garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added default wp-content dir detection, see Issue #141.

Browse Source
This commit is contained in:
ethicalhack3r
2013-03-10 12:08:49 +01:00
parent 7c110bf6d3
commit ed2eb44b38
2 changed files with 59 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/wpscan/wp_target.rb
View File

@@ -98,19 +98,30 @@ class WpTarget < WebSite
def wp_content_dir
unless @wp_content_dir
index_body = Browser.instance.get(@uri.to_s).body
# Only use the path because domain can be text or an ip
uri_path = @uri.path
uri_path = @uri.path # Only use the path because domain can be text or an IP
if index_body[/\/wp-content\/(?:themes|plugins)\//i]
if index_body[/\/wp-content\/(?:themes|plugins)\//i] || default_wp_content_dir_exists?
@wp_content_dir = 'wp-content'
else
domains_excluded = '(?:www\.)?(facebook|twitter)\.com'
@wp_content_dir = index_body[/(?:href|src)\s*=\s*(?:"|').+#{Regexp.escape(uri_path)}((?!#{domains_excluded})[^"']+)\/(?:themes|plugins)\/.*(?:"|')/i, 1]
end
end
@wp_content_dir
end
def default_wp_content_dir_exists?
response = Browser.instance.get(@uri.merge('wp-content').to_s)
hash = Digest::MD5.hexdigest(response.body)
if WpTarget.valid_response_codes.include?(response.code)
return true if hash != error_404_hash and hash != homepage_hash
end
false
end
def wp_plugins_dir
unless @wp_plugins_dir
@wp_plugins_dir = "#{wp_content_dir}/plugins"