garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated documentation

Browse Source
This commit is contained in:
Christian Mehlmauer
2013-04-30 23:06:37 +02:00
parent dca987b64b
commit a38c709d74
371 changed files with 88362 additions and 38796 deletions
Download Patch File Download Diff File Expand all files Collapse all files

481
doc_rdoc/WpTarget/Malwares.html Normal file
View File

@@ -0,0 +1,481 @@
<!DOCTYPE html>
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title>module WpTarget::Malwares - RDoc Documentation</title>
<link type="text/css" media="screen" href="../rdoc.css" rel="stylesheet">
<script type="text/javascript">
var rdoc_rel_prefix = "../";
</script>
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/navigation.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search_index.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/searcher.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/darkfish.js"></script>
<body id="top" class="module">
<nav id="metadata">
<nav id="home-section" class="section">
<h3 class="section-header">
<a href="../index.html">Home</a>
<a href="../table_of_contents.html#classes">Classes</a>
<a href="../table_of_contents.html#methods">Methods</a>
</h3>
</nav>
<nav id="search-section" class="section project-section" class="initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<h3 class="section-header">
<input type="text" name="search" placeholder="Search" id="search-field"
title="Type to search, Up and Down to navigate, Enter to load">
</h3>
</form>
<ul id="search-results" class="initially-hidden"></ul>
</nav>
<div id="file-metadata">
<nav id="file-list-section" class="section">
<h3 class="section-header">Defined In</h3>
<ul>
<li>lib/wpscan/wp_target/malwares.rb
</ul>
</nav>
</div>
<div id="class-metadata">
<!-- Method Quickref -->
<nav id="method-list-section" class="section">
<h3 class="section-header">Methods</h3>
<ul class="link-list">
<li ><a href="#method-c-malware_pattern">::malware_pattern</a>
<li ><a href="#method-c-malwares_file">::malwares_file</a>
<li ><a href="#method-i-has_malwares-3F">#has_malwares?</a>
<li ><a href="#method-i-malwares">#malwares</a>
</ul>
</nav>
</div>
<div id="project-metadata">
<nav id="fileindex-section" class="section project-section">
<h3 class="section-header">Pages</h3>
<ul>
<li class="file"><a href="../CREDITS.html">CREDITS</a>
<li class="file"><a href="../Gemfile.html">Gemfile</a>
<li class="file"><a href="../Gemfile_lock.html">Gemfile.lock</a>
<li class="file"><a href="../LICENSE.html">LICENSE</a>
<li class="file"><a href="../README.html">README</a>
<li class="file"><a href="../README_md.html">README</a>
<li class="file"><a href="../conf/browser_conf_json.html">browser.conf.json</a>
<li class="file"><a href="../generate_doc_sh.html">generate_doc.sh</a>
</ul>
</nav>
<nav id="classindex-section" class="section project-section">
<h3 class="section-header">Class and Module Index</h3>
<ul class="link-list">
<li><a href="../Array.html">Array</a>
<li><a href="../Browser.html">Browser</a>
<li><a href="../Browser/Actions.html">Browser::Actions</a>
<li><a href="../Browser/Options.html">Browser::Options</a>
<li><a href="../CacheFileStore.html">CacheFileStore</a>
<li><a href="../CheckerPlugin.html">CheckerPlugin</a>
<li><a href="../CustomOptionParser.html">CustomOptionParser</a>
<li><a href="../Ethon.html">Ethon</a>
<li><a href="../Ethon/Easy.html">Ethon::Easy</a>
<li><a href="../Ethon/Easy/Options.html">Ethon::Easy::Options</a>
<li><a href="../File.html">File</a>
<li><a href="../Gem.html">Gem</a>
<li><a href="../GenerateList.html">GenerateList</a>
<li><a href="../GitUpdater.html">GitUpdater</a>
<li><a href="../ListGeneratorPlugin.html">ListGeneratorPlugin</a>
<li><a href="../Object.html">Object</a>
<li><a href="../Plugin.html">Plugin</a>
<li><a href="../Plugins.html">Plugins</a>
<li><a href="../StatsPlugin.html">StatsPlugin</a>
<li><a href="../SvnParser.html">SvnParser</a>
<li><a href="../SvnUpdater.html">SvnUpdater</a>
<li><a href="../Terminal.html">Terminal</a>
<li><a href="../Terminal/Table.html">Terminal::Table</a>
<li><a href="../Terminal/Table/Style.html">Terminal::Table::Style</a>
<li><a href="../Typhoeus.html">Typhoeus</a>
<li><a href="../Typhoeus/Request.html">Typhoeus::Request</a>
<li><a href="../Typhoeus/Request/Cacheable.html">Typhoeus::Request::Cacheable</a>
<li><a href="../Typhoeus/Response.html">Typhoeus::Response</a>
<li><a href="../TyphoeusCache.html">TyphoeusCache</a>
<li><a href="../URI.html">URI</a>
<li><a href="../Updater.html">Updater</a>
<li><a href="../UpdaterFactory.html">UpdaterFactory</a>
<li><a href="../Vulnerabilities.html">Vulnerabilities</a>
<li><a href="../Vulnerabilities/Output.html">Vulnerabilities::Output</a>
<li><a href="../Vulnerability.html">Vulnerability</a>
<li><a href="../Vulnerability/Output.html">Vulnerability::Output</a>
<li><a href="../WebSite.html">WebSite</a>
<li><a href="../WpItem.html">WpItem</a>
<li><a href="../WpItem/Existable.html">WpItem::Existable</a>
<li><a href="../WpItem/Findable.html">WpItem::Findable</a>
<li><a href="../WpItem/Infos.html">WpItem::Infos</a>
<li><a href="../WpItem/Output.html">WpItem::Output</a>
<li><a href="../WpItem/Versionable.html">WpItem::Versionable</a>
<li><a href="../WpItem/Vulnerable.html">WpItem::Vulnerable</a>
<li><a href="../WpItems.html">WpItems</a>
<li><a href="../WpItems/Detectable.html">WpItems::Detectable</a>
<li><a href="../WpItems/Output.html">WpItems::Output</a>
<li><a href="../WpPlugin.html">WpPlugin</a>
<li><a href="../WpPlugin/Vulnerable.html">WpPlugin::Vulnerable</a>
<li><a href="../WpPlugins.html">WpPlugins</a>
<li><a href="../WpPlugins/Detectable.html">WpPlugins::Detectable</a>
<li><a href="../WpTarget.html">WpTarget</a>
<li><a href="../WpTarget/Malwares.html">WpTarget::Malwares</a>
<li><a href="../WpTarget/WpConfigBackup.html">WpTarget::WpConfigBackup</a>
<li><a href="../WpTarget/WpCustomDirectories.html">WpTarget::WpCustomDirectories</a>
<li><a href="../WpTarget/WpFullPathDisclosure.html">WpTarget::WpFullPathDisclosure</a>
<li><a href="../WpTarget/WpLoginProtection.html">WpTarget::WpLoginProtection</a>
<li><a href="../WpTarget/WpReadme.html">WpTarget::WpReadme</a>
<li><a href="../WpTarget/WpRegistrable.html">WpTarget::WpRegistrable</a>
<li><a href="../WpTheme.html">WpTheme</a>
<li><a href="../WpTheme/Findable.html">WpTheme::Findable</a>
<li><a href="../WpTheme/Versionable.html">WpTheme::Versionable</a>
<li><a href="../WpTheme/Vulnerable.html">WpTheme::Vulnerable</a>
<li><a href="../WpThemes.html">WpThemes</a>
<li><a href="../WpThemes/Detectable.html">WpThemes::Detectable</a>
<li><a href="../WpTimthumb.html">WpTimthumb</a>
<li><a href="../WpTimthumb/Existable.html">WpTimthumb::Existable</a>
<li><a href="../WpTimthumb/Output.html">WpTimthumb::Output</a>
<li><a href="../WpTimthumb/Versionable.html">WpTimthumb::Versionable</a>
<li><a href="../WpTimthumbs.html">WpTimthumbs</a>
<li><a href="../WpTimthumbs/Detectable.html">WpTimthumbs::Detectable</a>
<li><a href="../WpUser.html">WpUser</a>
<li><a href="../WpUser/BruteForcable.html">WpUser::BruteForcable</a>
<li><a href="../WpUser/Existable.html">WpUser::Existable</a>
<li><a href="../WpUsers.html">WpUsers</a>
<li><a href="../WpUsers/BruteForcable.html">WpUsers::BruteForcable</a>
<li><a href="../WpUsers/Detectable.html">WpUsers::Detectable</a>
<li><a href="../WpUsers/Output.html">WpUsers::Output</a>
<li><a href="../WpVersion.html">WpVersion</a>
<li><a href="../WpVersion/Findable.html">WpVersion::Findable</a>
<li><a href="../WpVersion/Output.html">WpVersion::Output</a>
<li><a href="../WpVersion/Vulnerable.html">WpVersion::Vulnerable</a>
<li><a href="../WpscanOptions.html">WpscanOptions</a>
</ul>
</nav>
</div>
</nav>
<div id="documentation">
<h1 class="module">module WpTarget::Malwares</h1>
<div id="description" class="description">
</div><!-- description -->
<section id="5Buntitled-5D" class="documentation-section">
<!-- Methods -->
<section id="public-class-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Public Class Methods</h3>
<div id="method-c-malware_pattern" class="method-detail ">
<div class="method-heading">
<span class="method-name">malware_pattern</span><span
class="method-args">(url_regex)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="malware_pattern-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/malwares.rb, line 43</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">malware_pattern</span>(<span class="ruby-identifier">url_regex</span>)
<span class="ruby-comment"># no need to escape regex here, because malware.txt contains regex</span>
<span class="ruby-node">%r{&lt;(?:script|iframe).* src=(?:&quot;|')(#{url_regex}[^&quot;']*)(?:&quot;|')[^&gt;]*&gt;}</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- malware_pattern-source -->
</div>
</div><!-- malware_pattern-method -->
<div id="method-c-malwares_file" class="method-detail ">
<div class="method-heading">
<span class="method-name">malwares_file</span><span
class="method-args">(malwares_file_path)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="malwares_file-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/malwares.rb, line 39</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">malwares_file</span>(<span class="ruby-identifier">malwares_file_path</span>)
<span class="ruby-identifier">malwares_file_path</span> <span class="ruby-operator">||</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">'/malwares.txt'</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- malwares_file-source -->
</div>
</div><!-- malwares_file-method -->
</section><!-- public-class-method-details -->
<section id="public-instance-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Public Instance Methods</h3>
<div id="method-i-has_malwares-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_malwares?</span><span
class="method-args">(malwares_file_path = nil)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="has_malwares-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/malwares.rb, line 10</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_malwares?</span>(<span class="ruby-identifier">malwares_file_path</span> = <span class="ruby-keyword">nil</span>)
<span class="ruby-operator">!</span><span class="ruby-identifier">malwares</span>(<span class="ruby-identifier">malwares_file_path</span>).<span class="ruby-identifier">empty?</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_malwares-3F-source -->
</div>
</div><!-- has_malwares-3F-method -->
<div id="method-i-malwares" class="method-detail ">
<div class="method-heading">
<span class="method-name">malwares</span><span
class="method-args">(malwares_file_path = nil)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>return array of string (url of malwares found)</p>
<div class="method-source-code" id="malwares-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/malwares.rb, line 15</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">malwares</span>(<span class="ruby-identifier">malwares_file_path</span> = <span class="ruby-keyword">nil</span>)
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@malwares</span>
<span class="ruby-identifier">malwares_found</span> = []
<span class="ruby-identifier">malwares_file</span> = <span class="ruby-constant">Malwares</span>.<span class="ruby-identifier">malwares_file</span>(<span class="ruby-identifier">malwares_file_path</span>)
<span class="ruby-identifier">index_page_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>
<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-identifier">malwares_file</span>, <span class="ruby-string">'r'</span>) <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">file</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">file</span>.<span class="ruby-identifier">readlines</span>.<span class="ruby-identifier">collect</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">url</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">chomped_url</span> = <span class="ruby-identifier">url</span>.<span class="ruby-identifier">chomp</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">chomped_url</span>.<span class="ruby-identifier">length</span> <span class="ruby-operator">&gt;</span> <span class="ruby-value">0</span>
<span class="ruby-identifier">malwares_found</span> <span class="ruby-operator">+=</span> <span class="ruby-identifier">index_page_body</span>.<span class="ruby-identifier">scan</span>(<span class="ruby-constant">Malwares</span>.<span class="ruby-identifier">malware_pattern</span>(<span class="ruby-identifier">chomped_url</span>))
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">malwares_found</span>.<span class="ruby-identifier">flatten!</span>
<span class="ruby-identifier">malwares_found</span>.<span class="ruby-identifier">uniq!</span>
<span class="ruby-ivar">@malwares</span> = <span class="ruby-identifier">malwares_found</span>
<span class="ruby-keyword">end</span>
<span class="ruby-ivar">@malwares</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- malwares-source -->
</div>
</div><!-- malwares-method -->
</section><!-- public-instance-method-details -->
</section><!-- 5Buntitled-5D -->
</div><!-- documentation -->
<footer id="validator-badges">
<p><a href="http://validator.w3.org/check/referer">[Validate]</a>
<p>Generated by <a href="https://github.com/rdoc/rdoc">RDoc</a> 4.0.1.
<p>Generated with the <a href="http://deveiate.org/projects/Darkfish-Rdoc/">Darkfish Rdoc Generator</a> 3.
</footer>

