00 2001 From: Christian Mehlmauer Date: Wed, 3 Dec 2014 23:37:24 +0100 Subject: [PATCH] remove malwares --- lib/common/db_updater.rb | 2 +- lib/wpscan/wp_target.rb | 2 - lib/wpscan/wp_target/malwares.rb | 50 -------------------- spec/lib/wpscan/wp_target_spec.rb | 1 - spec/shared_examples/wp_target/malwares.rb | 55 ---------------------- wpscan.rb | 11 ----- 6 files changed, 1 insertion(+), 120 deletions(-) delete mode 100644 lib/wpscan/wp_target/malwares.rb delete mode 100644 spec/shared_examples/wp_target/malwares.rb diff --git a/lib/common/db_updater.rb b/lib/common/db_updater.rb index 897e71b8..812b31ff 100644 --- a/lib/common/db_updater.rb +++ b/lib/common/db_updater.rb @@ -3,7 +3,7 @@ # DB Updater class DbUpdater FILES = %w( - local_vulnerable_files.xml local_vulnerable_files.xsd malwares.txt + local_vulnerable_files.xml local_vulnerable_files.xsd plugins_full.txt plugins.txt themes_full.txt themes.txt timthumbs.txt user-agents.txt wp_versions.xml wp_versions.xsd plugin_vulns.json theme_vulns.json wp_vulns.json diff --git a/lib/wpscan/wp_target.rb b/lib/wpscan/wp_target.rb index e52abb21..50e0a19e 100644 --- a/lib/wpscan/wp_target.rb +++ b/lib/wpscan/wp_target.rb @@ -1,7 +1,6 @@ # encoding: UTF-8 require 'web_site' -require 'wp_target/malwares' require 'wp_target/wp_readme' require 'wp_target/wp_registrable' require 'wp_target/wp_config_backup' @@ -11,7 +10,6 @@ require 'wp_target/wp_custom_directories' require 'wp_target/wp_full_path_disclosure' class WpTarget < WebSite - include WpTarget::Malwares include WpTarget::WpReadme include WpTarget::WpRegistrable include WpTarget::WpConfigBackup diff --git a/lib/wpscan/wp_target/malwares.rb b/lib/wpscan/wp_target/malwares.rb deleted file mode 100644 index 0fcb5223..00000000 --- a/lib/wpscan/wp_target/malwares.rb +++ /dev/null @@ -1,50 +0,0 @@ -# encoding: UTF-8 - -class WpTarget < WebSite - module Malwares - # Used as cache : - # nil => malwares not checked, - # [] => no malwares, - # otherwise array of malwares url found - @malwares = nil - - def has_malwares?(malwares_file_path = nil) - !malwares(malwares_file_path).empty? - end - - # return array of string (url of malwares found) - def malwares(malwares_file_path = nil) - unless @malwares - malwares_found = [] - malwares_file = Malwares.malwares_file(malwares_file_path) - index_page_body = Browser.get(@uri.to_s).body - - File.open(malwares_file, 'r') do |file| - file.readlines.collect do |url| - chomped_url = url.chomp - - if chomped_url.length > 0 - malwares_found += index_page_body.scan(Malwares.malware_pattern(chomped_url)) - end - end - end - - malwares_found.flatten! - malwares_found.uniq! - - @malwares = malwares_found - end - @malwares - end - - def self.malwares_file(malwares_file_path) - malwares_file_path || DATA_DIR + '/malwares.txt' - end - - def self.malware_pattern(url_regex) - # no need to escape regex here, because malware.txt contains regex - %r{<(?:script|iframe).* src=(?:"|')(#{url_regex}[^"']*)(?:"|')[^>]*>}i - end - - end -end diff --git a/spec/lib/wpscan/wp_target_spec.rb b/spec/lib/wpscan/wp_target_spec.rb index e6878b16..f191a1e4 100644 --- a/spec/lib/wpscan/wp_target_spec.rb +++ b/spec/lib/wpscan/wp_target_spec.rb @@ -18,7 +18,6 @@ describe WpTarget do before { Browser::reset } - it_behaves_like 'WpTarget::Malwares' it_behaves_like 'WpTarget::WpReadme' it_behaves_like 'WpTarget::WpRegistrable' it_behaves_like 'WpTarget::WpConfigBackup' diff --git a/spec/shared_examples/wp_target/malwares.rb b/spec/shared_examples/wp_target/malwares.rb deleted file mode 100644 index b4aabccf..00000000 --- a/spec/shared_examples/wp_target/malwares.rb +++ /dev/null @@ -1,55 +0,0 @@ -# encoding: UTF-8 - -shared_examples 'WpTarget::Malwares' do - - let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_TARGET_DIR + '/malwares' } - let(:malwares_file) { fixtures_dir + '/malwares.txt' } - - describe '#malwares_file' do - it 'returns the correct file path' do - expect(WpTarget::Malwares.malwares_file(malwares_file)).to be === malwares_file - end - end - - describe '#malwares & #has_malwares' do - after :each do - if @fixture - stub_request_to_fixture( - url: wp_target.url, fixture: File.new(File.join(fixtures_dir, @fixture)) - ) - end - - malwares = wp_target.malwares(malwares_file) - - expect(malwares.sort).to be === @expected.sort - expect(wp_target.has_malwares?).to be === (@expected.empty? ? false : true) - end - - it 'returns an empty array on a 404' do - stub_request(:get, wp_target.url).to_return(status: 404) - - @expected = [] - end - - it 'returns an array empty array if no infection found' do - @fixture = '/clean.html' - @expected = [] - end - - it 'returns an array with 1 malware url (.rr.nu check)' do - @fixture = '/single-infection.html' - @expected = ['http://irstde24clined.rr.nu/mm.php?d=1'] - end - - it 'returns an array with 1 malware url (iframe check)' do - @fixture = '/single-iframe-infection.html' - @expected = ['http://www.thesea.org/media.php'] - end - - it 'returns an array with 3 malwares url' do - @fixture = '/multiple-infections.html' - @expected = ['http://irstde24clined.rr.nu/mm.php?d=1', 'http://atio79srem.rr.nu/pmg.php?dr=1', 'http://www.thesea.org/media.php'] - end - end - -end diff --git a/wpscan.rb b/wpscan.rb index c114d636..6cc9821c 100755 --- a/wpscan.rb +++ b/wpscan.rb @@ -192,17 +192,6 @@ def main puts "#{warning('[!]')} Upload directory has directory listing enabled: #{wp_target.upload_dir_url}" end - if wp_target.has_malwares? - malwares = wp_target.malwares - puts "#{critical('[!]')} #{malwares.size} malware(s) found:" - - malwares.each do |malware_url| - puts - puts ' | ' + critical("#{malware_url}") - end - puts - end - enum_options = { show_progression: true, exclude_content: wpscan_options.exclude_content_based