garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Moves Models into their own namespace - Ref #1315

Browse Source
This commit is contained in:
erwanlr
2019-03-19 21:07:53 +00:00
parent f1657164d5
commit 898e8d4546
116 changed files with 613 additions and 560 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/finders/config_backups/known_filenames.rb
View File

@@ -17,7 +17,9 @@ module WPScan
# Might need to improve that
next unless res.body =~ /define/i && res.body !~ /<\s?html/i
found << WPScan::ConfigBackup.new(res.request.url, found_by: DIRECT_ACCESS, confidence: 100)
found << Model::ConfigBackup.new(res.request.url,
found_by: DIRECT_ACCESS,
confidence: 100)
end
found

4
app/finders/db_exports/known_locations.rb
View File

@@ -17,7 +17,9 @@ module WPScan
enumerate(potential_urls(opts), opts) do |res|
next unless res.code == 200 && res.body =~ /INSERT INTO/
found << WPScan::DbExport.new(res.request.url, found_by: DIRECT_ACCESS, confidence: 100)
found << Model::DbExport.new(res.request.url,
found_by: DIRECT_ACCESS,
confidence: 100)
end
found

2
app/finders/interesting_findings/backup_db.rb
View File

@@ -11,7 +11,7 @@ module WPScan
return unless [200, 403].include?(res.code) && !target.homepage_or_404?(res)
WPScan::BackupDB.new(
Model::BackupDB.new(
url,
confidence: 70,
found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/debug_log.rb
View File

@@ -9,7 +9,7 @@ module WPScan
return unless target.debug_log?(path)
WPScan::DebugLog.new(
Model::DebugLog.new(
target.url(path),
confidence: 100, found_by: DIRECT_ACCESS,
references: { url: 'https://codex.wordpress.org/Debugging_in_WordPress' }

2
app/finders/interesting_findings/duplicator_installer_log.rb
View File

@@ -10,7 +10,7 @@ module WPScan
return unless res.body =~ /DUPLICATOR INSTALL-LOG/
WPScan::DuplicatorInstallerLog.new(
Model::DuplicatorInstallerLog.new(
url,
confidence: 100,
found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/emergency_pwd_reset_script.rb
View File

@@ -10,7 +10,7 @@ module WPScan
return unless res.code == 200 && !target.homepage_or_404?(res)
WPScan::EmergencyPwdResetScript.new(
Model::EmergencyPwdResetScript.new(
url,
confidence: res.body =~ /password/i ? 100 : 40,
found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/full_path_disclosure.rb
View File

@@ -10,7 +10,7 @@ module WPScan
return if fpd_entries.empty?
WPScan::FullPathDisclosure.new(
Model::FullPathDisclosure.new(
target.url(path),
confidence: 100,
found_by: DIRECT_ACCESS,

4
app/finders/interesting_findings/mu_plugins.rb
View File

@@ -12,7 +12,7 @@ module WPScan
url = target.url('wp-content/mu-plugins/')
return WPScan::MuPlugins.new(
return Model::MuPlugins.new(
url,
confidence: 70,
found_by: 'URLs In Homepage (Passive Detection)',
@@ -35,7 +35,7 @@ module WPScan
target.mu_plugins = true
WPScan::MuPlugins.new(
Model::MuPlugins.new(
url,
confidence: 80,
found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/multisite.rb
View File

@@ -15,7 +15,7 @@ module WPScan
target.multisite = true
WPScan::Multisite.new(
Model::Multisite.new(
url,
confidence: 100,
found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/readme.rb
View File

@@ -10,7 +10,7 @@ module WPScan
res = Browser.get(url)
if res.code == 200 && res.body =~ /wordpress/i
return WPScan::Readme.new(url, confidence: 100, found_by: DIRECT_ACCESS)
return Model::Readme.new(url, confidence: 100, found_by: DIRECT_ACCESS)
end
end
nil

2
app/finders/interesting_findings/registration.rb
View File

@@ -18,7 +18,7 @@ module WPScan
target.registration_enabled = true
WPScan::Registration.new(
Model::Registration.new(
res.effective_url,
confidence: 100,
found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/tmm_db_migrate.rb
View File

@@ -11,7 +11,7 @@ module WPScan
return unless res.code == 200 && res.headers['Content-Type'] =~ %r{\Aapplication/zip}i
WPScan::TmmDbMigrate.new(
Model::TmmDbMigrate.new(
url,
confidence: 100,
found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/upload_directory_listing.rb
View File

@@ -11,7 +11,7 @@ module WPScan
url = target.url(path)
WPScan::UploadDirectoryListing.new(
Model::UploadDirectoryListing.new(
url,
confidence: 100,
found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/upload_sql_dump.rb
View File