423
doc_rdoc/WpTarget/WpConfigBackup.html Normal file
View File

@@ -0,0 +1,423 @@
<!DOCTYPE html>
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title>module WpTarget::WpConfigBackup - RDoc Documentation</title>
<link type="text/css" media="screen" href="../rdoc.css" rel="stylesheet">
<script type="text/javascript">
var rdoc_rel_prefix = "../";
</script>
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/navigation.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search_index.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/searcher.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/darkfish.js"></script>
<body id="top" class="module">
<nav id="metadata">
<nav id="home-section" class="section">
<h3 class="section-header">
<a href="../index.html">Home</a>
<a href="../table_of_contents.html#classes">Classes</a>
<a href="../table_of_contents.html#methods">Methods</a>
</h3>
</nav>
<nav id="search-section" class="section project-section" class="initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<h3 class="section-header">
<input type="text" name="search" placeholder="Search" id="search-field"
title="Type to search, Up and Down to navigate, Enter to load">
</h3>
</form>
<ul id="search-results" class="initially-hidden"></ul>
</nav>
<div id="file-metadata">
<nav id="file-list-section" class="section">
<h3 class="section-header">Defined In</h3>
<ul>
<li>lib/wpscan/wp_target/wp_config_backup.rb
</ul>
</nav>
</div>
<div id="class-metadata">
<!-- Method Quickref -->
<nav id="method-list-section" class="section">
<h3 class="section-header">Methods</h3>
<ul class="link-list">
<li ><a href="#method-c-config_backup_files">::config_backup_files</a>
<li ><a href="#method-i-config_backup">#config_backup</a>
</ul>
</nav>
</div>
<div id="project-metadata">
<nav id="fileindex-section" class="section project-section">
<h3 class="section-header">Pages</h3>
<ul>
<li class="file"><a href="../CREDITS.html">CREDITS</a>
<li class="file"><a href="../Gemfile.html">Gemfile</a>
<li class="file"><a href="../Gemfile_lock.html">Gemfile.lock</a>
<li class="file"><a href="../LICENSE.html">LICENSE</a>
<li class="file"><a href="../README.html">README</a>
<li class="file"><a href="../README_md.html">README</a>
<li class="file"><a href="../conf/browser_conf_json.html">browser.conf.json</a>
<li class="file"><a href="../generate_doc_sh.html">generate_doc.sh</a>
</ul>
</nav>
<nav id="classindex-section" class="section project-section">
<h3 class="section-header">Class and Module Index</h3>
<ul class="link-list">
<li><a href="../Array.html">Array</a>
<li><a href="../Browser.html">Browser</a>
<li><a href="../Browser/Actions.html">Browser::Actions</a>
<li><a href="../Browser/Options.html">Browser::Options</a>
<li><a href="../CacheFileStore.html">CacheFileStore</a>
<li><a href="../CheckerPlugin.html">CheckerPlugin</a>
<li><a href="../CustomOptionParser.html">CustomOptionParser</a>
<li><a href="../Ethon.html">Ethon</a>
<li><a href="../Ethon/Easy.html">Ethon::Easy</a>
<li><a href="../Ethon/Easy/Options.html">Ethon::Easy::Options</a>
<li><a href="../File.html">File</a>
<li><a href="../Gem.html">Gem</a>
<li><a href="../GenerateList.html">GenerateList</a>
<li><a href="../GitUpdater.html">GitUpdater</a>
<li><a href="../ListGeneratorPlugin.html">ListGeneratorPlugin</a>
<li><a href="../Object.html">Object</a>
<li><a href="../Plugin.html">Plugin</a>
<li><a href="../Plugins.html">Plugins</a>
<li><a href="../StatsPlugin.html">StatsPlugin</a>
<li><a href="../SvnParser.html">SvnParser</a>
<li><a href="../SvnUpdater.html">SvnUpdater</a>
<li><a href="../Terminal.html">Terminal</a>
<li><a href="../Terminal/Table.html">Terminal::Table</a>
<li><a href="../Terminal/Table/Style.html">Terminal::Table::Style</a>
<li><a href="../Typhoeus.html">Typhoeus</a>
<li><a href="../Typhoeus/Request.html">Typhoeus::Request</a>
<li><a href="../Typhoeus/Request/Cacheable.html">Typhoeus::Request::Cacheable</a>
<li><a href="../Typhoeus/Response.html">Typhoeus::Response</a>
<li><a href="../TyphoeusCache.html">TyphoeusCache</a>
<li><a href="../URI.html">URI</a>
<li><a href="../Updater.html">Updater</a>
<li><a href="../UpdaterFactory.html">UpdaterFactory</a>
<li><a href="../Vulnerabilities.html">Vulnerabilities</a>
<li><a href="../Vulnerabilities/Output.html">Vulnerabilities::Output</a>
<li><a href="../Vulnerability.html">Vulnerability</a>
<li><a href="../Vulnerability/Output.html">Vulnerability::Output</a>
<li><a href="../WebSite.html">WebSite</a>
<li><a href="../WpItem.html">WpItem</a>
<li><a href="../WpItem/Existable.html">WpItem::Existable</a>
<li><a href="../WpItem/Findable.html">WpItem::Findable</a>
<li><a href="../WpItem/Infos.html">WpItem::Infos</a>
<li><a href="../WpItem/Output.html">WpItem::Output</a>
<li><a href="../WpItem/Versionable.html">WpItem::Versionable</a>
<li><a href="../WpItem/Vulnerable.html">WpItem::Vulnerable</a>
<li><a href="../WpItems.html">WpItems</a>
<li><a href="../WpItems/Detectable.html">WpItems::Detectable</a>
<li><a href="../WpItems/Output.html">WpItems::Output</a>
<li><a href="../WpPlugin.html">WpPlugin</a>
<li><a href="../WpPlugin/Vulnerable.html">WpPlugin::Vulnerable</a>
<li><a href="../WpPlugins.html">WpPlugins</a>
<li><a href="../WpPlugins/Detectable.html">WpPlugins::Detectable</a>
<li><a href="../WpTarget.html">WpTarget</a>
<li><a href="../WpTarget/Malwares.html">WpTarget::Malwares</a>
<li><a href="../WpTarget/WpConfigBackup.html">WpTarget::WpConfigBackup</a>
<li><a href="../WpTarget/WpCustomDirectories.html">WpTarget::WpCustomDirectories</a>
<li><a href="../WpTarget/WpFullPathDisclosure.html">WpTarget::WpFullPathDisclosure</a>
<li><a href="../WpTarget/WpLoginProtection.html">WpTarget::WpLoginProtection</a>
<li><a href="../WpTarget/WpReadme.html">WpTarget::WpReadme</a>
<li><a href="../WpTarget/WpRegistrable.html">WpTarget::WpRegistrable</a>
<li><a href="../WpTheme.html">WpTheme</a>
<li><a href="../WpTheme/Findable.html">WpTheme::Findable</a>
<li><a href="../WpTheme/Versionable.html">WpTheme::Versionable</a>
<li><a href="../WpTheme/Vulnerable.html">WpTheme::Vulnerable</a>
<li><a href="../WpThemes.html">WpThemes</a>
<li><a href="../WpThemes/Detectable.html">WpThemes::Detectable</a>
<li><a href="../WpTimthumb.html">WpTimthumb</a>
<li><a href="../WpTimthumb/Existable.html">WpTimthumb::Existable</a>
<li><a href="../WpTimthumb/Output.html">WpTimthumb::Output</a>
<li><a href="../WpTimthumb/Versionable.html">WpTimthumb::Versionable</a>
<li><a href="../WpTimthumbs.html">WpTimthumbs</a>
<li><a href="../WpTimthumbs/Detectable.html">WpTimthumbs::Detectable</a>
<li><a href="../WpUser.html">WpUser</a>
<li><a href="../WpUser/BruteForcable.html">WpUser::BruteForcable</a>
<li><a href="../WpUser/Existable.html">WpUser::Existable</a>
<li><a href="../WpUsers.html">WpUsers</a>
<li><a href="../WpUsers/BruteForcable.html">WpUsers::BruteForcable</a>
<li><a href="../WpUsers/Detectable.html">WpUsers::Detectable</a>
<li><a href="../WpUsers/Output.html">WpUsers::Output</a>
<li><a href="../WpVersion.html">WpVersion</a>
<li><a href="../WpVersion/Findable.html">WpVersion::Findable</a>
<li><a href="../WpVersion/Output.html">WpVersion::Output</a>
<li><a href="../WpVersion/Vulnerable.html">WpVersion::Vulnerable</a>
<li><a href="../WpscanOptions.html">WpscanOptions</a>
</ul>
</nav>
</div>
</nav>
<div id="documentation">
<h1 class="module">module WpTarget::WpConfigBackup</h1>
<div id="description" class="description">
</div><!-- description -->
<section id="5Buntitled-5D" class="documentation-section">
<!-- Methods -->
<section id="public-class-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Public Class Methods</h3>
<div id="method-c-config_backup_files" class="method-detail ">
<div class="method-heading">
<span class="method-name">config_backup_files</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>@return <a href="../Array.html">Array</a></p>
<div class="method-source-code" id="config_backup_files-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_config_backup.rb, line 40</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">config_backup_files</span>
<span class="ruby-node">%w{
wp-config.php~ #wp-config.php# wp-config.php.save wp-config.php.swp wp-config.php.swo wp-config.php_bak
wp-config.bak wp-config.php.bak wp-config.save wp-config.old wp-config.php.old wp-config.php.orig
wp-config.orig wp-config.php.original wp-config.original wp-config.txt
}</span> <span class="ruby-comment"># thanks to Feross.org for these</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- config_backup_files-source -->
</div>
</div><!-- config_backup_files-method -->
</section><!-- public-class-method-details -->
<section id="public-instance-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Public Instance Methods</h3>
<div id="method-i-config_backup" class="method-detail ">
<div class="method-heading">
<span class="method-name">config_backup</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Checks to see if wp-config.php has a backup See <a
href="http://www.feross.org/cmsploit">www.feross.org/cmsploit</a>/ return
an array of backup config files url</p>
<div class="method-source-code" id="config_backup-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_config_backup.rb, line 8</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">config_backup</span>
<span class="ruby-identifier">found</span> = []
<span class="ruby-identifier">backups</span> = <span class="ruby-constant">WpConfigBackup</span>.<span class="ruby-identifier">config_backup_files</span>
<span class="ruby-identifier">browser</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>
<span class="ruby-identifier">hydra</span> = <span class="ruby-identifier">browser</span>.<span class="ruby-identifier">hydra</span>
<span class="ruby-identifier">queue_count</span> = <span class="ruby-value">0</span>
<span class="ruby-identifier">backups</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">file</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">file_url</span> = <span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-constant">URI</span>.<span class="ruby-identifier">escape</span>(<span class="ruby-identifier">file</span>)).<span class="ruby-identifier">to_s</span>
<span class="ruby-identifier">request</span> = <span class="ruby-identifier">browser</span>.<span class="ruby-identifier">forge_request</span>(<span class="ruby-identifier">file_url</span>)
<span class="ruby-identifier">request</span>.<span class="ruby-identifier">on_complete</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">response</span><span class="ruby-operator">|</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%r{define}</span>] <span class="ruby-keyword">and</span> <span class="ruby-keyword">not</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%r{&lt;\s?html}</span>]
<span class="ruby-identifier">found</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">file_url</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">hydra</span>.<span class="ruby-identifier">queue</span>(<span class="ruby-identifier">request</span>)
<span class="ruby-identifier">queue_count</span> <span class="ruby-operator">+=</span> <span class="ruby-value">1</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">queue_count</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">browser</span>.<span class="ruby-identifier">max_threads</span>
<span class="ruby-identifier">hydra</span>.<span class="ruby-identifier">run</span>
<span class="ruby-identifier">queue_count</span> = <span class="ruby-value">0</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">hydra</span>.<span class="ruby-identifier">run</span>
<span class="ruby-identifier">found</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- config_backup-source -->
</div>
</div><!-- config_backup-method -->
</section><!-- public-instance-method-details -->
</section><!-- 5Buntitled-5D -->
</div><!-- documentation -->
<footer id="validator-badges">
<p><a href="http://validator.w3.org/check/referer">[Validate]</a>
<p>Generated by <a href="https://github.com/rdoc/rdoc">RDoc</a> 4.0.1.
<p>Generated with the <a href="http://deveiate.org/projects/Darkfish-Rdoc/">Darkfish Rdoc Generator</a> 3.
</footer>

