diff --git a/app/finders/db_exports/known_locations.rb b/app/finders/db_exports/known_locations.rb index 21d6be1e..b49c2d35 100644 --- a/app/finders/db_exports/known_locations.rb +++ b/app/finders/db_exports/known_locations.rb @@ -20,9 +20,9 @@ module WPScan enumerate(potential_urls(opts), opts.merge(check_full_response: 200)) do |res| if res.effective_url.end_with?('.zip') - next unless res.headers['Content-Type'] =~ %r{\Aapplication/zip}i + next unless %r{\Aapplication/zip}i.match?(res.headers['Content-Type']) else - next unless res.body =~ SQL_PATTERN + next unless SQL_PATTERN.match?(res.body) end found << Model::DbExport.new(res.request.url, found_by: DIRECT_ACCESS, confidence: 100) diff --git a/app/finders/interesting_findings/duplicator_installer_log.rb b/app/finders/interesting_findings/duplicator_installer_log.rb index 4b12e6f3..ce67123c 100644 --- a/app/finders/interesting_findings/duplicator_installer_log.rb +++ b/app/finders/interesting_findings/duplicator_installer_log.rb @@ -9,7 +9,7 @@ module WPScan def aggressive(_opts = {}) path = 'installer-log.txt' - return unless target.head_and_get(path).body =~ /DUPLICATOR INSTALL-LOG/ + return unless /DUPLICATOR INSTALL-LOG/.match?(target.head_and_get(path).body) Model::DuplicatorInstallerLog.new( target.url(path), diff --git a/app/finders/interesting_findings/mu_plugins.rb b/app/finders/interesting_findings/mu_plugins.rb index d6efa790..4e32a946 100644 --- a/app/finders/interesting_findings/mu_plugins.rb +++ b/app/finders/interesting_findings/mu_plugins.rb @@ -10,7 +10,7 @@ module WPScan pattern = %r{#{target.content_dir}/mu\-plugins/}i target.in_scope_uris(target.homepage_res) do |uri| - next unless uri.path =~ pattern + next unless uri.path&.match?(pattern) url = target.url('wp-content/mu-plugins/') diff --git a/app/finders/interesting_findings/upload_sql_dump.rb b/app/finders/interesting_findings/upload_sql_dump.rb index 302c21ca..5c76bba0 100644 --- a/app/finders/interesting_findings/upload_sql_dump.rb +++ b/app/finders/interesting_findings/upload_sql_dump.rb @@ -12,7 +12,7 @@ module WPScan path = 'wp-content/uploads/dump.sql' res = target.head_and_get(path, [200], get: { headers: { 'Range' => 'bytes=0-3000' } }) - return unless res.body =~ SQL_PATTERN + return unless SQL_PATTERN.match?(res.body) Model::UploadSQLDump.new( target.url(path), diff --git a/app/finders/plugin_version/readme.rb b/app/finders/plugin_version/readme.rb index dffd635f..58807ee4 100644 --- a/app/finders/plugin_version/readme.rb +++ b/app/finders/plugin_version/readme.rb @@ -52,7 +52,7 @@ module WPScan number = Regexp.last_match[1] - number if number =~ /[0-9]+/ + number if /[0-9]+/.match?(number) end # @param [ String ] body diff --git a/app/finders/plugins/body_pattern.rb b/app/finders/plugins/body_pattern.rb index e03c5aed..3874fe9a 100644 --- a/app/finders/plugins/body_pattern.rb +++ b/app/finders/plugins/body_pattern.rb @@ -15,7 +15,7 @@ module WPScan # # @return [ Plugin ] The detected plugin in the response, related to the config def process_response(opts, response, slug, klass, config) - return unless response.body =~ config['pattern'] + return unless response.body&.match?(config['pattern']) Model::Plugin.new( slug, diff --git a/app/finders/plugins/comment.rb b/app/finders/plugins/comment.rb index 7f912b3d..b34fe572 100644 --- a/app/finders/plugins/comment.rb +++ b/app/finders/plugins/comment.rb @@ -18,7 +18,7 @@ module WPScan response.html.xpath(config['xpath'] || '//comment()').each do |node| comment = node.text.to_s.strip - next unless comment =~ config['pattern'] + next unless comment&.match?(config['pattern']) return Model::Plugin.new( slug, diff --git a/app/finders/timthumbs/known_locations.rb b/app/finders/timthumbs/known_locations.rb index 3cc556e1..cfb782ea 100644 --- a/app/finders/timthumbs/known_locations.rb +++ b/app/finders/timthumbs/known_locations.rb @@ -22,7 +22,7 @@ module WPScan found = [] enumerate(target_urls(opts), opts.merge(check_full_response: 400)) do |res| - next unless res.body =~ /no image specified/i + next unless /no image specified/i.match?(res.body) found << Model::Timthumb.new(res.request.url, opts.merge(found_by: found_by, confidence: 100)) end diff --git a/app/finders/users/login_error_messages.rb b/app/finders/users/login_error_messages.rb index 4c0ef2ae..8cde0da2 100644 --- a/app/finders/users/login_error_messages.rb +++ b/app/finders/users/login_error_messages.rb @@ -24,7 +24,7 @@ module WPScan return found if error.empty? # Protection plugin / error disabled - next unless error =~ /The password you entered for the username|Incorrect Password/i + next unless /The password you entered for the username|Incorrect Password/i.match?(error) found << Model::User.new(username, found_by: found_by, confidence: 100) end diff --git a/lib/wpscan/helper.rb b/lib/wpscan/helper.rb index 2ff8b3c6..c335ade2 100644 --- a/lib/wpscan/helper.rb +++ b/lib/wpscan/helper.rb @@ -14,7 +14,7 @@ end # @return [ Symbol ] def classify_slug(slug) classified = slug.to_s.gsub(/[^a-z\d\-]/i, '-').gsub(/\-{1,}/, '_').camelize.to_s - classified = "D_#{classified}" if classified[0] =~ /\d/ + classified = "D_#{classified}" if /\d/.match?(classified[0]) classified.to_sym end diff --git a/lib/wpscan/target/platform/wordpress.rb b/lib/wpscan/target/platform/wordpress.rb index 20c81389..23a93528 100644 --- a/lib/wpscan/target/platform/wordpress.rb +++ b/lib/wpscan/target/platform/wordpress.rb @@ -29,7 +29,7 @@ module WPScan end homepage_res.html.css('meta[name="generator"]').each do |node| - return true if node['content'] =~ /wordpress/i + return true if /wordpress/i.match?(node['content']) end return true unless comments_from_page(/wordpress/i, homepage_res).empty?