garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rdoc

Browse Source
This commit is contained in:
Christian Mehlmauer
2012-09-15 23:28:33 +02:00
parent 22006f40b8
commit 6565466c85
45 changed files with 290 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

125
doc/WpscanOptions.html
View File

@@ -79,10 +79,14 @@
<li><a href="#method-i-enumerate_only_vulnerable_plugins-3D">#enumerate_only_vulnerable_plugins=</a></li>
<li><a href="#method-i-enumerate_only_vulnerable_themes-3D">#enumerate_only_vulnerable_themes=</a></li>
<li><a href="#method-i-enumerate_options_from_string">#enumerate_options_from_string</a></li>
<li><a href="#method-i-enumerate_plugins-3D">#enumerate_plugins=</a></li>
<li><a href="#method-i-enumerate_themes-3D">#enumerate_themes=</a></li>
<li><a href="#method-i-has_options-3F">#has_options?</a></li>
<li><a href="#method-i-proxy-3D">#proxy=</a></li>
@@ -190,6 +194,8 @@
<li><a href="./WpTheme.html">WpTheme</a></li>
<li><a href="./WpThemes.html">WpThemes</a></li>
<li><a href="./WpTimthumbs.html">WpTimthumbs</a></li>
<li><a href="./WpUsernames.html">WpUsernames</a></li>
@@ -266,7 +272,7 @@ href="WpscanOptions.html">WpscanOptions</a></p>
<div class="method-source-code" id="load_from_arguments-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 111</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 134</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">load_from_arguments</span>
<span class="ruby-identifier">wpscan_options</span> = <span class="ruby-constant">WpscanOptions</span>.<span class="ruby-identifier">new</span>
@@ -307,9 +313,14 @@ href="WpscanOptions.html">WpscanOptions</a></p>
<div class="method-source-code" id="new-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 45</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 47</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>
<span class="ruby-ivar">@enumerate_plugins</span> = <span class="ruby-keyword">false</span>
<span class="ruby-ivar">@enumerate_themes</span> = <span class="ruby-keyword">false</span>
<span class="ruby-ivar">@enumerate_only_vulnerable_plugins</span> = <span class="ruby-keyword">false</span>
<span class="ruby-ivar">@enumerate_only_vulnerable_themes</span> = <span class="ruby-keyword">false</span>
<span class="ruby-ivar">@enumerate_timthumbs</span> = <span class="ruby-keyword">false</span>
<span class="ruby-ivar">@enumerate_usernames</span> = <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- new-source -->
@@ -349,7 +360,7 @@ any remaining - by _</p>
<div class="method-source-code" id="clean_option-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 194</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 221</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">clean_option</span>(<span class="ruby-identifier">option</span>)
<span class="ruby-identifier">cleaned_option</span> = <span class="ruby-identifier">option</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp">/^--?/</span>, <span class="ruby-string">''</span>)
<span class="ruby-identifier">cleaned_option</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp">/-/</span>, <span class="ruby-string">'_'</span>)
@@ -384,7 +395,7 @@ any remaining - by _</p>
<div class="method-source-code" id="get_opt_long-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 166</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 193</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">get_opt_long</span>
<span class="ruby-constant">GetoptLong</span>.<span class="ruby-identifier">new</span>(
[<span class="ruby-string">&quot;--url&quot;</span>, <span class="ruby-string">&quot;-u&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
@@ -432,7 +443,7 @@ any remaining - by _</p>
<div class="method-source-code" id="is_long_option-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 185</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 212</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">is_long_option?</span>(<span class="ruby-identifier">option</span>)
<span class="ruby-constant">ACCESSOR_OPTIONS</span>.<span class="ruby-identifier">include?</span>(<span class="ruby-value">:&quot;#{WpscanOptions.clean_option(option)}&quot;</span>)
<span class="ruby-keyword">end</span></pre>
@@ -465,7 +476,7 @@ any remaining - by _</p>
<div class="method-source-code" id="option_to_instance_variable_setter-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 199</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 226</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">option_to_instance_variable_setter</span>(<span class="ruby-identifier">option</span>)
<span class="ruby-identifier">cleaned_option</span> = <span class="ruby-constant">WpscanOptions</span>.<span class="ruby-identifier">clean_option</span>(<span class="ruby-identifier">option</span>)
<span class="ruby-identifier">option_syms</span> = <span class="ruby-constant">ACCESSOR_OPTIONS</span>.<span class="ruby-identifier">grep</span>(<span class="ruby-node">%{^#{cleaned_option}}</span>)
@@ -507,7 +518,7 @@ any remaining - by _</p>