476
doc_rdoc/WpTarget/WpCustomDirectories.html Normal file
View File

@@ -0,0 +1,476 @@
<!DOCTYPE html>
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title>module WpTarget::WpCustomDirectories - RDoc Documentation</title>
<link type="text/css" media="screen" href="../rdoc.css" rel="stylesheet">
<script type="text/javascript">
var rdoc_rel_prefix = "../";
</script>
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/navigation.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search_index.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/searcher.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/darkfish.js"></script>
<body id="top" class="module">
<nav id="metadata">
<nav id="home-section" class="section">
<h3 class="section-header">
<a href="../index.html">Home</a>
<a href="../table_of_contents.html#classes">Classes</a>
<a href="../table_of_contents.html#methods">Methods</a>
</h3>
</nav>
<nav id="search-section" class="section project-section" class="initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<h3 class="section-header">
<input type="text" name="search" placeholder="Search" id="search-field"
title="Type to search, Up and Down to navigate, Enter to load">
</h3>
</form>
<ul id="search-results" class="initially-hidden"></ul>
</nav>
<div id="file-metadata">
<nav id="file-list-section" class="section">
<h3 class="section-header">Defined In</h3>
<ul>
<li>lib/wpscan/wp_target/wp_custom_directories.rb
</ul>
</nav>
</div>
<div id="class-metadata">
<!-- Method Quickref -->
<nav id="method-list-section" class="section">
<h3 class="section-header">Methods</h3>
<ul class="link-list">
<li ><a href="#method-i-default_wp_content_dir_exists-3F">#default_wp_content_dir_exists?</a>
<li ><a href="#method-i-wp_content_dir">#wp_content_dir</a>
<li ><a href="#method-i-wp_plugins_dir">#wp_plugins_dir</a>
<li ><a href="#method-i-wp_plugins_dir_exists-3F">#wp_plugins_dir_exists?</a>
</ul>
</nav>
</div>
<div id="project-metadata">
<nav id="fileindex-section" class="section project-section">
<h3 class="section-header">Pages</h3>
<ul>
<li class="file"><a href="../CREDITS.html">CREDITS</a>
<li class="file"><a href="../Gemfile.html">Gemfile</a>
<li class="file"><a href="../Gemfile_lock.html">Gemfile.lock</a>
<li class="file"><a href="../LICENSE.html">LICENSE</a>
<li class="file"><a href="../README.html">README</a>
<li class="file"><a href="../README_md.html">README</a>
<li class="file"><a href="../conf/browser_conf_json.html">browser.conf.json</a>
<li class="file"><a href="../generate_doc_sh.html">generate_doc.sh</a>
</ul>
</nav>
<nav id="classindex-section" class="section project-section">
<h3 class="section-header">Class and Module Index</h3>
<ul class="link-list">
<li><a href="../Array.html">Array</a>
<li><a href="../Browser.html">Browser</a>
<li><a href="../Browser/Actions.html">Browser::Actions</a>
<li><a href="../Browser/Options.html">Browser::Options</a>
<li><a href="../CacheFileStore.html">CacheFileStore</a>
<li><a href="../CheckerPlugin.html">CheckerPlugin</a>
<li><a href="../CustomOptionParser.html">CustomOptionParser</a>
<li><a href="../Ethon.html">Ethon</a>
<li><a href="../Ethon/Easy.html">Ethon::Easy</a>
<li><a href="../Ethon/Easy/Options.html">Ethon::Easy::Options</a>
<li><a href="../File.html">File</a>
<li><a href="../Gem.html">Gem</a>
<li><a href="../GenerateList.html">GenerateList</a>
<li><a href="../GitUpdater.html">GitUpdater</a>
<li><a href="../ListGeneratorPlugin.html">ListGeneratorPlugin</a>
<li><a href="../Object.html">Object</a>
<li><a href="../Plugin.html">Plugin</a>
<li><a href="../Plugins.html">Plugins</a>
<li><a href="../StatsPlugin.html">StatsPlugin</a>
<li><a href="../SvnParser.html">SvnParser</a>
<li><a href="../SvnUpdater.html">SvnUpdater</a>
<li><a href="../Terminal.html">Terminal</a>
<li><a href="../Terminal/Table.html">Terminal::Table</a>
<li><a href="../Terminal/Table/Style.html">Terminal::Table::Style</a>
<li><a href="../Typhoeus.html">Typhoeus</a>
<li><a href="../Typhoeus/Request.html">Typhoeus::Request</a>
<li><a href="../Typhoeus/Request/Cacheable.html">Typhoeus::Request::Cacheable</a>
<li><a href="../Typhoeus/Response.html">Typhoeus::Response</a>
<li><a href="../TyphoeusCache.html">TyphoeusCache</a>
<li><a href="../URI.html">URI</a>
<li><a href="../Updater.html">Updater</a>
<li><a href="../UpdaterFactory.html">UpdaterFactory</a>
<li><a href="../Vulnerabilities.html">Vulnerabilities</a>
<li><a href="../Vulnerabilities/Output.html">Vulnerabilities::Output</a>
<li><a href="../Vulnerability.html">Vulnerability</a>
<li><a href="../Vulnerability/Output.html">Vulnerability::Output</a>
<li><a href="../WebSite.html">WebSite</a>
<li><a href="../WpItem.html">WpItem</a>
<li><a href="../WpItem/Existable.html">WpItem::Existable</a>
<li><a href="../WpItem/Findable.html">WpItem::Findable</a>
<li><a href="../WpItem/Infos.html">WpItem::Infos</a>
<li><a href="../WpItem/Output.html">WpItem::Output</a>
<li><a href="../WpItem/Versionable.html">WpItem::Versionable</a>
<li><a href="../WpItem/Vulnerable.html">WpItem::Vulnerable</a>
<li><a href="../WpItems.html">WpItems</a>
<li><a href="../WpItems/Detectable.html">WpItems::Detectable</a>
<li><a href="../WpItems/Output.html">WpItems::Output</a>
<li><a href="../WpPlugin.html">WpPlugin</a>
<li><a href="../WpPlugin/Vulnerable.html">WpPlugin::Vulnerable</a>
<li><a href="../WpPlugins.html">WpPlugins</a>
<li><a href="../WpPlugins/Detectable.html">WpPlugins::Detectable</a>
<li><a href="../WpTarget.html">WpTarget</a>
<li><a href="../WpTarget/Malwares.html">WpTarget::Malwares</a>
<li><a href="../WpTarget/WpConfigBackup.html">WpTarget::WpConfigBackup</a>
<li><a href="../WpTarget/WpCustomDirectories.html">WpTarget::WpCustomDirectories</a>
<li><a href="../WpTarget/WpFullPathDisclosure.html">WpTarget::WpFullPathDisclosure</a>
<li><a href="../WpTarget/WpLoginProtection.html">WpTarget::WpLoginProtection</a>
<li><a href="../WpTarget/WpReadme.html">WpTarget::WpReadme</a>
<li><a href="../WpTarget/WpRegistrable.html">WpTarget::WpRegistrable</a>
<li><a href="../WpTheme.html">WpTheme</a>
<li><a href="../WpTheme/Findable.html">WpTheme::Findable</a>
<li><a href="../WpTheme/Versionable.html">WpTheme::Versionable</a>
<li><a href="../WpTheme/Vulnerable.html">WpTheme::Vulnerable</a>
<li><a href="../WpThemes.html">WpThemes</a>
<li><a href="../WpThemes/Detectable.html">WpThemes::Detectable</a>
<li><a href="../WpTimthumb.html">WpTimthumb</a>
<li><a href="../WpTimthumb/Existable.html">WpTimthumb::Existable</a>
<li><a href="../WpTimthumb/Output.html">WpTimthumb::Output</a>
<li><a href="../WpTimthumb/Versionable.html">WpTimthumb::Versionable</a>
<li><a href="../WpTimthumbs.html">WpTimthumbs</a>
<li><a href="../WpTimthumbs/Detectable.html">WpTimthumbs::Detectable</a>
<li><a href="../WpUser.html">WpUser</a>
<li><a href="../WpUser/BruteForcable.html">WpUser::BruteForcable</a>
<li><a href="../WpUser/Existable.html">WpUser::Existable</a>
<li><a href="../WpUsers.html">WpUsers</a>
<li><a href="../WpUsers/BruteForcable.html">WpUsers::BruteForcable</a>
<li><a href="../WpUsers/Detectable.html">WpUsers::Detectable</a>
<li><a href="../WpUsers/Output.html">WpUsers::Output</a>
<li><a href="../WpVersion.html">WpVersion</a>
<li><a href="../WpVersion/Findable.html">WpVersion::Findable</a>
<li><a href="../WpVersion/Output.html">WpVersion::Output</a>
<li><a href="../WpVersion/Vulnerable.html">WpVersion::Vulnerable</a>
<li><a href="../WpscanOptions.html">WpscanOptions</a>
</ul>
</nav>
</div>
</nav>
<div id="documentation">
<h1 class="module">module WpTarget::WpCustomDirectories</h1>
<div id="description" class="description">
</div><!-- description -->
<section id="5Buntitled-5D" class="documentation-section">
<!-- Methods -->
<section id="public-instance-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Public Instance Methods</h3>
<div id="method-i-default_wp_content_dir_exists-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">default_wp_content_dir_exists?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>@return [ Boolean ]</p>
<div class="method-source-code" id="default_wp_content_dir_exists-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_custom_directories.rb, line 23</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">default_wp_content_dir_exists?</span>
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">'wp-content'</span>).<span class="ruby-identifier">to_s</span>)
<span class="ruby-identifier">hash</span> = <span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">MD5</span>.<span class="ruby-identifier">hexdigest</span>(<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>)
<span class="ruby-keyword">if</span> <span class="ruby-constant">WpTarget</span>.<span class="ruby-identifier">valid_response_codes</span>.<span class="ruby-identifier">include?</span>(<span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span>)
<span class="ruby-keyword">return</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">hash</span> <span class="ruby-operator">!=</span> <span class="ruby-identifier">error_404_hash</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">hash</span> <span class="ruby-operator">!=</span> <span class="ruby-identifier">homepage_hash</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- default_wp_content_dir_exists-3F-source -->
</div>
</div><!-- default_wp_content_dir_exists-3F-method -->
<div id="method-i-wp_content_dir" class="method-detail ">
<div class="method-heading">
<span class="method-name">wp_content_dir</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>@return [ String ] The wp-content directory</p>
<div class="method-source-code" id="wp_content_dir-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_custom_directories.rb, line 6</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">wp_content_dir</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@wp_content_dir</span>
<span class="ruby-identifier">index_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>
<span class="ruby-identifier">uri_path</span> = <span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">path</span> <span class="ruby-comment"># Only use the path because domain can be text or an IP</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">index_body</span>[<span class="ruby-regexp">/\/wp-content\/(?:themes|plugins)\//</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">default_wp_content_dir_exists?</span>
<span class="ruby-ivar">@wp_content_dir</span> = <span class="ruby-string">'wp-content'</span>
<span class="ruby-keyword">else</span>
<span class="ruby-identifier">domains_excluded</span> = <span class="ruby-string">'(?:www\.)?(facebook|twitter)\.com'</span>
<span class="ruby-ivar">@wp_content_dir</span> = <span class="ruby-identifier">index_body</span>[<span class="ruby-node">/(?:href|src)\s*=\s*(?:&quot;|').+#{Regexp.escape(uri_path)}((?!#{domains_excluded})[^&quot;']+)\/(?:themes|plugins)\/.*(?:&quot;|')/</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-ivar">@wp_content_dir</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- wp_content_dir-source -->
</div>
</div><!-- wp_content_dir-method -->
<div id="method-i-wp_plugins_dir" class="method-detail ">
<div class="method-heading">
<span class="method-name">wp_plugins_dir</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>@return [ String ] The wp-plugins directory</p>
<div class="method-source-code" id="wp_plugins_dir-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_custom_directories.rb, line 35</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">wp_plugins_dir</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@wp_plugins_dir</span>
<span class="ruby-ivar">@wp_plugins_dir</span> = <span class="ruby-node">&quot;#{wp_content_dir}/plugins&quot;</span>
<span class="ruby-keyword">end</span>
<span class="ruby-ivar">@wp_plugins_dir</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- wp_plugins_dir-source -->
</div>
</div><!-- wp_plugins_dir-method -->
<div id="method-i-wp_plugins_dir_exists-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">wp_plugins_dir_exists?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>@return [ Boolean ]</p>
<div class="method-source-code" id="wp_plugins_dir_exists-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_custom_directories.rb, line 43</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">wp_plugins_dir_exists?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-identifier">wp_plugins_dir</span>).<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">code</span> <span class="ruby-operator">!=</span> <span class="ruby-value">404</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- wp_plugins_dir_exists-3F-source -->
</div>
</div><!-- wp_plugins_dir_exists-3F-method -->
</section><!-- public-instance-method-details -->
</section><!-- 5Buntitled-5D -->
</div><!-- documentation -->
<footer id="validator-badges">
<p><a href="http://validator.w3.org/check/referer">[Validate]</a>
<p>Generated by <a href="https://github.com/rdoc/rdoc">RDoc</a> 4.0.1.
<p>Generated with the <a href="http://deveiate.org/projects/Darkfish-Rdoc/">Darkfish Rdoc Generator</a> 3.
</footer>

