Bug Fix : Wp 3.5 & 3.5.1 not detected from advanced fingerprinting. Trying to reduce the complexity of WpVersion::find_from_advanced_fingerprinting

data/wp_versions.xml

@@ -28,7 +28,7 @@
 <wp-versions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:noNamespaceSchemaLocation="wp_versions.xsd">
 
-  <file src="wp-includes/js/tiny_mce.js">
+  <file src="wp-includes/js/tinymce/tiny_mce.js">
     <hash md5="6e79ab6d786c5c95920064add33ee599">
       <version>3.5.1</version>
     </hash>

lib/wpscan/wp_version.rb

@@ -62,6 +62,12 @@ class WpVersion < Vulnerable
     response.body[pattern, 1]
   end
 
+  #
+  # DO NOT Change the order of the following methods
+  # unless you know what you are doing
+  # See WpVersion.find
+  #
+
   # Attempts to find the wordpress version from,
   # the generator meta tag in the html source.
   #
@@ -146,9 +152,13 @@ class WpVersion < Vulnerable
     end
 
     xml.xpath('//file').each do |node|
-      file_url = target_uri.merge(node.attribute('src').text).to_s
+      file_src = node.attribute('src').text
-      file_url = file_url.gsub(/\$wp-plugins\$/i, wp_plugins).gsub(/\$wp-content\$/i, wp_content)
+      file_url = target_uri.merge(file_src).to_s.
-      md5sum   = Digest::MD5.hexdigest(Browser.instance.get(file_url).body)
+                 gsub(/\$wp-plugins\$/i, wp_plugins).
+                 gsub(/\$wp-content\$/i, wp_content)
+
+      response = Browser.instance.get(file_url)
+      md5sum   = Digest::MD5.hexdigest(response.body)
 
       node.search('hash').each do |hash|
         if hash.attribute('md5').text == md5sum