garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rdoc

Browse Source
This commit is contained in:
Christian Mehlmauer
2012-09-15 23:28:33 +02:00
parent 22006f40b8
commit 6565466c85
45 changed files with 290 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
doc/WpTarget.html
View File

@@ -134,6 +134,10 @@
<li><a class="include" href="WpThemes.html">WpThemes</a></li>
<li><a class="include" href="BruteForce.html">BruteForce</a></li>
@@ -228,6 +232,8 @@
<li><a href="./WpTheme.html">WpTheme</a></li>
<li><a href="./WpThemes.html">WpThemes</a></li>
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
@@ -327,7 +333,7 @@
<div class="method-source-code" id="new-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 35</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 36</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">target_url</span>, <span class="ruby-identifier">options</span> = {})
<span class="ruby-ivar">@uri</span> = <span class="ruby-constant">URI</span>.<span class="ruby-identifier">parse</span>(<span class="ruby-identifier">add_trailing_slash</span>(<span class="ruby-identifier">add_http_protocol</span>(<span class="ruby-identifier">target_url</span>)))
<span class="ruby-ivar">@verbose</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:verbose</span>]
@@ -365,7 +371,7 @@
<div class="method-source-code" id="valid_response_codes-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 74</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 76</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">valid_response_codes</span>
[<span class="ruby-value">200</span>, <span class="ruby-value">403</span>, <span class="ruby-value">301</span>, <span class="ruby-value">302</span>]
<span class="ruby-keyword">end</span></pre>
@@ -404,7 +410,7 @@
<div class="method-source-code" id="debug_log_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 114</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 116</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">debug_log_url</span>
<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-node">&quot;#{wp_content_dir()}/debug.log&quot;</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>
@@ -437,7 +443,7 @@
<div class="method-source-code" id="error_404_hash-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 61</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 63</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">error_404_hash</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@error_404_hash</span>
<span class="ruby-identifier">non_existant_page</span> = <span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">MD5</span>.<span class="ruby-identifier">hexdigest</span>(<span class="ruby-identifier">rand</span>(<span class="ruby-value">9999999999</span>).<span class="ruby-identifier">to_s</span>) <span class="ruby-operator">+</span> <span class="ruby-string">&quot;.html&quot;</span>
@@ -478,7 +484,7 @@
<div class="method-source-code" id="has_debug_log-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 108</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 110</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_debug_log?</span>
<span class="ruby-comment"># We only get the first 700 bytes of the file to avoid loading huge file (like 2Go)</span>
<span class="ruby-identifier">response_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">debug_log_url</span>(), <span class="ruby-value">:headers</span> =<span class="ruby-operator">&gt;</span> { <span class="ruby-string">&quot;range&quot;</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;bytes=0-700&quot;</span>}).<span class="ruby-identifier">body</span>
@@ -513,12 +519,13 @@
<div class="method-source-code" id="login_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 49</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 50</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">login_url</span>
<span class="ruby-identifier">url</span> = <span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;wp-login.php&quot;</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-comment"># Let's check if the login url is redirected (to https url for example)</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">redirection</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">redirection</span>(<span class="ruby-identifier">url</span>)
<span class="ruby-identifier">redirection</span> = <span class="ruby-identifier">redirection</span>(<span class="ruby-identifier">url</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">redirection</span>
<span class="ruby-identifier">url</span> = <span class="ruby-identifier">redirection</span>
<span class="ruby-keyword">end</span>
@@ -553,7 +560,7 @@
<div class="method-source-code" id="theme-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 79</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 81</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">theme</span>
<span class="ruby-constant">WpTheme</span>.<span class="ruby-identifier">find</span>(<span class="ruby-ivar">@uri</span>)
<span class="ruby-keyword">end</span></pre>
@@ -586,7 +593,7 @@
<div class="method-source-code" id="url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 45</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 46</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">url</span>
<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>
@@ -619,7 +626,7 @@
<div class="method-source-code" id="version-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 84</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 86</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">version</span>
<span class="ruby-constant">WpVersion</span>.<span class="ruby-identifier">find</span>(<span class="ruby-ivar">@uri</span>)
<span class="ruby-keyword">end</span></pre>
@@ -652,7 +659,7 @@
<div class="method-source-code" id="wp_content_dir-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 88</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 90</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">wp_content_dir</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@wp_content_dir</span>
<span class="ruby-identifier">index_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>
@@ -694,7 +701,7 @@
<div class="method-source-code" id="wp_plugins_dir-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 101</span>
<span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 103</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">wp_plugins_dir</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@wp_plugins_dir</span>
<span class="ruby-ivar">@wp_plugins_dir</span> = <span class="ruby-identifier">wp_content_dir</span>() <span class="ruby-operator">+</span> <span class="ruby-string">&quot;/plugins&quot;</span>