HELLO v3!!!

2018-09-26 21:12:01 +02:00
parent 28b9c15256
commit d268a86795
1871 changed files with 988118 additions and 0 deletions
--- a/app/finders/main_theme/css_style.rb
+++ b/app/finders/main_theme/css_style.rb
@@ -0,0 +1,43 @@
+module WPScan
+  module Finders
+    module MainTheme
+      # From the css style
+      class CssStyle < CMSScanner::Finders::Finder
+        include Finders::WpItems::URLsInHomepage
+
+        def create_theme(slug, style_url, opts)
+          WPScan::Theme.new(
+            slug,
+            target,
+            opts.merge(found_by: found_by, confidence: 70, style_url: style_url)
+          )
+        end
+
+        def passive(opts = {})
+          passive_from_css_href(target.homepage_res, opts) || passive_from_style_code(target.homepage_res, opts)
+        end
+
+        def passive_from_css_href(res, opts)
+          target.in_scope_urls(res, '//style/@src|//link/@href') do |url|
+            next unless Addressable::URI.parse(url).path =~ %r{/themes/([^\/]+)/style.css\z}i
+
+            return create_theme(Regexp.last_match[1], url, opts)
+          end
+          nil
+        end
+
+        def passive_from_style_code(res, opts)
+          res.html.css('style').each do |tag|
+            code = tag.text.to_s
+            next if code.empty?
+
+            next unless code =~ %r{#{item_code_pattern('themes')}\\?/style\.css[^"'\( ]*}i
+
+            return create_theme(Regexp.last_match[1], Regexp.last_match[0].strip, opts)
+          end
+          nil
+        end
+      end
+    end
+  end
+end