bugfixing
This commit is contained in:
Christian Mehlmauer
@@ -26,7 +26,7 @@ module WpItem
|
|||||||
|
|
||||||
def get_url_without_filename
|
def get_url_without_filename
|
||||||
uri = get_url
|
uri = get_url
|
||||||
URI.parse("#{uri.scheme}://#{uri.host}#{File.dirname(uri.path)}")
|
URI.parse("#{uri.scheme}://#{uri.host}#{File.dirname(uri.path)}/")
|
||||||
end
|
end
|
||||||
|
|
||||||
def version
|
def version
|
||||||
|
|||||||
@@ -28,7 +28,16 @@ module WpPlugins
|
|||||||
options[:vulns_xpath_2] = "//plugin"
|
options[:vulns_xpath_2] = "//plugin"
|
||||||
options[:type] = "plugins"
|
options[:type] = "plugins"
|
||||||
result = WpDetector.aggressive_detection(options)
|
result = WpDetector.aggressive_detection(options)
|
||||||
result.sort_by { |p| p.name }
|
plugins = []
|
||||||
|
result.each do |r|
|
||||||
|
plugins << WpPlugin.new(
|
||||||
|
:url => r[:url],
|
||||||
|
:path => r[:path],
|
||||||
|
:wp_content_dir => r[:wp_content_dir],
|
||||||
|
:name => r[:name]
|
||||||
|
)
|
||||||
|
end
|
||||||
|
plugins.sort_by { |p| p.name }
|
||||||
end
|
end
|
||||||
|
|
||||||
# http://code.google.com/p/wpscan/issues/detail?id=42
|
# http://code.google.com/p/wpscan/issues/detail?id=42
|
||||||
|
|||||||
@@ -25,7 +25,16 @@ module WpThemes
|
|||||||
options[:vulns_xpath_2] = "//theme"
|
options[:vulns_xpath_2] = "//theme"
|
||||||
options[:type] = "themes"
|
options[:type] = "themes"
|
||||||
result = WpDetector.aggressive_detection(options)
|
result = WpDetector.aggressive_detection(options)
|
||||||
result.sort_by { |t| t.name }
|
themes = []
|
||||||
|
result.each do |r|
|
||||||
|
themes << WpTheme.new(
|
||||||
|
:url => r[:url],
|
||||||
|
:path => r[:path],
|
||||||
|
:wp_content_dir => r[:wp_content_dir],
|
||||||
|
:name => r[:name]
|
||||||
|
)
|
||||||
|
end
|
||||||
|
themes.sort_by { |t| t.name }
|
||||||
end
|
end
|
||||||
|
|
||||||
def themes_from_passive_detection(wp_content_dir)
|
def themes_from_passive_detection(wp_content_dir)
|
||||||
@@ -33,7 +42,7 @@ module WpThemes
|
|||||||
temp = WpDetector.passive_detection(url(), "themes", wp_content_dir)
|
temp = WpDetector.passive_detection(url(), "themes", wp_content_dir)
|
||||||
|
|
||||||
temp.each do |item|
|
temp.each do |item|
|
||||||
themes << WpPlugin.new(
|
themes << WpTheme.new(
|
||||||
:url => item[:url],
|
:url => item[:url],
|
||||||
:name => item[:name],
|
:name => item[:name],
|
||||||
:path => item[:path],
|
:path => item[:path],
|
||||||
|
|||||||
@@ -22,7 +22,7 @@ class WpDetector
|
|||||||
WpOptions.check_options(options)
|
WpOptions.check_options(options)
|
||||||
|
|
||||||
result = items
|
result = items
|
||||||
unless items == nil or items.length == 0
|
if items == nil or items.length == 0
|
||||||
result = passive_detection(options[:url], options[:type], options[:wp_content_dir])
|
result = passive_detection(options[:url], options[:type], options[:wp_content_dir])
|
||||||
end
|
end
|
||||||
|
|
||||||
@@ -31,7 +31,7 @@ class WpDetector
|
|||||||
already_present = false
|
already_present = false
|
||||||
result.each do |r|
|
result.each do |r|
|
||||||
# Already found via passive detection
|
# Already found via passive detection
|
||||||
if r.name == enum_result.name
|
if r[:name] == enum_result[:name]
|
||||||
already_present = true
|
already_present = true
|
||||||
break
|
break
|
||||||
end
|
end
|
||||||
@@ -60,7 +60,12 @@ class WpDetector
|
|||||||
names.uniq!
|
names.uniq!
|
||||||
|
|
||||||
names.each do |item|
|
names.each do |item|
|
||||||
items << { :url => url, :name => item, :path => "#{type}/#{item}" }
|
items << {
|
||||||
|
:url => url,
|
||||||
|
:name => item,
|
||||||
|
:path => "#{type}/#{item}",
|
||||||
|
:wp_content_dir => wp_content_dir
|
||||||
|
}
|
||||||
end
|
end
|
||||||
items
|
items
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -44,7 +44,7 @@ class WpEnumerator
|
|||||||
enumerate_size = targets.size
|
enumerate_size = targets.size
|
||||||
|
|
||||||
targets.each do |target|
|
targets.each do |target|
|
||||||
url = target.get_url
|
url = "#{target[:url]}#{target[:wp_content_dir]}/#{target[:path]}"
|
||||||
request = enum_browser.forge_request(url, :cache_timeout => 0, :follow_location => true)
|
request = enum_browser.forge_request(url, :cache_timeout => 0, :follow_location => true)
|
||||||
request_count += 1
|
request_count += 1
|
||||||
|
|
||||||
@@ -87,7 +87,12 @@ class WpEnumerator
|
|||||||
# Open and parse the 'most popular' plugin list...
|
# Open and parse the 'most popular' plugin list...
|
||||||
File.open(file, 'r') do |f|
|
File.open(file, 'r') do |f|
|
||||||
f.readlines.collect do |line|
|
f.readlines.collect do |line|
|
||||||
targets_url << WpPlugin.new(:url => url, :path => "#{type}/#{line.strip}", :wp_content_dir => wp_content_dir)
|
targets_url << {
|
||||||
|
:url => url,
|
||||||
|
:path => "#{type}/#{line.strip}",
|
||||||
|
:wp_content_dir => wp_content_dir,
|
||||||
|
:name => File.dirname(line.strip)
|
||||||
|
}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
@@ -101,13 +106,12 @@ class WpEnumerator
|
|||||||
item_name = node.attribute('name').text
|
item_name = node.attribute('name').text
|
||||||
|
|
||||||
if targets_url.grep(%r{/#{item_name}/}).empty?
|
if targets_url.grep(%r{/#{item_name}/}).empty?
|
||||||
# TODO: Generic
|
targets_url << {
|
||||||
targets_url << WpPlugin.new(
|
|
||||||
:url => url,
|
:url => url,
|
||||||
:path => "#{type}/#{item_name}",
|
:path => "#{type}/#{item_name}",
|
||||||
:wp_content_dir => wp_content_dir,
|
:wp_content_dir => wp_content_dir,
|
||||||
:name => item_name
|
:name => item_name
|
||||||
)
|
}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user