garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix #10

Browse Source 
Improvement is also applied to the error_log check
This commit is contained in:
Erwan
2012-09-02 14:01:12 +02:00
parent 8e690cd375
commit eb10741912
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/wpscan/wp_plugin.rb
View File

@@ -59,7 +59,8 @@ class WpPlugin < Vulnerable
# however can also be found in their specific plugin dir.
# http://www.exploit-db.com/ghdb/3714/
def error_log?
Browser.instance.get(error_log_url()).body[%r{PHP Fatal error}i] ? true : false
response_body = Browser.instance.get(error_log_url(), :headers => { "range" => "bytes=0-700"}).body
response_body[%r{PHP Fatal error}i] ? true : false
end
def error_log_url

4
lib/wpscan/wp_target.rb
View File

@@ -101,7 +101,9 @@ class WpTarget
end
def has_debug_log?
Browser.instance.get(debug_log_url()).body[%r{\[[^\]]+\] PHP (?:Warning|Error|Notice):}] ? true : false
# We only get the first 700 bytes of the file to avoid loading huge file (like 2Go)
response_body = Browser.instance.get(debug_log_url(), :headers => { "range" => "bytes=0-700"}).body
response_body[%r{\[[^\]]+\] PHP (?:Warning|Error|Notice):}] ? true : false
end
def debug_log_url