diff --git a/lib/common/collections/wp_items.rb b/lib/common/collections/wp_items.rb index dc6c0b82..78a5dceb 100755 --- a/lib/common/collections/wp_items.rb +++ b/lib/common/collections/wp_items.rb @@ -7,8 +7,68 @@ class WpItems < Array extend WpItems::Detectable include WpItems::Output + attr_accessor :wp_target + + # @param [ WpTarget ] wp_target + def initialize(wp_target = nil) + self.wp_target = wp_target + end + + # @param [String,] argv + # + # @return [ void ] + def add(*args) + index = 0 + + until args[index].nil? + arg = args[index] + + if arg.is_a?(String) + if (next_arg = args[index + 1]).is_a?(Hash) + item = create_item(arg, next_arg) + index += 1 + else + item = create_item(arg) + end + elsif arg.is_a?(Item) + item = arg + else + raise 'Invalid arguments' + end + + self << item + index += 1 + end + end + + # @param [ String ] name + # @param [ Hash ] attrs + # + # @return [ WpItem ] + def create_item(name, attrs = {}) + raise 'wp_target must be set' unless wp_target + + item_class.new( + wp_target.uri, + attrs.merge( + name: name, + wp_content_dir: wp_target.wp_content_dir, + wp_plugins_dir: wp_target.wp_plugins_dir + ) { |key, oldval, newval| oldval } + ) + end + + # @param [ WpItems ] other + # + # @return [ self ] def +(other) other.each { |item| self << item } self end + + protected + # @return [ Class ] + def item_class + Object.const_get(self.class.to_s.gsub(/.$/, '')) + end end diff --git a/lib/common/collections/wp_items/detectable.rb b/lib/common/collections/wp_items/detectable.rb index db76c952..27891012 100755 --- a/lib/common/collections/wp_items/detectable.rb +++ b/lib/common/collections/wp_items/detectable.rb @@ -57,7 +57,7 @@ class WpItems < Array if options[:show_progression] ProgressBar.create( format: '%t %a <%B> (%c / %C) %P%% %e', - title: ' ', # Used to craete a left margin + title: ' ', # Used to create a left margin length: 120, total: targets_size ) @@ -173,7 +173,7 @@ class WpItems < Array # @param [ Class ] item_class # @param [ String ] vulns_file # - # @return [ WpItem ] + # @return [ Array ] def targets_items_from_file(file, wp_target, item_class, vulns_file) targets = [] diff --git a/lib/common/collections/wp_plugins/detectable.rb b/lib/common/collections/wp_plugins/detectable.rb index 0f8580ac..5c3db5ca 100644 --- a/lib/common/collections/wp_plugins/detectable.rb +++ b/lib/common/collections/wp_plugins/detectable.rb @@ -36,19 +36,17 @@ class WpPlugins < WpItems # @return [ WpPlugins ] def from_header(wp_target) headers = Browser.get(wp_target.url).headers - wp_plugins = WpPlugins.new + wp_plugins = WpPlugins.new(wp_target) if headers - powered_by = headers[:x_powered_by] + powered_by = headers['X-Powered-By'] wp_super_cache = headers['wp-super-cache'] - if powered_by =~ /W3 Total Cache/i - wp_plugins << create_item(WpPlugin, 'w3-total-cache', wp_target) + if matches = /W3 Total Cache\/([0-9.]+)/i.match(powered_by) + wp_plugins.add('w3-total-cache', version: matches[1]) end - if wp_super_cache =~ /supercache/i - wp_plugins << create_item(WpPlugin, 'wp-super-cache', wp_target) - end + wp_plugins.add('wp-super-cache') if wp_super_cache =~ /supercache/i end wp_plugins @@ -61,15 +59,10 @@ class WpPlugins < WpItems # @return [ WpPlugins ] def from_content(wp_target) body = Browser.get(wp_target.url).body - wp_plugins = WpPlugins.new + wp_plugins = WpPlugins.new(wp_target) - if body =~ /wp-super-cache/i - wp_plugins << create_item(WpPlugin, 'wp-super-cache', wp_target) - end - - if body =~ /w3 total cache/i - wp_plugins << create_item(WpPlugin, 'w3-total-cache', wp_target) - end + wp_plugins.add('wp-super-cache') if body =~ /wp-super-cache/i + wp_plugins.add('w3-total-cache') if body =~ /w3 total cache/i wp_plugins end