387
doc_rdoc/WpTarget/WpFullPathDisclosure.html Normal file
View File

@@ -0,0 +1,387 @@
<!DOCTYPE html>
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title>module WpTarget::WpFullPathDisclosure - RDoc Documentation</title>
<link type="text/css" media="screen" href="../rdoc.css" rel="stylesheet">
<script type="text/javascript">
var rdoc_rel_prefix = "../";
</script>
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/navigation.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search_index.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/searcher.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/darkfish.js"></script>
<body id="top" class="module">
<nav id="metadata">
<nav id="home-section" class="section">
<h3 class="section-header">
<a href="../index.html">Home</a>
<a href="../table_of_contents.html#classes">Classes</a>
<a href="../table_of_contents.html#methods">Methods</a>
</h3>
</nav>
<nav id="search-section" class="section project-section" class="initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<h3 class="section-header">
<input type="text" name="search" placeholder="Search" id="search-field"
title="Type to search, Up and Down to navigate, Enter to load">
</h3>
</form>
<ul id="search-results" class="initially-hidden"></ul>
</nav>
<div id="file-metadata">
<nav id="file-list-section" class="section">
<h3 class="section-header">Defined In</h3>
<ul>
<li>lib/wpscan/wp_target/wp_full_path_disclosure.rb
</ul>
</nav>
</div>
<div id="class-metadata">
<!-- Method Quickref -->
<nav id="method-list-section" class="section">
<h3 class="section-header">Methods</h3>
<ul class="link-list">
<li ><a href="#method-i-full_path_disclosure_url">#full_path_disclosure_url</a>
<li ><a href="#method-i-has_full_path_disclosure-3F">#has_full_path_disclosure?</a>
</ul>
</nav>
</div>
<div id="project-metadata">
<nav id="fileindex-section" class="section project-section">
<h3 class="section-header">Pages</h3>
<ul>
<li class="file"><a href="../CREDITS.html">CREDITS</a>
<li class="file"><a href="../Gemfile.html">Gemfile</a>
<li class="file"><a href="../Gemfile_lock.html">Gemfile.lock</a>
<li class="file"><a href="../LICENSE.html">LICENSE</a>
<li class="file"><a href="../README.html">README</a>
<li class="file"><a href="../README_md.html">README</a>
<li class="file"><a href="../conf/browser_conf_json.html">browser.conf.json</a>
<li class="file"><a href="../generate_doc_sh.html">generate_doc.sh</a>
</ul>
</nav>
<nav id="classindex-section" class="section project-section">
<h3 class="section-header">Class and Module Index</h3>
<ul class="link-list">
<li><a href="../Array.html">Array</a>
<li><a href="../Browser.html">Browser</a>
<li><a href="../Browser/Actions.html">Browser::Actions</a>
<li><a href="../Browser/Options.html">Browser::Options</a>
<li><a href="../CacheFileStore.html">CacheFileStore</a>
<li><a href="../CheckerPlugin.html">CheckerPlugin</a>
<li><a href="../CustomOptionParser.html">CustomOptionParser</a>
<li><a href="../Ethon.html">Ethon</a>
<li><a href="../Ethon/Easy.html">Ethon::Easy</a>
<li><a href="../Ethon/Easy/Options.html">Ethon::Easy::Options</a>
<li><a href="../File.html">File</a>
<li><a href="../Gem.html">Gem</a>
<li><a href="../GenerateList.html">GenerateList</a>
<li><a href="../GitUpdater.html">GitUpdater</a>
<li><a href="../ListGeneratorPlugin.html">ListGeneratorPlugin</a>
<li><a href="../Object.html">Object</a>
<li><a href="../Plugin.html">Plugin</a>
<li><a href="../Plugins.html">Plugins</a>
<li><a href="../StatsPlugin.html">StatsPlugin</a>
<li><a href="../SvnParser.html">SvnParser</a>
<li><a href="../SvnUpdater.html">SvnUpdater</a>
<li><a href="../Terminal.html">Terminal</a>
<li><a href="../Terminal/Table.html">Terminal::Table</a>
<li><a href="../Terminal/Table/Style.html">Terminal::Table::Style</a>
<li><a href="../Typhoeus.html">Typhoeus</a>
<li><a href="../Typhoeus/Request.html">Typhoeus::Request</a>
<li><a href="../Typhoeus/Request/Cacheable.html">Typhoeus::Request::Cacheable</a>
<li><a href="../Typhoeus/Response.html">Typhoeus::Response</a>
<li><a href="../TyphoeusCache.html">TyphoeusCache</a>
<li><a href="../URI.html">URI</a>
<li><a href="../Updater.html">Updater</a>
<li><a href="../UpdaterFactory.html">UpdaterFactory</a>
<li><a href="../Vulnerabilities.html">Vulnerabilities</a>
<li><a href="../Vulnerabilities/Output.html">Vulnerabilities::Output</a>
<li><a href="../Vulnerability.html">Vulnerability</a>
<li><a href="../Vulnerability/Output.html">Vulnerability::Output</a>
<li><a href="../WebSite.html">WebSite</a>
<li><a href="../WpItem.html">WpItem</a>
<li><a href="../WpItem/Existable.html">WpItem::Existable</a>
<li><a href="../WpItem/Findable.html">WpItem::Findable</a>
<li><a href="../WpItem/Infos.html">WpItem::Infos</a>
<li><a href="../WpItem/Output.html">WpItem::Output</a>
<li><a href="../WpItem/Versionable.html">WpItem::Versionable</a>
<li><a href="../WpItem/Vulnerable.html">WpItem::Vulnerable</a>
<li><a href="../WpItems.html">WpItems</a>
<li><a href="../WpItems/Detectable.html">WpItems::Detectable</a>
<li><a href="../WpItems/Output.html">WpItems::Output</a>
<li><a href="../WpPlugin.html">WpPlugin</a>
<li><a href="../WpPlugin/Vulnerable.html">WpPlugin::Vulnerable</a>
<li><a href="../WpPlugins.html">WpPlugins</a>
<li><a href="../WpPlugins/Detectable.html">WpPlugins::Detectable</a>
<li><a href="../WpTarget.html">WpTarget</a>
<li><a href="../WpTarget/Malwares.html">WpTarget::Malwares</a>
<li><a href="../WpTarget/WpConfigBackup.html">WpTarget::WpConfigBackup</a>
<li><a href="../WpTarget/WpCustomDirectories.html">WpTarget::WpCustomDirectories</a>
<li><a href="../WpTarget/WpFullPathDisclosure.html">WpTarget::WpFullPathDisclosure</a>
<li><a href="../WpTarget/WpLoginProtection.html">WpTarget::WpLoginProtection</a>
<li><a href="../WpTarget/WpReadme.html">WpTarget::WpReadme</a>
<li><a href="../WpTarget/WpRegistrable.html">WpTarget::WpRegistrable</a>
<li><a href="../WpTheme.html">WpTheme</a>
<li><a href="../WpTheme/Findable.html">WpTheme::Findable</a>
<li><a href="../WpTheme/Versionable.html">WpTheme::Versionable</a>
<li><a href="../WpTheme/Vulnerable.html">WpTheme::Vulnerable</a>
<li><a href="../WpThemes.html">WpThemes</a>
<li><a href="../WpThemes/Detectable.html">WpThemes::Detectable</a>
<li><a href="../WpTimthumb.html">WpTimthumb</a>
<li><a href="../WpTimthumb/Existable.html">WpTimthumb::Existable</a>
<li><a href="../WpTimthumb/Output.html">WpTimthumb::Output</a>
<li><a href="../WpTimthumb/Versionable.html">WpTimthumb::Versionable</a>
<li><a href="../WpTimthumbs.html">WpTimthumbs</a>
<li><a href="../WpTimthumbs/Detectable.html">WpTimthumbs::Detectable</a>
<li><a href="../WpUser.html">WpUser</a>
<li><a href="../WpUser/BruteForcable.html">WpUser::BruteForcable</a>
<li><a href="../WpUser/Existable.html">WpUser::Existable</a>
<li><a href="../WpUsers.html">WpUsers</a>
<li><a href="../WpUsers/BruteForcable.html">WpUsers::BruteForcable</a>
<li><a href="../WpUsers/Detectable.html">WpUsers::Detectable</a>
<li><a href="../WpUsers/Output.html">WpUsers::Output</a>
<li><a href="../WpVersion.html">WpVersion</a>
<li><a href="../WpVersion/Findable.html">WpVersion::Findable</a>
<li><a href="../WpVersion/Output.html">WpVersion::Output</a>
<li><a href="../WpVersion/Vulnerable.html">WpVersion::Vulnerable</a>
<li><a href="../WpscanOptions.html">WpscanOptions</a>
</ul>
</nav>
</div>
</nav>
<div id="documentation">
<h1 class="module">module WpTarget::WpFullPathDisclosure</h1>
<div id="description" class="description">
</div><!-- description -->
<section id="5Buntitled-5D" class="documentation-section">
<!-- Methods -->
<section id="public-instance-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Public Instance Methods</h3>
<div id="method-i-full_path_disclosure_url" class="method-detail ">
<div class="method-heading">
<span class="method-name">full_path_disclosure_url</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>@return [ String ]</p>
<div class="method-source-code" id="full_path_disclosure_url-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_full_path_disclosure.rb, line 14</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">full_path_disclosure_url</span>
<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">'wp-includes/rss-functions.php'</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- full_path_disclosure_url-source -->
</div>
</div><!-- full_path_disclosure_url-method -->
<div id="method-i-has_full_path_disclosure-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_full_path_disclosure?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Check for Full Path Disclosure (FPD)</p>
<p>@return [ Boolean ]</p>
<div class="method-source-code" id="has_full_path_disclosure-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_full_path_disclosure.rb, line 8</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_full_path_disclosure?</span>
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">full_path_disclosure_url</span>())
<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%r{Fatal error}</span>] <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_full_path_disclosure-3F-source -->
</div>
</div><!-- has_full_path_disclosure-3F-method -->
</section><!-- public-instance-method-details -->
</section><!-- 5Buntitled-5D -->
</div><!-- documentation -->
<footer id="validator-badges">
<p><a href="http://validator.w3.org/check/referer">[Validate]</a>
<p>Generated by <a href="https://github.com/rdoc/rdoc">RDoc</a> 4.0.1.
<p>Generated with the <a href="http://deveiate.org/projects/Darkfish-Rdoc/">Darkfish Rdoc Generator</a> 3.
</footer>