@@ -12,7 +12,7 @@ module WPScan
return unless res.code == 200 && res.body =~ SQL_PATTERN
WPScan::UploadSQLDump.new(
Model::UploadSQLDump.new(
url,
confidence: 100,
found_by: DIRECT_ACCESS

2
app/finders/interesting_findings/wp_cron.rb
View File

@@ -9,7 +9,7 @@ module WPScan
return unless res.code == 200
WPScan::WPCron.new(
Model::WPCron.new(
wp_cron_url,
confidence: 60,
found_by: DIRECT_ACCESS,

2
app/finders/main_theme/css_style.rb
View File

@@ -6,7 +6,7 @@ module WPScan
include Finders::WpItems::URLsInHomepage
def create_theme(slug, style_url, opts)
WPScan::Theme.new(
Model::Theme.new(
slug,
target,
opts.merge(found_by: found_by, confidence: 70, style_url: style_url)

2
app/finders/main_theme/urls_in_homepage.rb
View File

@@ -14,7 +14,7 @@ module WPScan
slugs = items_from_links('themes', false) + items_from_codes('themes', false)
slugs.each_with_object(Hash.new(0)) { |slug, counts| counts[slug] += 1 }.each do |slug, occurences|
found << WPScan::Theme.new(slug, target, opts.merge(found_by: found_by, confidence: 2 * occurences))
found << Model::Theme.new(slug, target, opts.merge(found_by: found_by, confidence: 2 * occurences))
end
found

2
app/finders/main_theme/woo_framework_meta_generator.rb
View File

@@ -10,7 +10,7 @@ module WPScan
def passive(opts = {})
return unless target.homepage_res.body =~ PATTERN
WPScan::Theme.new(
Model::Theme.new(
Regexp.last_match[1],
target,
opts.merge(found_by: found_by, confidence: 80)

2
app/finders/medias/attachment_brute_forcing.rb
View File

@@ -15,7 +15,7 @@ module WPScan
enumerate(target_urls(opts), opts) do |res|
next unless res.code == 200
found << WPScan::Media.new(res.effective_url, opts.merge(found_by: found_by, confidence: 100))
found << Model::Media.new(res.effective_url, opts.merge(found_by: found_by, confidence: 100))
end
found

4
app/finders/passwords/xml_rpc_multicall.rb
View File

@@ -20,13 +20,13 @@ module WPScan
target.multi_call(methods).run
end
# @param [ Array<CMSScanner::User> ] users
# @param [ Array<Model::User> ] users
# @param [ Array<String> ] passwords
# @param [ Hash ] opts
# @option opts [ Boolean ] :show_progression
# @option opts [ Integer ] :multicall_max_passwords
#
# @yield [ CMSScanner::User ] When a valid combination is found
# @yield [ Model::User ] When a valid combination is found
#
# TODO: Make rubocop happy about metrics etc
#

4
app/finders/plugin_version.rb
View File

@@ -7,7 +7,7 @@ module WPScan
class Base
include CMSScanner::Finders::UniqueFinder
# @param [ WPScan::Plugin ] plugin
# @param [ Model::Plugin ] plugin
def initialize(plugin)
finders << PluginVersion::Readme.new(plugin)
@@ -16,7 +16,7 @@ module WPScan
# Load the finders associated with the plugin
#
# @param [ WPScan::Plugin ] plugin
# @param [ Model::Plugin ] plugin
def load_specific_finders(plugin)
module_name = plugin.classify

4
app/finders/plugin_version/readme.rb
View File

@@ -7,14 +7,14 @@ module WPScan
def aggressive(_opts = {})
found_by_msg = 'Readme - %s (Aggressive Detection)'
WPScan::WpItem::READMES.each do |file|
Model::WpItem::READMES.each do |file|
url = target.url(file)
res = Browser.get(url)
next unless res.code == 200 && !(numbers = version_numbers(res.body)).empty?
return numbers.reduce([]) do |a, e|
a << WPScan::Version.new(
a << Model::Version.new(
e[0],
found_by: format(found_by_msg, e[1]),
confidence: e[2],

2
app/finders/plugins/body_pattern.rb
View File

@@ -15,7 +15,7 @@ module WPScan
def process_response(opts, response, slug, klass, config)
return unless response.body =~ config['pattern']
Plugin.new(
Model::Plugin.new(
slug,
target,
opts.merge(found_by: found_by(klass), confidence: config['confidence'] || DEFAULT_CONFIDENCE)

