garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixes #1232

Browse Source
This commit is contained in:
erwanlr
2018-11-02 19:33:38 +00:00
parent e4f3e9d11c
commit c5e6752f75
20 changed files with 59 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/finders/interesting_findings/backup_db.rb
View File

@@ -11,7 +11,7 @@ module WPScan
return unless [200, 403].include?(res.code) && !target.homepage_or_404?(res) return unless [200, 403].include?(res.code) && !target.homepage_or_404?(res)
WPScan::InterestingFinding.new( WPScan::BackupDB.new(
url, url,
confidence: 70, confidence: 70,
found_by: DIRECT_ACCESS, found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/debug_log.rb
View File

@@ -9,7 +9,7 @@ module WPScan
return unless target.debug_log?(path) return unless target.debug_log?(path)
WPScan::InterestingFinding.new( WPScan::DebugLog.new(
target.url(path), target.url(path),
confidence: 100, found_by: DIRECT_ACCESS confidence: 100, found_by: DIRECT_ACCESS
) )

2
app/finders/interesting_findings/duplicator_installer_log.rb
View File

@@ -10,7 +10,7 @@ module WPScan
return unless res.body =~ /DUPLICATOR INSTALL-LOG/ return unless res.body =~ /DUPLICATOR INSTALL-LOG/
WPScan::InterestingFinding.new( WPScan::DuplicatorInstallerLog.new(
url, url,
confidence: 100, confidence: 100,
found_by: DIRECT_ACCESS, found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/emergency_pwd_reset_script.rb
View File

@@ -10,7 +10,7 @@ module WPScan
return unless res.code == 200 && !target.homepage_or_404?(res) return unless res.code == 200 && !target.homepage_or_404?(res)
WPScan::InterestingFinding.new( WPScan::EmergencyPwdResetScript.new(
url, url,
confidence: res.body =~ /password/i ? 100 : 40, confidence: res.body =~ /password/i ? 100 : 40,
found_by: DIRECT_ACCESS, found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/full_path_disclosure.rb
View File

@@ -10,7 +10,7 @@ module WPScan
return if fpd_entries.empty? return if fpd_entries.empty?
WPScan::InterestingFinding.new( WPScan::FullPathDisclosure.new(
target.url(path), target.url(path),
confidence: 100, confidence: 100,
found_by: DIRECT_ACCESS, found_by: DIRECT_ACCESS,

4
app/finders/interesting_findings/mu_plugins.rb
View File

@@ -12,7 +12,7 @@ module WPScan
url = target.url('wp-content/mu-plugins/') url = target.url('wp-content/mu-plugins/')
return WPScan::InterestingFinding.new( return WPScan::MuPlugins.new(
url, url,
confidence: 70, confidence: 70,
found_by: 'URLs In Homepage (Passive Detection)', found_by: 'URLs In Homepage (Passive Detection)',
@@ -35,7 +35,7 @@ module WPScan
target.mu_plugins = true target.mu_plugins = true
WPScan::InterestingFinding.new( WPScan::MuPlugins.new(
url, url,
confidence: 80, confidence: 80,
found_by: DIRECT_ACCESS, found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/multisite.rb
View File

@@ -15,7 +15,7 @@ module WPScan
target.multisite = true target.multisite = true
WPScan::InterestingFinding.new( WPScan::Multisite.new(
url, url,
confidence: 100, confidence: 100,
found_by: DIRECT_ACCESS, found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/readme.rb
View File

@@ -10,7 +10,7 @@ module WPScan
res = Browser.get(url) res = Browser.get(url)
if res.code == 200 && res.body =~ /wordpress/i if res.code == 200 && res.body =~ /wordpress/i
return WPScan::InterestingFinding.new(url, confidence: 100, found_by: DIRECT_ACCESS) return WPScan::Readme.new(url, confidence: 100, found_by: DIRECT_ACCESS)
end end
end end
nil nil

2
app/finders/interesting_findings/registration.rb
View File

@@ -18,7 +18,7 @@ module WPScan
target.registration_enabled = true target.registration_enabled = true
WPScan::InterestingFinding.new( WPScan::Registration.new(
res.effective_url, res.effective_url,
confidence: 100, confidence: 100,
found_by: DIRECT_ACCESS, found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/tmm_db_migrate.rb
View File

@@ -11,7 +11,7 @@ module WPScan
return unless res.code == 200 && res.headers['Content-Type'] =~ %r{\Aapplication/zip}i return unless res.code == 200 && res.headers['Content-Type'] =~ %r{\Aapplication/zip}i
WPScan::InterestingFinding.new( WPScan::TmmDbMigrate.new(
url, url,
confidence: 100, confidence: 100,
found_by: DIRECT_ACCESS, found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/upload_directory_listing.rb
View File

@@ -11,7 +11,7 @@ module WPScan
url = target.url(path) url = target.url(path)
WPScan::InterestingFinding.new( WPScan::UploadDirectoryListing.new(
url, url,
confidence: 100, confidence: 100,
found_by: DIRECT_ACCESS, found_by: DIRECT_ACCESS,

2
app/finders/interesting_findings/upload_sql_dump.rb
View File

@@ -12,7 +12,7 @@ module WPScan
return unless res.code == 200 && res.body =~ SQL_PATTERN return unless res.code == 200 && res.body =~ SQL_PATTERN
WPScan::InterestingFinding.new( WPScan::UploadSQLDump.new(
url, url,
confidence: 100, confidence: 100,
found_by: DIRECT_ACCESS found_by: DIRECT_ACCESS

