garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1787 from 0n1shi/fix/db-exports-not-detected

Browse Source 
Fixed #1759
This commit is contained in:
Alex Sanford
2023-10-13 23:21:50 -03:00
committed by GitHub
parent a423b15d53 2c1eb27f79
commit bce3b48ac7
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/finders/db_exports/known_locations.rb
View File

@@ -7,6 +7,10 @@ module WPScan
class KnownLocations < CMSScanner::Finders::Finder
include CMSScanner::Finders::Finder::Enumerator
def valid_response_codes
@valid_response_codes ||= [200, 206].freeze
end
SQL_PATTERN = /(?:DROP|(?:UN)?LOCK|CREATE|ALTER) (?:TABLE|DATABASE)|INSERT INTO/.freeze
# @param [ Hash ] opts
@@ -17,7 +21,7 @@ module WPScan
def aggressive(opts = {})
found = []
enumerate(potential_urls(opts), opts.merge(check_full_response: 200)) do |res|
enumerate(potential_urls(opts), opts.merge(check_full_response: valid_response_codes)) do |res|
if res.effective_url.end_with?('.zip')
next unless %r{\Aapplication/zip}i.match?(res.headers['Content-Type'])
else