2
app/finders/plugins/comment.rb
View File

@@ -18,7 +18,7 @@ module WPScan
next unless comment =~ config['pattern']
return Plugin.new(
return Model::Plugin.new(
slug,
target,
opts.merge(found_by: found_by(klass), confidence: config['confidence'] || DEFAULT_CONFIDENCE)

2
app/finders/plugins/config_parser.rb
View File

@@ -19,7 +19,7 @@ module WPScan
# when checking for plugins
#
Plugin.new(
Model::Plugin.new(
slug,
target,
opts.merge(found_by: found_by(klass), confidence: config['confidence'] || DEFAULT_CONFIDENCE)

2
app/finders/plugins/header_pattern.rb
View File

@@ -18,7 +18,7 @@ module WPScan
configs.each do |klass, config|
next unless headers[config['header']] && headers[config['header']].to_s =~ config['pattern']
found << Plugin.new(
found << Model::Plugin.new(
slug,
target,
opts.merge(found_by: found_by(klass), confidence: config['confidence'] || DEFAULT_CONFIDENCE)

2
app/finders/plugins/javascript_var.rb
View File

@@ -16,7 +16,7 @@ module WPScan
response.html.xpath(config['xpath'] || '//script[not(@src)]').each do |node|
next if config['pattern'] && !node.text.match(config['pattern'])
return Plugin.new(
return Model::Plugin.new(
slug,
target,
opts.merge(found_by: found_by(klass), confidence: config['confidence'] || DEFAULT_CONFIDENCE)

2
app/finders/plugins/known_locations.rb
View File

@@ -13,7 +13,7 @@ module WPScan
found = []
enumerate(target_urls(opts), opts) do |_res, slug|
found << WPScan::Plugin.new(slug, target, opts.merge(found_by: found_by, confidence: 80))
found << Model::Plugin.new(slug, target, opts.merge(found_by: found_by, confidence: 80))
end
found

2
app/finders/plugins/urls_in_homepage.rb
View File

@@ -14,7 +14,7 @@ module WPScan
found = []
(items_from_links('plugins') + items_from_codes('plugins')).uniq.sort.each do |slug|
found << Plugin.new(slug, target, opts.merge(found_by: found_by, confidence: 80))
found << Model::Plugin.new(slug, target, opts.merge(found_by: found_by, confidence: 80))
end
found

2
app/finders/plugins/xpath.rb
View File

@@ -16,7 +16,7 @@ module WPScan
response.html.xpath(config['xpath']).each do |node|
next if config['pattern'] && !node.text.match(config['pattern'])
return Plugin.new(
return Model::Plugin.new(
slug,
target,
opts.merge(found_by: found_by(klass), confidence: config['confidence'] || DEFAULT_CONFIDENCE)

4
app/finders/theme_version.rb
View File

@@ -8,7 +8,7 @@ module WPScan
class Base
include CMSScanner::Finders::UniqueFinder
# @param [ WPScan::Theme ] theme
# @param [ Model::Theme ] theme
def initialize(theme)
finders <<
ThemeVersion::Style.new(theme) <<
@@ -19,7 +19,7 @@ module WPScan
# Load the finders associated with the theme
#
# @param [ WPScan::Theme ] theme
# @param [ Model::Theme ] theme
def load_specific_finders(theme)
module_name = theme.classify

2
app/finders/theme_version/style.rb
View File

@@ -30,7 +30,7 @@ module WPScan
def style_version
return unless Browser.get(target.style_url).body =~ /Version:[\t ]*(?!trunk)([0-9a-z\.-]+)/i
WPScan::Version.new(
Model::Version.new(
Regexp.last_match[1],
found_by: found_by,
confidence: 80,

2
app/finders/theme_version/woo_framework_meta_generator.rb
View File

@@ -11,7 +11,7 @@ module WPScan
return unless Regexp.last_match[1] == target.slug
WPScan::Version.new(Regexp.last_match[2], found_by: found_by, confidence: 80)
Model::Version.new(Regexp.last_match[2], found_by: found_by, confidence: 80)
end
end
end

2
app/finders/themes/known_locations.rb
View File

@@ -13,7 +13,7 @@ module WPScan
found = []
enumerate(target_urls(opts), opts) do |_res, slug|
found << WPScan::Theme.new(slug, target, opts.merge(found_by: found_by, confidence: 80))
found << Model::Theme.new(slug, target, opts.merge(found_by: found_by, confidence: 80))
end
found

2
app/finders/themes/urls_in_homepage.rb
View File

@@ -12,7 +12,7 @@ module WPScan
found = []
(items_from_links('themes') + items_from_codes('themes')).uniq.sort.each do |slug|
found << WPScan::Theme.new(slug, target, opts.merge(found_by: found_by, confidence: 80))
found << Model::Theme.new(slug, target, opts.merge(found_by: found_by, confidence: 80))
end
found

