regex escaping when using variables
This commit is contained in:
Christian Mehlmauer
@@ -1,3 +1,3 @@
|
|||||||
http://.*.rr.nu
|
http://.*\.rr\.nu
|
||||||
http://www.thesea.org/media.php
|
http://www\.thesea\.org/media\.php
|
||||||
|
|
||||||
|
|||||||
@@ -40,7 +40,8 @@ begin
|
|||||||
rescue LoadError => e
|
rescue LoadError => e
|
||||||
puts "[ERROR] #{e}"
|
puts "[ERROR] #{e}"
|
||||||
|
|
||||||
if missing_gem = e.to_s[%r{ -- ([^\s]+)}, 1]
|
missing_gem = e.to_s[%r{ -- ([^\s]+)}, 1]
|
||||||
|
if missing_gem
|
||||||
puts "[TIP] Try to run 'gem install #{missing_gem}' or 'gem install --user-install #{missing_gem}'. If you still get an error, Please see README file or https://github.com/wpscanteam/wpscan"
|
puts "[TIP] Try to run 'gem install #{missing_gem}' or 'gem install --user-install #{missing_gem}'. If you still get an error, Please see README file or https://github.com/wpscanteam/wpscan"
|
||||||
end
|
end
|
||||||
exit(1)
|
exit(1)
|
||||||
|
|||||||
@@ -53,7 +53,8 @@ module Malwares
|
|||||||
malwares_file_path || DATA_DIR + '/malwares.txt'
|
malwares_file_path || DATA_DIR + '/malwares.txt'
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.malware_pattern(url)
|
def self.malware_pattern(url_regex)
|
||||||
%r{<(?:script|iframe).* src=(?:"|')(#{url}[^"']*)(?:"|')[^>]*>}i
|
# no need to escape regex here, because malware.txt contains regex
|
||||||
|
%r{<(?:script|iframe).* src=(?:"|')(#{url_regex}[^"']*)(?:"|')[^>]*>}i
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -54,7 +54,7 @@ class WpDetector
|
|||||||
regex2 = %r{\\?/}
|
regex2 = %r{\\?/}
|
||||||
regex3 = %r{\\?/([^/\\"']+)\\?(?:/|"|')}
|
regex3 = %r{\\?/([^/\\"']+)\\?(?:/|"|')}
|
||||||
# Custom wp-content dir is now used in this regex
|
# Custom wp-content dir is now used in this regex
|
||||||
names = response.body.scan(/#{regex1}#{wp_content_dir}#{regex2}#{type}#{regex3}/i)
|
names = response.body.scan(/#{regex1}#{Regexp.escape(wp_content_dir)}#{regex2}#{Regexp.escape(type)}#{regex3}/i)
|
||||||
|
|
||||||
names.flatten!
|
names.flatten!
|
||||||
names.uniq!
|
names.uniq!
|
||||||
|
|||||||
@@ -93,10 +93,10 @@ class WpTarget
|
|||||||
# Only use the path because domain can be text or an ip
|
# Only use the path because domain can be text or an ip
|
||||||
uri_path = @uri.path
|
uri_path = @uri.path
|
||||||
|
|
||||||
if index_body[/#{uri_path}\/wp-content\/(?:themes|plugins)\//i]
|
if index_body[/#{Regexp.escape(uri_path)}\/wp-content\/(?:themes|plugins)\//i]
|
||||||
@wp_content_dir = "wp-content"
|
@wp_content_dir = "wp-content"
|
||||||
else
|
else
|
||||||
@wp_content_dir = index_body[/(?:href|src)\s*=\s*(?:"|').+#{uri_path}([^"']+)\/(?:themes|plugins)\/.*(?:"|')/i, 1]
|
@wp_content_dir = index_body[/(?:href|src)\s*=\s*(?:"|').+#{Regexp.escape(uri_path)}([^"']+)\/(?:themes|plugins)\/.*(?:"|')/i, 1]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
@wp_content_dir
|
@wp_content_dir
|
||||||
|
|||||||
@@ -72,7 +72,7 @@ describe Browser do
|
|||||||
end
|
end
|
||||||
|
|
||||||
describe "#user_agent" do
|
describe "#user_agent" do
|
||||||
available_user_agents = [ "ua-1", "ua-2", "ua-3", "ua-4", "ua-6", "ua-7", "ua-8", "ua-9", "ua-10" ]
|
available_user_agents = %w{ ua-1 ua-2 ua-3 ua-4 ua-6 ua-7 ua-8 ua-9 ua-10 ua-11 ua-12 ua-13 ua-14 ua-15 ua-16 ua-17}
|
||||||
|
|
||||||
it "should always return the same user agent in static mode" do
|
it "should always return the same user agent in static mode" do
|
||||||
@browser.user_agent = "fake UA"
|
@browser.user_agent = "fake UA"
|
||||||
|
|||||||
Reference in New Issue
Block a user