39
app/models/interesting_finding.rb
View File

@@ -3,4 +3,43 @@ module WPScan
class InterestingFinding < CMSScanner::InterestingFinding class InterestingFinding < CMSScanner::InterestingFinding
include References include References
end end
#
# Empty classes for the #type to be correctly displayed (as taken from the self.class from the parent)
#
class BackupDB < InterestingFinding
end
class DebugLog < InterestingFinding
end
class DuplicatorInstallerLog < InterestingFinding
end
class EmergencyPwdResetScript < InterestingFinding
end
class FullPathDisclosure < InterestingFinding
end
class MuPlugins < InterestingFinding
end
class Multisite < InterestingFinding
end
class Readme < InterestingFinding
end
class Registration < InterestingFinding
end
class TmmDbMigrate < InterestingFinding
end
class UploadDirectoryListing < InterestingFinding
end
class UploadSQLDump < InterestingFinding
end
end end

2
spec/app/finders/interesting_findings/backup_db_spec.rb
View File

@@ -37,7 +37,7 @@ describe WPScan::Finders::InterestingFindings::BackupDB do
after do after do
found = finder.aggressive found = finder.aggressive
expect(found).to eql WPScan::InterestingFinding.new( expect(found).to eql WPScan::BackupDB.new(
dir_url, dir_url,
confidence: 70, confidence: 70,
found_by: described_class::DIRECT_ACCESS found_by: described_class::DIRECT_ACCESS

2
spec/app/finders/interesting_findings/debug_log_spec.rb
View File

@@ -23,7 +23,7 @@ describe WPScan::Finders::InterestingFindings::DebugLog do
let(:body) { File.read(File.join(fixtures, 'debug.log')) } let(:body) { File.read(File.join(fixtures, 'debug.log')) }
it 'returns the InterestingFinding' do it 'returns the InterestingFinding' do
expect(finder.aggressive).to eql WPScan::InterestingFinding.new( expect(finder.aggressive).to eql WPScan::DebugLog.new(
log_url, log_url,
confidence: 100, confidence: 100,
found_by: described_class::DIRECT_ACCESS found_by: described_class::DIRECT_ACCESS

2
spec/app/finders/interesting_findings/duplicator_installer_log_spec.rb
View File

@@ -24,7 +24,7 @@ describe WPScan::Finders::InterestingFindings::DuplicatorInstallerLog do
let(:body) { File.read(File.join(fixtures, filename)) } let(:body) { File.read(File.join(fixtures, filename)) }
it 'returns the InterestingFinding' do it 'returns the InterestingFinding' do
expect(finder.aggressive).to eql WPScan::InterestingFinding.new( expect(finder.aggressive).to eql WPScan::DuplicatorInstallerLog.new(
log_url, log_url,
confidence: 100, confidence: 100,
found_by: described_class::DIRECT_ACCESS found_by: described_class::DIRECT_ACCESS

2
spec/app/finders/interesting_findings/full_path_disclosure_spec.rb
View File

@@ -25,7 +25,7 @@ describe WPScan::Finders::InterestingFindings::FullPathDisclosure do
it 'returns the InterestingFinding' do it 'returns the InterestingFinding' do
found = finder.aggressive found = finder.aggressive
expect(found).to eql WPScan::InterestingFinding.new( expect(found).to eql WPScan::FullPathDisclosure.new(
file_url, file_url,
confidence: 100, confidence: 100,
found_by: described_class::DIRECT_ACCESS found_by: described_class::DIRECT_ACCESS

2
spec/app/finders/interesting_findings/readme_spec.rb
View File

@@ -27,7 +27,7 @@ describe WPScan::Finders::InterestingFindings::Readme do
before { stub_request(:get, target.url(file)).to_return(body: readme) } before { stub_request(:get, target.url(file)).to_return(body: readme) }
it 'returns the expected InterestingFinding' do it 'returns the expected InterestingFinding' do
expected = WPScan::InterestingFinding.new( expected = WPScan::Readme.new(
target.url(file), target.url(file),
confidence: 100, confidence: 100,
found_by: described_class::DIRECT_ACCESS found_by: described_class::DIRECT_ACCESS

2
spec/app/finders/interesting_findings/upload_sql_dump_spec.rb
View File

@@ -38,7 +38,7 @@ describe WPScan::Finders::InterestingFindings::UploadSQLDump do
let(:fixture) { 'dump.sql' } let(:fixture) { 'dump.sql' }
it 'returns the interesting findings' do it 'returns the interesting findings' do
@expected = WPScan::InterestingFinding.new( @expected = WPScan::UploadSQLDump.new(
finder.dump_url, finder.dump_url,
confidence: 100, confidence: 100,
found_by: described_class::DIRECT_ACCESS found_by: described_class::DIRECT_ACCESS

2
wpscan.gemspec
View File

@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
s.executables = ['wpscan'] s.executables = ['wpscan']
s.require_paths = ['lib'] s.require_paths = ['lib']
s.add_dependency 'cms_scanner', '~> 0.0.40.2' s.add_dependency 'cms_scanner', '~> 0.0.40.3'
# Already required by CMSScanner, so version restrictions loosen # Already required by CMSScanner, so version restrictions loosen
s.add_dependency 'activesupport', '~> 5.2' s.add_dependency 'activesupport', '~> 5.2'