garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reduces time to detect non WP sites when there are a lof of links in pages

Browse Source
This commit is contained in:
erwanlr
2020-02-12 19:50:00 +00:00
parent 8729c68e22
commit 7d2b8a2a8b
2 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/custom_directories.rb
View File

@@ -18,9 +18,7 @@ module WPScan
target.content_dir = ParsedCli.wp_content_dir if ParsedCli.wp_content_dir target.content_dir = ParsedCli.wp_content_dir if ParsedCli.wp_content_dir
target.plugins_dir = ParsedCli.wp_plugins_dir if ParsedCli.wp_plugins_dir target.plugins_dir = ParsedCli.wp_plugins_dir if ParsedCli.wp_plugins_dir
return if target.content_dir raise Error::WpContentDirNotDetected unless target.content_dir
raise Error::WpContentDirNotDetected
end end
end end
end end

5
lib/wpscan/target/platform/wordpress.rb
View File

@@ -44,7 +44,7 @@ module WPScan
# @param [ Typhoeus::Response ] response # @param [ Typhoeus::Response ] response
# @return [ Boolean ] # @return [ Boolean ]
def wordpress_from_meta_comments_or_scripts?(response) def wordpress_from_meta_comments_or_scripts?(response)
in_scope_uris(response) do |uri| in_scope_uris(response, '//link/@href|//script/@src|//img/@src') do |uri|
return true if WORDPRESS_PATTERN.match?(uri.path) || WP_JSON_OEMBED_PATTERN.match?(uri.path) return true if WORDPRESS_PATTERN.match?(uri.path) || WP_JSON_OEMBED_PATTERN.match?(uri.path)
end end
@@ -100,8 +100,9 @@ module WPScan
unless content_dir unless content_dir
pattern = %r{https?://s\d\.wp\.com#{WORDPRESS_PATTERN}}i.freeze pattern = %r{https?://s\d\.wp\.com#{WORDPRESS_PATTERN}}i.freeze
xpath = '//@href[contains(., "wp.com")]|//@src[contains(., "wp.com")]'
uris_from_page(homepage_res) do |uri| uris_from_page(homepage_res, xpath) do |uri|
return true if uri.to_s.match?(pattern) return true if uri.to_s.match?(pattern)
end end
end end