HELLO v3!!!

2018-09-26 21:12:01 +02:00
parent 28b9c15256
commit d268a86795
1871 changed files with 988118 additions and 0 deletions
--- a/app/finders/db_exports/known_locations.rb
+++ b/app/finders/db_exports/known_locations.rb
@@ -0,0 +1,49 @@
+module WPScan
+  module Finders
+    module DbExports
+      # DB Exports finder
+      # See https://github.com/wpscanteam/wpscan-v3/issues/62
+      class KnownLocations < CMSScanner::Finders::Finder
+        include CMSScanner::Finders::Finder::Enumerator
+
+        # @param [ Hash ] opts
+        # @option opts [ String ] :list
+        # @option opts [ Boolean ] :show_progression
+        #
+        # @return [ Array<DBExport> ]
+        def aggressive(opts = {})
+          found = []
+
+          enumerate(potential_urls(opts), opts) do |res|
+            next unless res.code == 200 && res.body =~ /INSERT INTO/
+
+            found << WPScan::DbExport.new(res.request.url, found_by: DIRECT_ACCESS, confidence: 100)
+          end
+
+          found
+        end
+
+        # @param [ Hash ] opts
+        # @option opts [ String ] :list Mandatory
+        #
+        # @return [ Hash ]
+        def potential_urls(opts = {})
+          urls        = {}
+          domain_name = target.uri.host[/(^[\w|-]+)/, 1]
+
+          File.open(opts[:list]).each_with_index do |path, index|
+            path.gsub!('{domain_name}', domain_name)
+
+            urls[target.url(path.chomp)] = index
+          end
+
+          urls
+        end
+
+        def create_progress_bar(opts = {})
+          super(opts.merge(title: ' Checking DB Exports -'))
+        end
+      end
+    end
+  end
+end