889
doc_rdoc/WpTarget/WpLoginProtection.html Normal file
View File

@@ -0,0 +1,889 @@
<!DOCTYPE html>
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title>module WpTarget::WpLoginProtection - RDoc Documentation</title>
<link type="text/css" media="screen" href="../rdoc.css" rel="stylesheet">
<script type="text/javascript">
var rdoc_rel_prefix = "../";
</script>
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/navigation.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search_index.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/searcher.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/darkfish.js"></script>
<body id="top" class="module">
<nav id="metadata">
<nav id="home-section" class="section">
<h3 class="section-header">
<a href="../index.html">Home</a>
<a href="../table_of_contents.html#classes">Classes</a>
<a href="../table_of_contents.html#methods">Methods</a>
</h3>
</nav>
<nav id="search-section" class="section project-section" class="initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<h3 class="section-header">
<input type="text" name="search" placeholder="Search" id="search-field"
title="Type to search, Up and Down to navigate, Enter to load">
</h3>
</form>
<ul id="search-results" class="initially-hidden"></ul>
</nav>
<div id="file-metadata">
<nav id="file-list-section" class="section">
<h3 class="section-header">Defined In</h3>
<ul>
<li>lib/wpscan/wp_target/wp_login_protection.rb
</ul>
</nav>
</div>
<div id="class-metadata">
<!-- Method Quickref -->
<nav id="method-list-section" class="section">
<h3 class="section-header">Methods</h3>
<ul class="link-list">
<li ><a href="#method-i-better_wp_security_url">#better_wp_security_url</a>
<li ><a href="#method-i-bluetrait_event_viewer_url">#bluetrait_event_viewer_url</a>
<li ><a href="#method-i-has_better_wp_security_protection-3F">#has_better_wp_security_protection?</a>
<li ><a href="#method-i-has_bluetrait_event_viewer_protection-3F">#has_bluetrait_event_viewer_protection?</a>
<li ><a href="#method-i-has_limit_login_attempts_protection-3F">#has_limit_login_attempts_protection?</a>
<li ><a href="#method-i-has_login_lock_protection-3F">#has_login_lock_protection?</a>
<li ><a href="#method-i-has_login_lockdown_protection-3F">#has_login_lockdown_protection?</a>
<li ><a href="#method-i-has_login_protection-3F">#has_login_protection?</a>
<li ><a href="#method-i-has_login_security_solution_protection-3F">#has_login_security_solution_protection?</a>
<li ><a href="#method-i-has_simple_login_lockdown_protection-3F">#has_simple_login_lockdown_protection?</a>
<li ><a href="#method-i-limit_login_attempts_url">#limit_login_attempts_url</a>
<li ><a href="#method-i-login_protection_plugin">#login_protection_plugin</a>
<li ><a href="#method-i-login_security_solution_url">#login_security_solution_url</a>
<li ><a href="#method-i-plugin_url">#plugin_url</a>
<li ><a href="#method-i-simple_login_lockdown_url">#simple_login_lockdown_url</a>
</ul>
</nav>
</div>
<div id="project-metadata">
<nav id="fileindex-section" class="section project-section">
<h3 class="section-header">Pages</h3>
<ul>
<li class="file"><a href="../CREDITS.html">CREDITS</a>
<li class="file"><a href="../Gemfile.html">Gemfile</a>
<li class="file"><a href="../Gemfile_lock.html">Gemfile.lock</a>
<li class="file"><a href="../LICENSE.html">LICENSE</a>
<li class="file"><a href="../README.html">README</a>
<li class="file"><a href="../README_md.html">README</a>
<li class="file"><a href="../conf/browser_conf_json.html">browser.conf.json</a>
<li class="file"><a href="../generate_doc_sh.html">generate_doc.sh</a>
</ul>
</nav>
<nav id="classindex-section" class="section project-section">
<h3 class="section-header">Class and Module Index</h3>
<ul class="link-list">
<li><a href="../Array.html">Array</a>
<li><a href="../Browser.html">Browser</a>
<li><a href="../Browser/Actions.html">Browser::Actions</a>
<li><a href="../Browser/Options.html">Browser::Options</a>
<li><a href="../CacheFileStore.html">CacheFileStore</a>
<li><a href="../CheckerPlugin.html">CheckerPlugin</a>
<li><a href="../CustomOptionParser.html">CustomOptionParser</a>
<li><a href="../Ethon.html">Ethon</a>
<li><a href="../Ethon/Easy.html">Ethon::Easy</a>
<li><a href="../Ethon/Easy/Options.html">Ethon::Easy::Options</a>
<li><a href="../File.html">File</a>
<li><a href="../Gem.html">Gem</a>
<li><a href="../GenerateList.html">GenerateList</a>
<li><a href="../GitUpdater.html">GitUpdater</a>
<li><a href="../ListGeneratorPlugin.html">ListGeneratorPlugin</a>
<li><a href="../Object.html">Object</a>
<li><a href="../Plugin.html">Plugin</a>
<li><a href="../Plugins.html">Plugins</a>
<li><a href="../StatsPlugin.html">StatsPlugin</a>
<li><a href="../SvnParser.html">SvnParser</a>
<li><a href="../SvnUpdater.html">SvnUpdater</a>
<li><a href="../Terminal.html">Terminal</a>
<li><a href="../Terminal/Table.html">Terminal::Table</a>
<li><a href="../Terminal/Table/Style.html">Terminal::Table::Style</a>
<li><a href="../Typhoeus.html">Typhoeus</a>
<li><a href="../Typhoeus/Request.html">Typhoeus::Request</a>
<li><a href="../Typhoeus/Request/Cacheable.html">Typhoeus::Request::Cacheable</a>
<li><a href="../Typhoeus/Response.html">Typhoeus::Response</a>
<li><a href="../TyphoeusCache.html">TyphoeusCache</a>
<li><a href="../URI.html">URI</a>
<li><a href="../Updater.html">Updater</a>
<li><a href="../UpdaterFactory.html">UpdaterFactory</a>
<li><a href="../Vulnerabilities.html">Vulnerabilities</a>
<li><a href="../Vulnerabilities/Output.html">Vulnerabilities::Output</a>
<li><a href="../Vulnerability.html">Vulnerability</a>
<li><a href="../Vulnerability/Output.html">Vulnerability::Output</a>
<li><a href="../WebSite.html">WebSite</a>
<li><a href="../WpItem.html">WpItem</a>
<li><a href="../WpItem/Existable.html">WpItem::Existable</a>
<li><a href="../WpItem/Findable.html">WpItem::Findable</a>
<li><a href="../WpItem/Infos.html">WpItem::Infos</a>
<li><a href="../WpItem/Output.html">WpItem::Output</a>
<li><a href="../WpItem/Versionable.html">WpItem::Versionable</a>
<li><a href="../WpItem/Vulnerable.html">WpItem::Vulnerable</a>
<li><a href="../WpItems.html">WpItems</a>
<li><a href="../WpItems/Detectable.html">WpItems::Detectable</a>
<li><a href="../WpItems/Output.html">WpItems::Output</a>
<li><a href="../WpPlugin.html">WpPlugin</a>
<li><a href="../WpPlugin/Vulnerable.html">WpPlugin::Vulnerable</a>
<li><a href="../WpPlugins.html">WpPlugins</a>
<li><a href="../WpPlugins/Detectable.html">WpPlugins::Detectable</a>
<li><a href="../WpTarget.html">WpTarget</a>
<li><a href="../WpTarget/Malwares.html">WpTarget::Malwares</a>
<li><a href="../WpTarget/WpConfigBackup.html">WpTarget::WpConfigBackup</a>
<li><a href="../WpTarget/WpCustomDirectories.html">WpTarget::WpCustomDirectories</a>
<li><a href="../WpTarget/WpFullPathDisclosure.html">WpTarget::WpFullPathDisclosure</a>
<li><a href="../WpTarget/WpLoginProtection.html">WpTarget::WpLoginProtection</a>
<li><a href="../WpTarget/WpReadme.html">WpTarget::WpReadme</a>
<li><a href="../WpTarget/WpRegistrable.html">WpTarget::WpRegistrable</a>
<li><a href="../WpTheme.html">WpTheme</a>
<li><a href="../WpTheme/Findable.html">WpTheme::Findable</a>
<li><a href="../WpTheme/Versionable.html">WpTheme::Versionable</a>
<li><a href="../WpTheme/Vulnerable.html">WpTheme::Vulnerable</a>
<li><a href="../WpThemes.html">WpThemes</a>
<li><a href="../WpThemes/Detectable.html">WpThemes::Detectable</a>
<li><a href="../WpTimthumb.html">WpTimthumb</a>
<li><a href="../WpTimthumb/Existable.html">WpTimthumb::Existable</a>
<li><a href="../WpTimthumb/Output.html">WpTimthumb::Output</a>
<li><a href="../WpTimthumb/Versionable.html">WpTimthumb::Versionable</a>
<li><a href="../WpTimthumbs.html">WpTimthumbs</a>
<li><a href="../WpTimthumbs/Detectable.html">WpTimthumbs::Detectable</a>
<li><a href="../WpUser.html">WpUser</a>
<li><a href="../WpUser/BruteForcable.html">WpUser::BruteForcable</a>
<li><a href="../WpUser/Existable.html">WpUser::Existable</a>
<li><a href="../WpUsers.html">WpUsers</a>
<li><a href="../WpUsers/BruteForcable.html">WpUsers::BruteForcable</a>
<li><a href="../WpUsers/Detectable.html">WpUsers::Detectable</a>
<li><a href="../WpUsers/Output.html">WpUsers::Output</a>
<li><a href="../WpVersion.html">WpVersion</a>
<li><a href="../WpVersion/Findable.html">WpVersion::Findable</a>
<li><a href="../WpVersion/Output.html">WpVersion::Output</a>
<li><a href="../WpVersion/Vulnerable.html">WpVersion::Vulnerable</a>
<li><a href="../WpscanOptions.html">WpscanOptions</a>
</ul>
</nav>
</div>
</nav>
<div id="documentation">
<h1 class="module">module WpTarget::WpLoginProtection</h1>
<div id="description" class="description">
</div><!-- description -->
<section id="5Buntitled-5D" class="documentation-section">
<!-- Constants -->
<section id="constants-list" class="section">
<h3 class="section-header">Constants</h3>
<dl>
<dt id="LOGIN_PROTECTION_METHOD_PATTERN">LOGIN_PROTECTION_METHOD_PATTERN
<dd class="description">
</dl>
</section>
<!-- Methods -->
<section id="public-instance-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Public Instance Methods</h3>
<div id="method-i-has_login_protection-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_login_protection?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="has_login_protection-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 9</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_login_protection?</span>
<span class="ruby-operator">!</span><span class="ruby-identifier">login_protection_plugin</span>().<span class="ruby-identifier">nil?</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_login_protection-3F-source -->
</div>
</div><!-- has_login_protection-3F-method -->
<div id="method-i-login_protection_plugin" class="method-detail ">
<div class="method-heading">
<span class="method-name">login_protection_plugin</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Checks if a login protection plugin is enabled <a
href="http://code.google.com/p/wpscan/issues/detail?id=111">code.google.com/p/wpscan/issues/detail?id=111</a>
return a <a href="../WpPlugin.html">WpPlugin</a> object or nil if no one is
found</p>
<div class="method-source-code" id="login_protection_plugin-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 16</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">login_protection_plugin</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@login_protection_plugin</span>
<span class="ruby-identifier">protected_methods</span>.<span class="ruby-identifier">grep</span>(<span class="ruby-constant">LOGIN_PROTECTION_METHOD_PATTERN</span>).<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">symbol_to_call</span><span class="ruby-operator">|</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">send</span>(<span class="ruby-identifier">symbol_to_call</span>)
<span class="ruby-identifier">plugin_name</span> = <span class="ruby-identifier">symbol_to_call</span>[<span class="ruby-constant">LOGIN_PROTECTION_METHOD_PATTERN</span>, <span class="ruby-value">1</span>].<span class="ruby-identifier">gsub</span>(<span class="ruby-string">'_'</span>, <span class="ruby-string">'-'</span>)
<span class="ruby-keyword">return</span> <span class="ruby-ivar">@login_protection_plugin</span> = <span class="ruby-constant">WpPlugin</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-ivar">@uri</span>,
<span class="ruby-identifier">name</span><span class="ruby-operator">:</span> <span class="ruby-identifier">plugin_name</span>,
<span class="ruby-identifier">wp_content_dir</span><span class="ruby-operator">:</span> <span class="ruby-identifier">wp_content_dir</span>,
