garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixes #661 - Don't hash directories named like a file

Browse Source
This commit is contained in:
erwanlr
2014-08-14 17:42:08 +02:00
parent 4ef1387781
commit 30a07f037e
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/wpstools/plugins/checker/checker_plugin.rb
View File

@@ -82,17 +82,19 @@ class CheckerPlugin < Plugin
end end
def check_local_vulnerable_files(dir_to_scan) def check_local_vulnerable_files(dir_to_scan)
if Dir::exist?(dir_to_scan) if Dir.exist?(dir_to_scan)
xml_file = LOCAL_FILES_FILE xml_file = LOCAL_FILES_FILE
local_hashes = {} local_hashes = {}
file_extension_to_scan = '*.{js,php,swf,html,htm}' file_extension_to_scan = '*.{js,php,swf,html,htm}'
print '[+] Generating local hashes ... ' print '[+] Generating local hashes ... '
Dir[File::join(dir_to_scan, '**', file_extension_to_scan)].each do |filename| Dir[File.join(dir_to_scan, '**', file_extension_to_scan)]
.select { |f| File.file?(f) }
.each do |filename|
sha1sum = Digest::SHA1.file(filename).hexdigest sha1sum = Digest::SHA1.file(filename).hexdigest
if local_hashes.has_key?(sha1sum) if local_hashes.key?(sha1sum)
local_hashes[sha1sum] << filename local_hashes[sha1sum] << filename
else else
local_hashes[sha1sum] = [filename] local_hashes[sha1sum] = [filename]