diff --git a/data/wp_versions.xml b/data/wp_versions.xml
index d590e342..75e57778 100644
--- a/data/wp_versions.xml
+++ b/data/wp_versions.xml
@@ -26,41 +26,35 @@ ryandewhurst at gmail
Position is important, DO NOT change anything unless you know what you are doing :p
-->
-
+
- 1
- 3.5
+ 3.5
- 1
- 3.4.2
+ 3.4.2
- 1
- 3.4.1
+ 3.4.1
- 1
- 3.4
+ 3.4
- 1
- 3.4-beta4
+ 3.4-beta4
- 1
- 3.3.2
+ 3.3.2
@@ -70,8 +64,7 @@ ryandewhurst at gmail
- 1
- 3.3.1
+ 3.3.1
@@ -80,13 +73,11 @@ ryandewhurst at gmail
- 1
- 3.2.1
+ 3.2.1
- 1
- 3.2
+ 3.2
@@ -95,8 +86,7 @@ ryandewhurst at gmail
- 1
- 3.3
+ 3.3
@@ -105,8 +95,7 @@ ryandewhurst at gmail
- 1
- 3.1
+ 3.1
@@ -115,8 +104,7 @@ ryandewhurst at gmail
- 1
- 3.0
+ 3.0
@@ -125,18 +113,15 @@ ryandewhurst at gmail
- 1
- 2.8.6
+ 2.8.6
- 1
- 2.8.5
+ 2.8.5
- 1
- 2.8.2
+ 2.8.2
@@ -145,8 +130,7 @@ ryandewhurst at gmail
- 1
- 2.7.1
+ 2.7.1
@@ -155,8 +139,7 @@ ryandewhurst at gmail
- 1
- 2.7
+ 2.7
@@ -165,8 +148,7 @@ ryandewhurst at gmail
- 1
- 2.6
+ 2.6
@@ -175,8 +157,7 @@ ryandewhurst at gmail
- 1
- 2.5.1
+ 2.5.1
@@ -185,8 +166,7 @@ ryandewhurst at gmail
- 1
- 2.5
+ 2.5
@@ -195,8 +175,7 @@ ryandewhurst at gmail
- 1
- 2.2
+ 2.2
@@ -205,13 +184,11 @@ ryandewhurst at gmail
- 1
- 2.0.1
+ 2.0.1
- 1
- 2.0
+ 2.0
@@ -220,13 +197,11 @@ ryandewhurst at gmail
- 1
- 1.2.1
+ 1.2.1
- 1
- 1.2-delta
+ 1.2-delta
@@ -234,10 +209,9 @@ ryandewhurst at gmail
- 1
- 0.71-gold
+ 0.71-gold
-
+
diff --git a/lib/wpscan/wp_version.rb b/lib/wpscan/wp_version.rb
index 7d4c8cfa..c18e50bf 100644
--- a/lib/wpscan/wp_version.rb
+++ b/lib/wpscan/wp_version.rb
@@ -80,7 +80,7 @@ class WpVersion < Vulnerable
target_uri = options[:base_url]
response = Browser.instance.get(target_uri.merge("feed/rdf/").to_s, {:follow_location => true, :max_redirects => 2})
- response.body[%r{}i, 1]
+ response.body[%r{}i, 1]
end
# Attempts to find the WordPress version from,
@@ -118,18 +118,6 @@ class WpVersion < Vulnerable
# wordpress version.
#
# It does this by using client side file hashing
- # with a scoring system.
- #
- # The scoring system is a number representing
- # the uniqueness of a client side file across
- # all versions of wordpress.