2
app/finders/timthumb_version.rb
View File

@@ -7,7 +7,7 @@ module WPScan
class Base
include CMSScanner::Finders::UniqueFinder
# @param [ WPScan::Timthumb ] target
# @param [ Model::Timthumb ] target
def initialize(target)
finders << TimthumbVersion::BadRequest.new(target)
end

2
app/finders/timthumb_version/bad_request.rb
View File

@@ -8,7 +8,7 @@ module WPScan
def aggressive(_opts = {})
return unless Browser.get(target.url).body =~ /(TimThumb version\s*: ([^<]+))/
WPScan::Version.new(
Model::Version.new(
Regexp.last_match[2],
found_by: 'Bad Request (Aggressive Detection)',
confidence: 90,

2
app/finders/timthumbs/known_locations.rb
View File

@@ -15,7 +15,7 @@ module WPScan
found = []
enumerate(target_urls(opts), opts) do |res|
found << WPScan::Timthumb.new(res.request.url, opts.merge(found_by: found_by, confidence: 100))
found << Model::Timthumb.new(res.request.url, opts.merge(found_by: found_by, confidence: 100))
end
found

2
app/finders/users/author_id_brute_forcing.rb
View File

@@ -18,7 +18,7 @@ module WPScan
next unless username
found << CMSScanner::User.new(
found << Model::User.new(
username,
id: id,
found_by: format(found_by_msg, found_by),

2
app/finders/users/author_posts.rb
View File

@@ -10,7 +10,7 @@ module WPScan
found_by_msg = 'Author Posts - %s (Passive Detection)'
usernames(opts).reduce([]) do |a, e|
a << CMSScanner::User.new(
a << Model::User.new(
e[0],
found_by: format(found_by_msg, e[1]),
confidence: e[2]

2
app/finders/users/login_error_messages.rb
View File

@@ -24,7 +24,7 @@ module WPScan
next unless error =~ /The password you entered for the username|Incorrect Password/i
found << CMSScanner::User.new(username, found_by: found_by, confidence: 100)
found << Model::User.new(username, found_by: found_by, confidence: 100)
end
found

8
app/finders/users/oembed_api.rb
View File

@@ -21,10 +21,10 @@ module WPScan
return [] unless details
[CMSScanner::User.new(details[0],
found_by: format(found_by_msg, details[1]),
confidence: details[2],
interesting_entries: [api_url])]
[Model::User.new(details[0],
found_by: format(found_by_msg, details[1]),
confidence: details[2],
interesting_entries: [api_url])]
rescue JSON::ParserError
[]
end

2
app/finders/users/rss_generator.rb
View File

@@ -30,7 +30,7 @@ module WPScan
end
potential_usernames.uniq.each do |potential_username|
found << CMSScanner::User.new(potential_username, found_by: found_by, confidence: 50)
found << Model::User.new(potential_username, found_by: found_by, confidence: 50)
end
break

10
app/finders/users/wp_json_api.rb
View File

@@ -41,11 +41,11 @@ module WPScan
found = []
JSON.parse(response.body)&.each do |user|
found << CMSScanner::User.new(user['slug'],
id: user['id'],
found_by: found_by,
confidence: 100,
interesting_entries: [response.effective_url])
found << Model::User.new(user['slug'],
id: user['id'],
found_by: found_by,
confidence: 100,
interesting_entries: [response.effective_url])
end
found

8
app/finders/users/yoast_seo_author_sitemap.rb
View File

@@ -15,10 +15,10 @@ module WPScan
next unless username && !username.strip.empty?
found << CMSScanner::User.new(username,
found_by: found_by,
confidence: 100,
interesting_entries: [sitemap_url])
found << Model::User.new(username,
found_by: found_by,
confidence: 100,
interesting_entries: [sitemap_url])
end
found

4
app/finders/wp_version/readme.rb
View File

@@ -13,9 +13,9 @@ module WPScan
number = Regexp.last_match(1)
return unless WPScan::WpVersion.valid?(number)
return unless Model::WpVersion.valid?(number)
WPScan::WpVersion.new(
Model::WpVersion.new(
number,
found_by: 'Readme (Aggressive Detection)',
# Since WP 4.7, the Readme only contains the major version (ie 4.7, 4.8 etc)

2
app/finders/wp_version/unique_fingerprinting.rb
View File

@@ -11,7 +11,7 @@ module WPScan
hydra.abort
progress_bar.finish
return WPScan::WpVersion.new(
return Model::WpVersion.new(
version_number,
found_by: 'Unique Fingerprinting (Aggressive Detection)',
confidence: 100,