<div class="method-source-code" id="enumerate_only_vulnerable_plugins-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 83</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 90</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_only_vulnerable_plugins=</span>(<span class="ruby-identifier">enumerate_only_vulnerable_plugins</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_only_vulnerable_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> <span class="ruby-ivar">@enumerate_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;You can't enumerate plugins and only vulnerable plugins at the same time, please choose only one&quot;</span>
@@ -525,6 +536,43 @@ any remaining - by _</p>
</div><!-- enumerate_only_vulnerable_plugins-3D-method -->
<div id="enumerate_only_vulnerable_themes-3D-method" class="method-detail ">
<a name="method-i-enumerate_only_vulnerable_themes-3D"></a>
<div class="method-heading">
<span class="method-name">enumerate_only_vulnerable_themes=</span><span
class="method-args">(enumerate_only_vulnerable_themes)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="enumerate_only_vulnerable_themes-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 106</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_only_vulnerable_themes=</span>(<span class="ruby-identifier">enumerate_only_vulnerable_themes</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_only_vulnerable_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> <span class="ruby-ivar">@enumerate_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;You can't enumerate themes and only vulnerable themes at the same time, please choose only one&quot;</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@enumerate_only_vulnerable_themes</span> = <span class="ruby-identifier">enumerate_only_vulnerable_themes</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- enumerate_only_vulnerable_themes-3D-source -->
</div>
</div><!-- enumerate_only_vulnerable_themes-3D-method -->
<div id="enumerate_options_from_string-method" class="method-detail ">
<a name="method-i-enumerate_options_from_string"></a>
@@ -548,7 +596,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<div class="method-source-code" id="enumerate_options_from_string-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 146</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 169</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_options_from_string</span>(<span class="ruby-identifier">value</span>)
<span class="ruby-comment"># Usage of self is mandatory because there are overridden setters</span>
<span class="ruby-keyword">self</span>.<span class="ruby-identifier">enumerate_only_vulnerable_plugins</span> = <span class="ruby-keyword">true</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">value</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/p!/</span>
@@ -557,6 +605,10 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<span class="ruby-ivar">@enumerate_timthumbs</span> = <span class="ruby-keyword">true</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">value</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/t/</span>
<span class="ruby-keyword">self</span>.<span class="ruby-identifier">enumerate_only_vulnerable_themes</span> = <span class="ruby-keyword">true</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">value</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/T!/</span>
<span class="ruby-keyword">self</span>.<span class="ruby-identifier">enumerate_themes</span> = <span class="ruby-keyword">true</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">value</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/T(?!!)/</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">value</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/u/</span>
<span class="ruby-ivar">@enumerate_usernames</span> = <span class="ruby-keyword">true</span>
<span class="ruby-comment"># Check for usernames range</span>
@@ -595,7 +647,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<div class="method-source-code" id="enumerate_plugins-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 75</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 82</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_plugins=</span>(<span class="ruby-identifier">enumerate_plugins</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> <span class="ruby-ivar">@enumerate_only_vulnerable_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;You can't enumerate plugins and only vulnerable plugins at the same time, please choose only one&quot;</span>
@@ -613,6 +665,43 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
</div><!-- enumerate_plugins-3D-method -->
<div id="enumerate_themes-3D-method" class="method-detail ">
<a name="method-i-enumerate_themes-3D"></a>
<div class="method-heading">
<span class="method-name">enumerate_themes=</span><span
class="method-args">(enumerate_themes)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="enumerate_themes-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 98</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_themes=</span>(<span class="ruby-identifier">enumerate_themes</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> <span class="ruby-ivar">@enumerate_only_vulnerable_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;You can't enumerate themes and only vulnerable themes at the same time, please choose only one&quot;</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@enumerate_themes</span> = <span class="ruby-identifier">enumerate_themes</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- enumerate_themes-3D-source -->