- #
- # Example:
- #
- # Score - Hash - File - Versions
- # 1 - 3e63c08553696a1dedb24b22ef6783c3 - /wp-content/themes/twentyeleven/style.css - 3.2.1
- # 2 - 15fc925fd39bb496871e842b2a754c76 - /wp-includes/js/wp-lists.js - 2.6,2.5.1
- # 3 - 3f03bce84d1d2a169b4bf4d8a0126e38 - /wp-includes/js/autosave.js - 2.9.2,2.9.1,2.9
#
# /!\ Warning : this method might return false positive if the file used for fingerprinting is part of a theme (they can be updated)
#
@@ -151,7 +139,7 @@ class WpVersion < Vulnerable
node.search('hash').each do |hash|
if hash.attribute('md5').text == md5sum
- return hash.search('versions').text
+ return hash.search('version').text
end
end
end
diff --git a/spec/fixtures/wpscan/wp_version/advanced/wp_versions.xml b/spec/fixtures/wpscan/wp_version/advanced/wp_versions.xml
index 4383dce8..c90e7533 100644
--- a/spec/fixtures/wpscan/wp_version/advanced/wp_versions.xml
+++ b/spec/fixtures/wpscan/wp_version/advanced/wp_versions.xml
@@ -29,13 +29,11 @@ ryandewhurst at gmail
- 1
- 3.2.1
+ 3.2.1
- 1
- 3.2
+ 3.2
diff --git a/spec/lib/wpscan/wp_version_spec.rb b/spec/lib/wpscan/wp_version_spec.rb
index c183bfd0..1a1d663f 100644
--- a/spec/lib/wpscan/wp_version_spec.rb
+++ b/spec/lib/wpscan/wp_version_spec.rb
@@ -226,23 +226,26 @@ describe WpVersion do
@fixture = fixtures_dir + "/readme-3.3.2.html"
@expected = "3.3.2"
end
-
+
it "should return nil if it's not a valid version, must contains at least one '.'" do
@fixture = fixtures_dir + "/invalid_version.html"
@expected = nil
- end
+ end
end
describe "#find_from_advanced_fingerprinting" do
let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_VERSION_DIR + "/advanced" }
it "should return 3.2.1" do
- stub_request_to_fixture(:url => @target_uri.merge("wp-admin/js/wp-fullscreen.js").to_s,
- :status => 200,
- :fixture => "#{fixtures_dir}/3.2.1.js")
- version = WpVersion.find_from_advanced_fingerprinting(:base_url => @target_uri,
- :wp_content_dir => "wp-content",
- :version_xml => "#{fixtures_dir}/wp_versions.xml")
+ stub_request_to_fixture(
+ :url => @target_uri.merge("wp-admin/js/wp-fullscreen.js").to_s,
+ :fixture => "#{fixtures_dir}/3.2.1.js"
+ )
+ version = WpVersion.find_from_advanced_fingerprinting(
+ :base_url => @target_uri,
+ :wp_content_dir => "wp-content",
+ :version_xml => "#{fixtures_dir}/wp_versions.xml"
+ )
version.should == "3.2.1"
end
end
@@ -251,17 +254,19 @@ describe WpVersion do
let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_VERSION_DIR + "/opml" }
it "should return 3.4.2" do
- stub_request_to_fixture(:url => @target_uri.merge("wp-links-opml.php").to_s,
- :status => 200,
- :fixture => "#{fixtures_dir}/wp-links-opml.xml")
+ stub_request_to_fixture(
+ :url => @target_uri.merge("wp-links-opml.php").to_s,
+ :fixture => "#{fixtures_dir}/wp-links-opml.xml"
+ )
version = WpVersion.find_from_links_opml(:base_url => @target_uri)
version.should == "3.4.2"
end
it "should return nil" do
- stub_request_to_fixture(:url => @target_uri.merge("wp-links-opml.php").to_s,
- :status => 200,
- :fixture => "#{fixtures_dir}/wp-links-opml-nogenerator.xml")
+ stub_request_to_fixture(
+ :url => @target_uri.merge("wp-links-opml.php").to_s,
+ :fixture => "#{fixtures_dir}/wp-links-opml-nogenerator.xml"
+ )
version = WpVersion.find_from_links_opml(:base_url => @target_uri)
version.should be_nil
end
@@ -282,9 +287,10 @@ describe WpVersion do
# All requests get a HTTP 404
stub_request(:any, /.*/).to_return(:status => 404)
# Wordpress Version 3.2.1
- stub_request_to_fixture(:url => @target_uri.merge("wp-admin/js/wp-fullscreen.js").to_s,
- :status => 200,
- :fixture => "#{fixtures_dir}/3.2.1.js")
+ stub_request_to_fixture(
+ :url => @target_uri.merge("wp-admin/js/wp-fullscreen.js").to_s,
+ :fixture => "#{fixtures_dir}/3.2.1.js"
+ )
version = WpVersion.find(@target_uri, "wp-content")
version.number.should == "3.2.1"
version.discovery_method.should == "advanced fingerprinting"