<span class="ruby-identifier">wp_plugins_dir</span><span class="ruby-operator">:</span> <span class="ruby-identifier">wp_plugins_dir</span>
)
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-ivar">@login_protection_plugin</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-keyword">end</span>
<span class="ruby-ivar">@login_protection_plugin</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- login_protection_plugin-source -->
</div>
</div><!-- login_protection_plugin-method -->
</section><!-- public-instance-method-details -->
<section id="protected-instance-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Protected Instance Methods</h3>
<div id="method-i-better_wp_security_url" class="method-detail ">
<div class="method-heading">
<span class="method-name">better_wp_security_url</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="better_wp_security_url-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 62</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">better_wp_security_url</span>
<span class="ruby-identifier">plugin_url</span>(<span class="ruby-string">'better-wp-security/'</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- better_wp_security_url-source -->
</div>
</div><!-- better_wp_security_url-method -->
<div id="method-i-bluetrait_event_viewer_url" class="method-detail ">
<div class="method-heading">
<span class="method-name">bluetrait_event_viewer_url</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="bluetrait_event_viewer_url-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 98</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">bluetrait_event_viewer_url</span>
<span class="ruby-identifier">plugin_url</span>(<span class="ruby-string">'bluetrait-event-viewer'</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- bluetrait_event_viewer_url-source -->
</div>
</div><!-- bluetrait_event_viewer_url-method -->
<div id="method-i-has_better_wp_security_protection-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_better_wp_security_protection?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p><a
href="http://wordpress.org/extend/plugins/better-wp-security">wordpress.org/extend/plugins/better-wp-security</a>/</p>
<div class="method-source-code" id="has_better_wp_security_protection-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 49</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_better_wp_security_protection?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">better_wp_security_url</span>).<span class="ruby-identifier">code</span> <span class="ruby-operator">!=</span> <span class="ruby-value">404</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_better_wp_security_protection-3F-source -->
</div>
</div><!-- has_better_wp_security_protection-3F-method -->
<div id="method-i-has_bluetrait_event_viewer_protection-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_bluetrait_event_viewer_protection?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p><a
href="http://wordpress.org/extend/plugins/bluetrait-event-viewer">wordpress.org/extend/plugins/bluetrait-event-viewer</a>/</p>
<div class="method-source-code" id="has_bluetrait_event_viewer_protection-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 94</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_bluetrait_event_viewer_protection?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">bluetrait_event_viewer_url</span>).<span class="ruby-identifier">code</span> <span class="ruby-operator">!=</span> <span class="ruby-value">404</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_bluetrait_event_viewer_protection-3F-source -->
</div>
</div><!-- has_bluetrait_event_viewer_protection-3F-method -->
<div id="method-i-has_limit_login_attempts_protection-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_limit_login_attempts_protection?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p><a
href="http://wordpress.org/extend/plugins/limit-login-attempts">wordpress.org/extend/plugins/limit-login-attempts</a>/</p>
<div class="method-source-code" id="has_limit_login_attempts_protection-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 85</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_limit_login_attempts_protection?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">limit_login_attempts_url</span>).<span class="ruby-identifier">code</span> <span class="ruby-operator">!=</span> <span class="ruby-value">404</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_limit_login_attempts_protection-3F-source -->
</div>
</div><!-- has_limit_login_attempts_protection-3F-method -->
<div id="method-i-has_login_lock_protection-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_login_lock_protection?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p><a
href="http://wordpress.org/extend/plugins/login-lock">wordpress.org/extend/plugins/login-lock</a>/</p>
<div class="method-source-code" id="has_login_lock_protection-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 44</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_login_lock_protection?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">login_url</span>).<span class="ruby-identifier">body</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">%r{LOGIN LOCK}</span> <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_login_lock_protection-3F-source -->
</div>
</div><!-- has_login_lock_protection-3F-method -->
<div id="method-i-has_login_lockdown_protection-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_login_lockdown_protection?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Thanks to Alip Aswalid for providing this method. <a
href="http://wordpress.org/extend/plugins/login-lockdown">wordpress.org/extend/plugins/login-lockdown</a>/</p>
<div class="method-source-code" id="has_login_lockdown_protection-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 39</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_login_lockdown_protection?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">login_url</span>).<span class="ruby-identifier">body</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">%r{Login LockDown}</span> <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_login_lockdown_protection-3F-source -->
</div>
</div><!-- has_login_lockdown_protection-3F-method -->
<div id="method-i-has_login_security_solution_protection-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_login_security_solution_protection?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p><a
href="http://wordpress.org/extend/plugins/login-security-solution">wordpress.org/extend/plugins/login-security-solution</a>/</p>
<div class="method-source-code" id="has_login_security_solution_protection-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 76</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_login_security_solution_protection?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">login_security_solution_url</span>()).<span class="ruby-identifier">code</span> <span class="ruby-operator">!=</span> <span class="ruby-value">404</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_login_security_solution_protection-3F-source -->
</div>
</div><!-- has_login_security_solution_protection-3F-method -->
<div id="method-i-has_simple_login_lockdown_protection-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_simple_login_lockdown_protection?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p><a
href="http://wordpress.org/extend/plugins/simple-login-lockdown">wordpress.org/extend/plugins/simple-login-lockdown</a>/</p>
<div class="method-source-code" id="has_simple_login_lockdown_protection-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 67</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_simple_login_lockdown_protection?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">simple_login_lockdown_url</span>).<span class="ruby-identifier">code</span> <span class="ruby-operator">!=</span> <span class="ruby-value">404</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_simple_login_lockdown_protection-3F-source -->
</div>
</div><!-- has_simple_login_lockdown_protection-3F-method -->
<div id="method-i-limit_login_attempts_url" class="method-detail ">
<div class="method-heading">
<span class="method-name">limit_login_attempts_url</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="limit_login_attempts_url-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 89</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">limit_login_attempts_url</span>
<span class="ruby-identifier">plugin_url</span>(<span class="ruby-string">'limit-login-attempts'</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- limit_login_attempts_url-source -->
</div>
</div><!-- limit_login_attempts_url-method -->
<div id="method-i-login_security_solution_url" class="method-detail ">
<div class="method-heading">
<span class="method-name">login_security_solution_url</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="login_security_solution_url-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 80</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">login_security_solution_url</span>
<span class="ruby-identifier">plugin_url</span>(<span class="ruby-string">'login-security-solution'</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- login_security_solution_url-source -->
</div>
</div><!-- login_security_solution_url-method -->
<div id="method-i-plugin_url" class="method-detail ">
<div class="method-heading">
<span class="method-name">plugin_url</span><span
class="method-args">(plugin_name)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="plugin_url-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 53</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">plugin_url</span>(<span class="ruby-identifier">plugin_name</span>)
<span class="ruby-constant">WpPlugin</span>.<span class="ruby-identifier">new</span>(
<span class="ruby-ivar">@uri</span>,
<span class="ruby-identifier">name</span><span class="ruby-operator">:</span> <span class="ruby-identifier">plugin_name</span>,
<span class="ruby-identifier">wp_content_dir</span><span class="ruby-operator">:</span> <span class="ruby-identifier">wp_content_dir</span>,
<span class="ruby-identifier">wp_plugins_dir</span><span class="ruby-operator">:</span> <span class="ruby-identifier">wp_plugins_dir</span>
).<span class="ruby-identifier">url</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- plugin_url-source -->
</div>
</div><!-- plugin_url-method -->
<div id="method-i-simple_login_lockdown_url" class="method-detail ">
<div class="method-heading">
<span class="method-name">simple_login_lockdown_url</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="simple_login_lockdown_url-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_login_protection.rb, line 71</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">simple_login_lockdown_url</span>
<span class="ruby-identifier">plugin_url</span>(<span class="ruby-string">'simple-login-lockdown/'</span>)
<span class="ruby-keyword">end</span></pre>
</div><!-- simple_login_lockdown_url-source -->
</div>
</div><!-- simple_login_lockdown_url-method -->
</section><!-- protected-instance-method-details -->
</section><!-- 5Buntitled-5D -->
</div><!-- documentation -->
<footer id="validator-badges">
<p><a href="http://validator.w3.org/check/referer">[Validate]</a>
<p>Generated by <a href="https://github.com/rdoc/rdoc">RDoc</a> 4.0.1.
<p>Generated with the <a href="http://deveiate.org/projects/Darkfish-Rdoc/">Darkfish Rdoc Generator</a> 3.
</footer>

