Updates deps

2019-04-24 12:42:18 +01:00
parent f9f307118d
commit 5c842e192b
11 changed files with 26 additions and 32 deletions
--- a/app/finders/interesting_findings/mu_plugins.rb
+++ b/app/finders/interesting_findings/mu_plugins.rb
@@ -9,8 +9,8 @@ module WPScan
        def passive(_opts = {})
          pattern = %r{#{target.content_dir}/mu\-plugins/}i

-          target.in_scope_urls(target.homepage_res) do |url|
-            next unless Addressable::URI.parse(url).path =~ pattern
+          target.in_scope_uris(target.homepage_res) do |uri|
+            next unless uri.path =~ pattern

            url = target.url('wp-content/mu-plugins/')

--- a/app/finders/main_theme/css_style.rb
+++ b/app/finders/main_theme/css_style.rb
@@ -20,10 +20,10 @@ module WPScan
        end

        def passive_from_css_href(res, opts)
-          target.in_scope_urls(res, '//style/@src|//link/@href') do |url|
-            next unless Addressable::URI.parse(url).path =~ %r{/themes/([^\/]+)/style.css\z}i
+          target.in_scope_uris(res, '//style/@src|//link/@href') do |uri|
+            next unless uri.path =~ %r{/themes/([^\/]+)/style.css\z}i

-            return create_theme(Regexp.last_match[1], url, opts)
+            return create_theme(Regexp.last_match[1], uri.to_s, opts)
          end
          nil
        end
--- a/app/finders/users/author_id_brute_forcing.rb
+++ b/app/finders/users/author_id_brute_forcing.rb
@@ -83,8 +83,8 @@ module WPScan
        # @return [ String, nil ] The username found
        def username_from_response(res)
          # Permalink enabled
-          target.in_scope_urls(res, '//link/@href|//a/@href') do |url|
-            username = username_from_author_url(url)
+          target.in_scope_uris(res, '//link/@href|//a/@href') do |uri|
+            username = username_from_author_url(uri.to_s)
            return username if username
          end

--- a/app/finders/users/author_posts.rb
+++ b/app/finders/users/author_posts.rb
@@ -45,9 +45,7 @@ module WPScan
        def potential_usernames(res)
          usernames = []

-          target.in_scope_urls(res, '//a/@href') do |url, node|
-            uri = Addressable::URI.parse(url)
-
+          target.in_scope_uris(res, '//a/@href') do |uri, node|
            if uri.path =~ %r{/author/([^/\b]+)/?\z}i
              usernames << [Regexp.last_match[1], 'Author Pattern', 100]
            elsif /author=[0-9]+/.match?(uri.query)
--- a/app/finders/users/wp_json_api.rb
+++ b/app/finders/users/wp_json_api.rb
@@ -57,9 +57,7 @@ module WPScan
        def api_url
          return @api_url if @api_url

-          target.in_scope_urls(target.homepage_res, "//link[@rel='https://api.w.org/']/@href").each do |url, _tag|
-            uri = Addressable::URI.parse(url.strip)
-
+          target.in_scope_uris(target.homepage_res, "//link[@rel='https://api.w.org/']/@href").each do |uri|
            return @api_url = uri.join('wp/v2/users/').to_s if uri.path.include?('wp-json')
          end

--- a/app/finders/wp_items/urls_in_homepage.rb
+++ b/app/finders/wp_items/urls_in_homepage.rb
@@ -12,8 +12,8 @@ module WPScan
        def items_from_links(type, uniq = true)
          found = []

-          target.in_scope_urls(target.homepage_res) do |url|
-            next unless url =~ item_attribute_pattern(type)
+          target.in_scope_uris(target.homepage_res) do |uri|
+            next unless uri.to_s =~ item_attribute_pattern(type)

            found << Regexp.last_match[1]
          end