WPScan files

2012-07-11 22:49:18 +02:00
parent 6da2da90f7
commit 3d78cbc4ac
190 changed files with 43701 additions and 0 deletions
--- a/lib/updater/git_updater.rb
+++ b/lib/updater/git_updater.rb
@@ -0,0 +1,40 @@
+#
+# WPScan - WordPress Security Scanner
+# Copyright (C) 2011  Ryan Dewhurst AKA ethicalhack3r
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require File.expand_path(File.dirname(__FILE__) + '/updater')
+
+class GitUpdater < Updater
+
+  def is_installed?
+    %x[git #{repo_directory_arguments()} status 2>&1] =~ /On branch/ ? true : false
+  end
+
+  def local_revision_number
+    # TODO
+  end
+
+  def update
+    %x[git #{repo_directory_arguments()} pull]
+  end
+
+  protected
+  def repo_directory_arguments
+    '--git-dir="#{@repo_directory}.git" --work-tree="#{@repo_directory}"'
+  end
+
+end
--- a/lib/updater/svn_updater.rb
+++ b/lib/updater/svn_updater.rb
@@ -0,0 +1,39 @@
+#
+# WPScan - WordPress Security Scanner
+# Copyright (C) 2011  Ryan Dewhurst AKA ethicalhack3r
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require File.expand_path(File.dirname(__FILE__) + '/updater')
+
+class SvnUpdater < Updater
+
+  @@revision_pattern = /revision="(\d+)"/i
+  @@trunk_url        = "https://wpscan.googlecode.com/svn/trunk"
+
+  def is_installed?
+    %x[svn info "#{@repo_directory}" --xml 2>&1] =~ /revision=/ ? true : false
+  end
+
+  def local_revision_number
+    local_revision = %x[svn info "#{@repo_directory}" --xml 2>&1]
+    local_revision[@@revision_pattern, 1].to_s
+  end
+
+  def update
+    puts %x[svn up "#{@repo_directory}"]
+  end
+
+end
--- a/lib/updater/updater.rb
+++ b/lib/updater/updater.rb
@@ -0,0 +1,47 @@
+#
+# WPScan - WordPress Security Scanner
+# Copyright (C) 2011  Ryan Dewhurst AKA ethicalhack3r
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+# This class act as an absract one
+class Updater
+
+  attr_reader :repo_directory
+
+  # TODO : add a last '/ to repo_directory if it's not present
+  def initialize(repo_directory = nil)
+    @repo_directory = repo_directory
+  end
+
+  def is_installed?
+    raise_must_be_implemented()
+  end
+
+  def local_revision_number
+    raise_must_be_implemented()
+  end
+
+  def update
+    raise_must_be_implemented()
+  end
+
+  protected
+
+  def raise_must_be_implemented
+    raise "The method must be implemented"
+  end
+
+end
--- a/lib/updater/updater_factory.rb
+++ b/lib/updater/updater_factory.rb
@@ -0,0 +1,39 @@
+#
+# WPScan - WordPress Security Scanner
+# Copyright (C) 2011  Ryan Dewhurst AKA ethicalhack3r
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+class UpdaterFactory
+
+  def self.get_updater(repo_directory)
+    self.available_updaters_classes().each do |updater_symbol|
+      updater = Object.const_get(updater_symbol).new(repo_directory)
+
+      if updater.is_installed?
+        return updater
+      end
+    end
+    nil
+  end
+
+  protected
+
+  # return array of class symbols
+  def self.available_updaters_classes
+    Object.constants.grep(/^.+Updater$/)
+  end
+
+end