394
doc_rdoc/WpTarget/WpReadme.html Normal file
View File

@@ -0,0 +1,394 @@
<!DOCTYPE html>
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title>module WpTarget::WpReadme - RDoc Documentation</title>
<link type="text/css" media="screen" href="../rdoc.css" rel="stylesheet">
<script type="text/javascript">
var rdoc_rel_prefix = "../";
</script>
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/navigation.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search_index.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/searcher.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/darkfish.js"></script>
<body id="top" class="module">
<nav id="metadata">
<nav id="home-section" class="section">
<h3 class="section-header">
<a href="../index.html">Home</a>
<a href="../table_of_contents.html#classes">Classes</a>
<a href="../table_of_contents.html#methods">Methods</a>
</h3>
</nav>
<nav id="search-section" class="section project-section" class="initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<h3 class="section-header">
<input type="text" name="search" placeholder="Search" id="search-field"
title="Type to search, Up and Down to navigate, Enter to load">
</h3>
</form>
<ul id="search-results" class="initially-hidden"></ul>
</nav>
<div id="file-metadata">
<nav id="file-list-section" class="section">
<h3 class="section-header">Defined In</h3>
<ul>
<li>lib/wpscan/wp_target/wp_readme.rb
</ul>
</nav>
</div>
<div id="class-metadata">
<!-- Method Quickref -->
<nav id="method-list-section" class="section">
<h3 class="section-header">Methods</h3>
<ul class="link-list">
<li ><a href="#method-i-has_readme-3F">#has_readme?</a>
<li ><a href="#method-i-readme_url">#readme_url</a>
</ul>
</nav>
</div>
<div id="project-metadata">
<nav id="fileindex-section" class="section project-section">
<h3 class="section-header">Pages</h3>
<ul>
<li class="file"><a href="../CREDITS.html">CREDITS</a>
<li class="file"><a href="../Gemfile.html">Gemfile</a>
<li class="file"><a href="../Gemfile_lock.html">Gemfile.lock</a>
<li class="file"><a href="../LICENSE.html">LICENSE</a>
<li class="file"><a href="../README.html">README</a>
<li class="file"><a href="../README_md.html">README</a>
<li class="file"><a href="../conf/browser_conf_json.html">browser.conf.json</a>
<li class="file"><a href="../generate_doc_sh.html">generate_doc.sh</a>
</ul>
</nav>
<nav id="classindex-section" class="section project-section">
<h3 class="section-header">Class and Module Index</h3>
<ul class="link-list">
<li><a href="../Array.html">Array</a>
<li><a href="../Browser.html">Browser</a>
<li><a href="../Browser/Actions.html">Browser::Actions</a>
<li><a href="../Browser/Options.html">Browser::Options</a>
<li><a href="../CacheFileStore.html">CacheFileStore</a>
<li><a href="../CheckerPlugin.html">CheckerPlugin</a>
<li><a href="../CustomOptionParser.html">CustomOptionParser</a>
<li><a href="../Ethon.html">Ethon</a>
<li><a href="../Ethon/Easy.html">Ethon::Easy</a>
<li><a href="../Ethon/Easy/Options.html">Ethon::Easy::Options</a>
<li><a href="../File.html">File</a>
<li><a href="../Gem.html">Gem</a>
<li><a href="../GenerateList.html">GenerateList</a>
<li><a href="../GitUpdater.html">GitUpdater</a>
<li><a href="../ListGeneratorPlugin.html">ListGeneratorPlugin</a>
<li><a href="../Object.html">Object</a>
<li><a href="../Plugin.html">Plugin</a>
<li><a href="../Plugins.html">Plugins</a>
<li><a href="../StatsPlugin.html">StatsPlugin</a>
<li><a href="../SvnParser.html">SvnParser</a>
<li><a href="../SvnUpdater.html">SvnUpdater</a>
<li><a href="../Terminal.html">Terminal</a>
<li><a href="../Terminal/Table.html">Terminal::Table</a>
<li><a href="../Terminal/Table/Style.html">Terminal::Table::Style</a>
<li><a href="../Typhoeus.html">Typhoeus</a>
<li><a href="../Typhoeus/Request.html">Typhoeus::Request</a>
<li><a href="../Typhoeus/Request/Cacheable.html">Typhoeus::Request::Cacheable</a>
<li><a href="../Typhoeus/Response.html">Typhoeus::Response</a>
<li><a href="../TyphoeusCache.html">TyphoeusCache</a>
<li><a href="../URI.html">URI</a>
<li><a href="../Updater.html">Updater</a>
<li><a href="../UpdaterFactory.html">UpdaterFactory</a>
<li><a href="../Vulnerabilities.html">Vulnerabilities</a>
<li><a href="../Vulnerabilities/Output.html">Vulnerabilities::Output</a>
<li><a href="../Vulnerability.html">Vulnerability</a>
<li><a href="../Vulnerability/Output.html">Vulnerability::Output</a>
<li><a href="../WebSite.html">WebSite</a>
<li><a href="../WpItem.html">WpItem</a>
<li><a href="../WpItem/Existable.html">WpItem::Existable</a>
<li><a href="../WpItem/Findable.html">WpItem::Findable</a>
<li><a href="../WpItem/Infos.html">WpItem::Infos</a>
<li><a href="../WpItem/Output.html">WpItem::Output</a>
<li><a href="../WpItem/Versionable.html">WpItem::Versionable</a>
<li><a href="../WpItem/Vulnerable.html">WpItem::Vulnerable</a>
<li><a href="../WpItems.html">WpItems</a>
<li><a href="../WpItems/Detectable.html">WpItems::Detectable</a>
<li><a href="../WpItems/Output.html">WpItems::Output</a>
<li><a href="../WpPlugin.html">WpPlugin</a>
<li><a href="../WpPlugin/Vulnerable.html">WpPlugin::Vulnerable</a>
<li><a href="../WpPlugins.html">WpPlugins</a>
<li><a href="../WpPlugins/Detectable.html">WpPlugins::Detectable</a>
<li><a href="../WpTarget.html">WpTarget</a>
<li><a href="../WpTarget/Malwares.html">WpTarget::Malwares</a>
<li><a href="../WpTarget/WpConfigBackup.html">WpTarget::WpConfigBackup</a>
<li><a href="../WpTarget/WpCustomDirectories.html">WpTarget::WpCustomDirectories</a>
<li><a href="../WpTarget/WpFullPathDisclosure.html">WpTarget::WpFullPathDisclosure</a>
<li><a href="../WpTarget/WpLoginProtection.html">WpTarget::WpLoginProtection</a>
<li><a href="../WpTarget/WpReadme.html">WpTarget::WpReadme</a>
<li><a href="../WpTarget/WpRegistrable.html">WpTarget::WpRegistrable</a>
<li><a href="../WpTheme.html">WpTheme</a>
<li><a href="../WpTheme/Findable.html">WpTheme::Findable</a>
<li><a href="../WpTheme/Versionable.html">WpTheme::Versionable</a>
<li><a href="../WpTheme/Vulnerable.html">WpTheme::Vulnerable</a>
<li><a href="../WpThemes.html">WpThemes</a>
<li><a href="../WpThemes/Detectable.html">WpThemes::Detectable</a>
<li><a href="../WpTimthumb.html">WpTimthumb</a>
<li><a href="../WpTimthumb/Existable.html">WpTimthumb::Existable</a>
<li><a href="../WpTimthumb/Output.html">WpTimthumb::Output</a>
<li><a href="../WpTimthumb/Versionable.html">WpTimthumb::Versionable</a>
<li><a href="../WpTimthumbs.html">WpTimthumbs</a>
<li><a href="../WpTimthumbs/Detectable.html">WpTimthumbs::Detectable</a>
<li><a href="../WpUser.html">WpUser</a>
<li><a href="../WpUser/BruteForcable.html">WpUser::BruteForcable</a>
<li><a href="../WpUser/Existable.html">WpUser::Existable</a>
<li><a href="../WpUsers.html">WpUsers</a>
<li><a href="../WpUsers/BruteForcable.html">WpUsers::BruteForcable</a>
<li><a href="../WpUsers/Detectable.html">WpUsers::Detectable</a>
<li><a href="../WpUsers/Output.html">WpUsers::Output</a>
<li><a href="../WpVersion.html">WpVersion</a>
<li><a href="../WpVersion/Findable.html">WpVersion::Findable</a>
<li><a href="../WpVersion/Output.html">WpVersion::Output</a>
<li><a href="../WpVersion/Vulnerable.html">WpVersion::Vulnerable</a>
<li><a href="../WpscanOptions.html">WpscanOptions</a>
</ul>
</nav>
</div>
</nav>
<div id="documentation">
<h1 class="module">module WpTarget::WpReadme</h1>
<div id="description" class="description">
</div><!-- description -->
<section id="5Buntitled-5D" class="documentation-section">
<!-- Methods -->
<section id="public-instance-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Public Instance Methods</h3>
<div id="method-i-has_readme-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">has_readme?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Checks to see if the readme.html file exists</p>
<p>This file comes by default in a wordpress installation, and if deleted is
reinstated with an upgrade.</p>
<p>@return [ Boolean ]</p>
<div class="method-source-code" id="has_readme-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_readme.rb, line 11</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_readme?</span>
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">readme_url</span>())
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">404</span>
<span class="ruby-keyword">return</span> <span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">%r{wordpress}</span> <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_readme-3F-source -->
</div>
</div><!-- has_readme-3F-method -->
<div id="method-i-readme_url" class="method-detail ">
<div class="method-heading">
<span class="method-name">readme_url</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>@return [ String ] The readme URL</p>
<div class="method-source-code" id="readme_url-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_readme.rb, line 21</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">readme_url</span>
<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">'readme.html'</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- readme_url-source -->
</div>
</div><!-- readme_url-method -->
</section><!-- public-instance-method-details -->
</section><!-- 5Buntitled-5D -->
</div><!-- documentation -->
<footer id="validator-badges">
<p><a href="http://validator.w3.org/check/referer">[Validate]</a>
<p>Generated by <a href="https://github.com/rdoc/rdoc">RDoc</a> 4.0.1.
<p>Generated with the <a href="http://deveiate.org/projects/Darkfish-Rdoc/">Darkfish Rdoc Generator</a> 3.
</footer>