</div>
</div><!-- enumerate_themes-3D-method -->
<div id="has_options-3F-method" class="method-detail ">
<a name="method-i-has_options-3F"></a>
@@ -632,7 +721,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<div class="method-source-code" id="has_options-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 91</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 114</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_options?</span>
<span class="ruby-operator">!</span><span class="ruby-identifier">to_h</span>.<span class="ruby-identifier">empty?</span>
<span class="ruby-keyword">end</span></pre>
@@ -665,7 +754,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
<div class="method-source-code" id="proxy-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 67</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 74</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">proxy=</span>(<span class="ruby-identifier">proxy</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">proxy</span>.<span class="ruby-identifier">index</span>(<span class="ruby-string">':'</span>) <span class="ruby-operator">==</span> <span class="ruby-keyword">nil</span>
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Invalid proxy format. Should be host:port.&quot;</span>
@@ -703,7 +792,7 @@ value</p>
<div class="method-source-code" id="set_option_from_cli-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 125</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 148</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">set_option_from_cli</span>(<span class="ruby-identifier">cli_option</span>, <span class="ruby-identifier">cli_value</span>)
<span class="ruby-keyword">if</span> <span class="ruby-constant">WpscanOptions</span>.<span class="ruby-identifier">is_long_option?</span>(<span class="ruby-identifier">cli_option</span>)
@@ -713,7 +802,7 @@ value</p>
)
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">cli_option</span> <span class="ruby-operator">===</span> <span class="ruby-string">&quot;--enumerate&quot;</span> <span class="ruby-comment"># Special cases</span>
<span class="ruby-comment"># Default value if no argument is given</span>
<span class="ruby-identifier">cli_value</span> = <span class="ruby-string">&quot;tup!&quot;</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">cli_value</span>.<span class="ruby-identifier">length</span> <span class="ruby-operator">==</span> <span class="ruby-value">0</span>
<span class="ruby-identifier">cli_value</span> = <span class="ruby-string">&quot;Ttup!&quot;</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">cli_value</span>.<span class="ruby-identifier">length</span> <span class="ruby-operator">==</span> <span class="ruby-value">0</span>
<span class="ruby-identifier">enumerate_options_from_string</span>(<span class="ruby-identifier">cli_value</span>)
<span class="ruby-keyword">else</span>
@@ -749,7 +838,7 @@ value</p>
<div class="method-source-code" id="threads-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 55</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 62</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">threads=</span>(<span class="ruby-identifier">threads</span>)
<span class="ruby-ivar">@threads</span> = <span class="ruby-identifier">threads</span>.<span class="ruby-identifier">is_a?</span>(<span class="ruby-constant">Integer</span>) <span class="ruby-operator">?</span> <span class="ruby-identifier">threads</span> <span class="ruby-operator">:</span> <span class="ruby-identifier">threads</span>.<span class="ruby-identifier">to_i</span>
<span class="ruby-keyword">end</span></pre>
@@ -782,7 +871,7 @@ value</p>
<div class="method-source-code" id="to_h-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 96</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 119</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">to_h</span>
<span class="ruby-identifier">options</span> = {}
@@ -824,7 +913,7 @@ value</p>
<div class="method-source-code" id="url-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 49</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 56</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">url=</span>(<span class="ruby-identifier">url</span>)
<span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Empty URL given&quot;</span> <span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">url</span>
@@ -859,7 +948,7 @@ value</p>
<div class="method-source-code" id="wordlist-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 59</span>
<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 66</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">wordlist=</span>(<span class="ruby-identifier">wordlist</span>)
<span class="ruby-keyword">if</span> <span class="ruby-constant">File</span>.<span class="ruby-identifier">exists?</span>(<span class="ruby-identifier">wordlist</span>)
<span class="ruby-ivar">@wordlist</span> = <span class="ruby-identifier">wordlist</span>