WebSite is now a class instead of a module

2013-02-05 18:16:29 +01:00
parent 99e02115ca
commit 99218528f7
9 changed files with 155 additions and 127 deletions
--- a/lib/wpscan/modules/web_site.rb
+++ b/lib/wpscan/modules/web_site.rb
@@ -17,7 +17,21 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #++

-module WebSite
+class WebSite
+
+  attr_reader :uri
+
+  def initialize(site_url)
+    self.url = site_url
+  end
+
+  def url=(url)
+    @uri = URI.parse(add_trailing_slash(add_http_protocol(url)))
+  end
+
+  def url
+    @uri.to_s
+  end

  # Checks if the remote website is up.
  def online?
@@ -28,40 +42,6 @@ module WebSite
    Browser.instance.get(@uri.to_s).code == 401
  end

-  # check if the remote website is
-  # actually running wordpress.
-  def wordpress?
-    wordpress = false
-
-    response = Browser.instance.get(
-        @uri.to_s,
-        { follow_location: true, max_redirects: 2 }
-    )
-    if response.body =~ /["'][^"']*\/wp-content\/[^"']*["']/i
-      wordpress = true
-    else
-      response = Browser.instance.get(
-        xml_rpc_url,
-        { follow_location: true, max_redirects: 2 }
-      )
-
-      if response.body =~ %r{XML-RPC server accepts POST requests only}i
-        wordpress = true
-      else
-        response = Browser.instance.get(
-            login_url(),
-            { follow_location: true, max_redirects: 2 }
-        )
-
-        if response.body =~ %r{WordPress}i
-          wordpress = true
-        end
-      end
-    end
-
-    wordpress
-  end
-
  def has_xml_rpc?
    !xml_rpc_url.nil?
  end
--- a/lib/wpscan/wp_target.rb
+++ b/lib/wpscan/wp_target.rb
@@ -17,8 +17,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #++

-class WpTarget
-  include WebSite
+class WpTarget < WebSite
  include WpReadme
  include WpFullPathDisclosure
  include WpConfigBackup
@@ -30,10 +29,11 @@ class WpTarget
  include WpThemes
  include BruteForce

-  attr_reader :uri, :verbose
+  attr_reader :verbose

  def initialize(target_url, options = {})
-    @uri            = URI.parse(add_trailing_slash(add_http_protocol(target_url)))
+    super(target_url)
+
    @verbose        = options[:verbose]
    @wp_content_dir = options[:wp_content_dir]
    @wp_plugins_dir = options[:wp_plugins_dir]
@@ -42,9 +42,39 @@ class WpTarget
    Browser.instance(options.merge(:max_threads => options[:threads]))
  end

-  # Alias of @uri.to_s
-  def url
-    @uri.to_s
+  # check if the target website is
+  # actually running wordpress.
+  def wordpress?
+    wordpress = false
+
+    response = Browser.instance.get(
+      @uri.to_s,
+      { follow_location: true, max_redirects: 2 }
+    )
+
+    if response.body =~ /["'][^"']*\/wp-content\/[^"']*["']/i
+      wordpress = true
+    else
+      response = Browser.instance.get(
+        xml_rpc_url,
+        { follow_location: true, max_redirects: 2 }
+      )
+
+      if response.body =~ %r{XML-RPC server accepts POST requests only}i
+        wordpress = true
+      else
+        response = Browser.instance.get(
+          login_url,
+          { follow_location: true, max_redirects: 2 }
+        )
+
+        if response.body =~ %r{WordPress}i
+          wordpress = true
+        end
+      end
+    end
+
+    wordpress
  end

  def login_url