450
doc_rdoc/WpTarget/WpRegistrable.html Normal file
View File

@@ -0,0 +1,450 @@
<!DOCTYPE html>
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title>module WpTarget::WpRegistrable - RDoc Documentation</title>
<link type="text/css" media="screen" href="../rdoc.css" rel="stylesheet">
<script type="text/javascript">
var rdoc_rel_prefix = "../";
</script>
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/navigation.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search_index.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/search.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/searcher.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/darkfish.js"></script>
<body id="top" class="module">
<nav id="metadata">
<nav id="home-section" class="section">
<h3 class="section-header">
<a href="../index.html">Home</a>
<a href="../table_of_contents.html#classes">Classes</a>
<a href="../table_of_contents.html#methods">Methods</a>
</h3>
</nav>
<nav id="search-section" class="section project-section" class="initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<h3 class="section-header">
<input type="text" name="search" placeholder="Search" id="search-field"
title="Type to search, Up and Down to navigate, Enter to load">
</h3>
</form>
<ul id="search-results" class="initially-hidden"></ul>
</nav>
<div id="file-metadata">
<nav id="file-list-section" class="section">
<h3 class="section-header">Defined In</h3>
<ul>
<li>lib/wpscan/wp_target/wp_registrable.rb
</ul>
</nav>
</div>
<div id="class-metadata">
<!-- Method Quickref -->
<nav id="method-list-section" class="section">
<h3 class="section-header">Methods</h3>
<ul class="link-list">
<li ><a href="#method-i-multisite-3F">#multisite?</a>
<li ><a href="#method-i-registration_enabled-3F">#registration_enabled?</a>
<li ><a href="#method-i-registration_url">#registration_url</a>
</ul>
</nav>
</div>
<div id="project-metadata">
<nav id="fileindex-section" class="section project-section">
<h3 class="section-header">Pages</h3>
<ul>
<li class="file"><a href="../CREDITS.html">CREDITS</a>
<li class="file"><a href="../Gemfile.html">Gemfile</a>
<li class="file"><a href="../Gemfile_lock.html">Gemfile.lock</a>
<li class="file"><a href="../LICENSE.html">LICENSE</a>
<li class="file"><a href="../README.html">README</a>
<li class="file"><a href="../README_md.html">README</a>
<li class="file"><a href="../conf/browser_conf_json.html">browser.conf.json</a>
<li class="file"><a href="../generate_doc_sh.html">generate_doc.sh</a>
</ul>
</nav>
<nav id="classindex-section" class="section project-section">
<h3 class="section-header">Class and Module Index</h3>
<ul class="link-list">
<li><a href="../Array.html">Array</a>
<li><a href="../Browser.html">Browser</a>
<li><a href="../Browser/Actions.html">Browser::Actions</a>
<li><a href="../Browser/Options.html">Browser::Options</a>
<li><a href="../CacheFileStore.html">CacheFileStore</a>
<li><a href="../CheckerPlugin.html">CheckerPlugin</a>
<li><a href="../CustomOptionParser.html">CustomOptionParser</a>
<li><a href="../Ethon.html">Ethon</a>
<li><a href="../Ethon/Easy.html">Ethon::Easy</a>
<li><a href="../Ethon/Easy/Options.html">Ethon::Easy::Options</a>
<li><a href="../File.html">File</a>
<li><a href="../Gem.html">Gem</a>
<li><a href="../GenerateList.html">GenerateList</a>
<li><a href="../GitUpdater.html">GitUpdater</a>
<li><a href="../ListGeneratorPlugin.html">ListGeneratorPlugin</a>
<li><a href="../Object.html">Object</a>
<li><a href="../Plugin.html">Plugin</a>
<li><a href="../Plugins.html">Plugins</a>
<li><a href="../StatsPlugin.html">StatsPlugin</a>
<li><a href="../SvnParser.html">SvnParser</a>
<li><a href="../SvnUpdater.html">SvnUpdater</a>
<li><a href="../Terminal.html">Terminal</a>
<li><a href="../Terminal/Table.html">Terminal::Table</a>
<li><a href="../Terminal/Table/Style.html">Terminal::Table::Style</a>
<li><a href="../Typhoeus.html">Typhoeus</a>
<li><a href="../Typhoeus/Request.html">Typhoeus::Request</a>
<li><a href="../Typhoeus/Request/Cacheable.html">Typhoeus::Request::Cacheable</a>
<li><a href="../Typhoeus/Response.html">Typhoeus::Response</a>
<li><a href="../TyphoeusCache.html">TyphoeusCache</a>
<li><a href="../URI.html">URI</a>
<li><a href="../Updater.html">Updater</a>
<li><a href="../UpdaterFactory.html">UpdaterFactory</a>
<li><a href="../Vulnerabilities.html">Vulnerabilities</a>
<li><a href="../Vulnerabilities/Output.html">Vulnerabilities::Output</a>
<li><a href="../Vulnerability.html">Vulnerability</a>
<li><a href="../Vulnerability/Output.html">Vulnerability::Output</a>
<li><a href="../WebSite.html">WebSite</a>
<li><a href="../WpItem.html">WpItem</a>
<li><a href="../WpItem/Existable.html">WpItem::Existable</a>
<li><a href="../WpItem/Findable.html">WpItem::Findable</a>
<li><a href="../WpItem/Infos.html">WpItem::Infos</a>
<li><a href="../WpItem/Output.html">WpItem::Output</a>
<li><a href="../WpItem/Versionable.html">WpItem::Versionable</a>
<li><a href="../WpItem/Vulnerable.html">WpItem::Vulnerable</a>
<li><a href="../WpItems.html">WpItems</a>
<li><a href="../WpItems/Detectable.html">WpItems::Detectable</a>
<li><a href="../WpItems/Output.html">WpItems::Output</a>
<li><a href="../WpPlugin.html">WpPlugin</a>
<li><a href="../WpPlugin/Vulnerable.html">WpPlugin::Vulnerable</a>
<li><a href="../WpPlugins.html">WpPlugins</a>
<li><a href="../WpPlugins/Detectable.html">WpPlugins::Detectable</a>
<li><a href="../WpTarget.html">WpTarget</a>
<li><a href="../WpTarget/Malwares.html">WpTarget::Malwares</a>
<li><a href="../WpTarget/WpConfigBackup.html">WpTarget::WpConfigBackup</a>
<li><a href="../WpTarget/WpCustomDirectories.html">WpTarget::WpCustomDirectories</a>
<li><a href="../WpTarget/WpFullPathDisclosure.html">WpTarget::WpFullPathDisclosure</a>
<li><a href="../WpTarget/WpLoginProtection.html">WpTarget::WpLoginProtection</a>
<li><a href="../WpTarget/WpReadme.html">WpTarget::WpReadme</a>
<li><a href="../WpTarget/WpRegistrable.html">WpTarget::WpRegistrable</a>
<li><a href="../WpTheme.html">WpTheme</a>
<li><a href="../WpTheme/Findable.html">WpTheme::Findable</a>
<li><a href="../WpTheme/Versionable.html">WpTheme::Versionable</a>
<li><a href="../WpTheme/Vulnerable.html">WpTheme::Vulnerable</a>
<li><a href="../WpThemes.html">WpThemes</a>
<li><a href="../WpThemes/Detectable.html">WpThemes::Detectable</a>
<li><a href="../WpTimthumb.html">WpTimthumb</a>
<li><a href="../WpTimthumb/Existable.html">WpTimthumb::Existable</a>
<li><a href="../WpTimthumb/Output.html">WpTimthumb::Output</a>
<li><a href="../WpTimthumb/Versionable.html">WpTimthumb::Versionable</a>
<li><a href="../WpTimthumbs.html">WpTimthumbs</a>
<li><a href="../WpTimthumbs/Detectable.html">WpTimthumbs::Detectable</a>
<li><a href="../WpUser.html">WpUser</a>
<li><a href="../WpUser/BruteForcable.html">WpUser::BruteForcable</a>
<li><a href="../WpUser/Existable.html">WpUser::Existable</a>
<li><a href="../WpUsers.html">WpUsers</a>
<li><a href="../WpUsers/BruteForcable.html">WpUsers::BruteForcable</a>
<li><a href="../WpUsers/Detectable.html">WpUsers::Detectable</a>
<li><a href="../WpUsers/Output.html">WpUsers::Output</a>
<li><a href="../WpVersion.html">WpVersion</a>
<li><a href="../WpVersion/Findable.html">WpVersion::Findable</a>
<li><a href="../WpVersion/Output.html">WpVersion::Output</a>
<li><a href="../WpVersion/Vulnerable.html">WpVersion::Vulnerable</a>
<li><a href="../WpscanOptions.html">WpscanOptions</a>
</ul>
</nav>
</div>
</nav>
<div id="documentation">
<h1 class="module">module WpTarget::WpRegistrable</h1>
<div id="description" class="description">
</div><!-- description -->
<section id="5Buntitled-5D" class="documentation-section">
<!-- Methods -->
<section id="public-instance-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Public Instance Methods</h3>
<div id="method-i-multisite-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">multisite?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>@return [ Boolean ]</p>
<div class="method-source-code" id="multisite-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_registrable.rb, line 32</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">multisite?</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@multisite</span>
<span class="ruby-comment"># when multi site, there is no redirection or a redirect to the site itself</span>
<span class="ruby-comment"># otherwise redirect to wp-login.php</span>
<span class="ruby-identifier">resp</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">'wp-signup.php'</span>).<span class="ruby-identifier">to_s</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">302</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">headers_hash</span>[<span class="ruby-string">'location'</span>] <span class="ruby-operator">=~</span> <span class="ruby-regexp">/wp-login\.php\?action=register/</span>
<span class="ruby-ivar">@multisite</span> = <span class="ruby-keyword">false</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">302</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">headers_hash</span>[<span class="ruby-string">'location'</span>] <span class="ruby-operator">=~</span> <span class="ruby-regexp">/wp-signup\.php/</span>
<span class="ruby-ivar">@multisite</span> = <span class="ruby-keyword">true</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">200</span>
<span class="ruby-ivar">@multisite</span> = <span class="ruby-keyword">true</span>
<span class="ruby-keyword">else</span>
<span class="ruby-ivar">@multisite</span> = <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-ivar">@multisite</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- multisite-3F-source -->
</div>
</div><!-- multisite-3F-method -->
<div id="method-i-registration_enabled-3F" class="method-detail ">
<div class="method-heading">
<span class="method-name">registration_enabled?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Should check wp-login.php if registration is enabled or not</p>
<p>@return [ Boolean ]</p>
<div class="method-source-code" id="registration_enabled-3F-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_registrable.rb, line 8</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">registration_enabled?</span>
<span class="ruby-identifier">resp</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">registration_url</span>)
<span class="ruby-comment"># redirect only on non multi sites</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">302</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">headers_hash</span>[<span class="ruby-string">'location'</span>] <span class="ruby-operator">=~</span> <span class="ruby-regexp">/wp-login\.php\?registration=disabled/</span>
<span class="ruby-identifier">enabled</span> = <span class="ruby-keyword">false</span>
<span class="ruby-comment"># multi site registration form</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">200</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">body</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/&lt;form id=&quot;setupform&quot; method=&quot;post&quot; action=&quot;[^&quot;]*wp-signup\.php[^&quot;]*&quot;&gt;/</span>
<span class="ruby-identifier">enabled</span> = <span class="ruby-keyword">true</span>
<span class="ruby-comment"># normal registration form</span>
<span class="ruby-keyword">elsif</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">200</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">resp</span>.<span class="ruby-identifier">body</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/&lt;form name=&quot;registerform&quot; id=&quot;registerform&quot; action=&quot;[^&quot;]*wp-login\.php[^&quot;]*&quot;/</span>
<span class="ruby-identifier">enabled</span> = <span class="ruby-keyword">true</span>
<span class="ruby-comment"># registration disabled</span>
<span class="ruby-keyword">else</span>
<span class="ruby-identifier">enabled</span> = <span class="ruby-keyword">false</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">enabled</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- registration_enabled-3F-source -->
</div>
</div><!-- registration_enabled-3F-method -->
<div id="method-i-registration_url" class="method-detail ">
<div class="method-heading">
<span class="method-name">registration_url</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>@return [ String ] The registration URL</p>
<div class="method-source-code" id="registration_url-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_target/wp_registrable.rb, line 27</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">registration_url</span>
<span class="ruby-identifier">multisite?</span> <span class="ruby-operator">?</span> <span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">'wp-signup.php'</span>).<span class="ruby-identifier">to_s</span> <span class="ruby-operator">:</span> <span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">'wp-login.php?action=register'</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- registration_url-source -->
</div>
</div><!-- registration_url-method -->
</section><!-- public-instance-method-details -->
</section><!-- 5Buntitled-5D -->
</div><!-- documentation -->
<footer id="validator-badges">
<p><a href="http://validator.w3.org/check/referer">[Validate]</a>
<p>Generated by <a href="https://github.com/rdoc/rdoc">RDoc</a> 4.0.1.
<p>Generated with the <a href="http://deveiate.org/projects/Darkfish-Rdoc/">Darkfish Rdoc Generator</a> 3.
</footer>