Improves Target#wordpress_hosted?

2019-04-18 14:17:00 +01:00
parent b2a62ebd26
commit 6df2564d1a
5 changed files with 274 additions and 4 deletions
--- a/lib/wpscan/errors/wordpress.rb
+++ b/lib/wpscan/errors/wordpress.rb
@@ -5,7 +5,7 @@ module WPScan
    # WordPress hosted (*.wordpress.com)
    class WordPressHosted < Standard
      def to_s
-        'Scanning *.wordpress.com hosted blogs is not supported.'
+        'The target appears to be hosted on WordPress.com. Scanning such site is not supported.'
      end
    end

--- a/lib/wpscan/target/platform/wordpress.rb
+++ b/lib/wpscan/target/platform/wordpress.rb
@@ -78,8 +78,19 @@ module WPScan
          multisite? ? url('wp-signup.php') : url('wp-login.php?action=register')
        end

+        # @return [ Boolean ] Whether or not the target is hosted on wordpress.com
        def wordpress_hosted?
-          /\.wordpress\.com$/i.match?(uri.host) ? true : false
+          return true if /\.wordpress\.com$/i.match?(uri.host)
+
+          unless content_dir(:passive)
+            pattern = %r{https?://s\d\.wp\.com#{WORDPRESS_PATTERN}}i.freeze
+
+            urls_from_page(homepage_res) do |url|
+              return true if url.match?(pattern)
+            end
+          end
+
+          false
        end

        # @param [ String ] username