Fix #626

2014-08-07 22:01:23 +02:00
parent ca2610d74f
commit ef7ac1d77b
4 changed files with 33 additions and 1 deletions
--- a/lib/wpscan/wp_target.rb
+++ b/lib/wpscan/wp_target.rb
@@ -5,6 +5,7 @@ require 'wp_target/malwares'
 require 'wp_target/wp_readme'
 require 'wp_target/wp_registrable'
 require 'wp_target/wp_config_backup'
+require 'wp_target/wp_must_use_plugins'
 require 'wp_target/wp_login_protection'
 require 'wp_target/wp_custom_directories'
 require 'wp_target/wp_full_path_disclosure'
@@ -14,6 +15,7 @@ class WpTarget < WebSite
  include WpTarget::WpReadme
  include WpTarget::WpRegistrable
  include WpTarget::WpConfigBackup
+  include WpTarget::WpMustUsePlugins
  include WpTarget::WpLoginProtection
  include WpTarget::WpCustomDirectories
  include WpTarget::WpFullPathDisclosure
--- a/lib/wpscan/wp_target/wp_custom_directories.rb
+++ b/lib/wpscan/wp_target/wp_custom_directories.rb
@@ -23,7 +23,7 @@ class WpTarget < WebSite
    # @return [ Boolean ]
    def default_wp_content_dir_exists?
      response = Browser.get(@uri.merge('wp-content').to_s)
-      hash = Digest::MD5.hexdigest(response.body)
+      hash = WebSite.page_hash(response.body)

      if WpTarget.valid_response_codes.include?(response.code)
        return true if hash != error_404_hash and hash != homepage_hash
--- a/lib/wpscan/wp_target/wp_must_use_plugins.rb
+++ b/lib/wpscan/wp_target/wp_must_use_plugins.rb
@@ -0,0 +1,26 @@
+# encoding: UTF-8
+
+class WpTarget < WebSite
+  module WpMustUsePlugins
+
+    # Checks to see if the must use plugin folder exists
+    #
+    # @return [ Boolean ]
+    def has_must_use_plugins?
+      response = Browser.get(must_use_url)
+
+      if response && WpTarget.valid_response_codes.include?(response.code)
+        hash = WebSite.page_hash(response.body)
+        return true if hash != error_404_hash && hash != homepage_hash
+      end
+
+      false
+    end
+
+    # @return [ String ] The must use plugins directory URL
+    def must_use_url
+      @uri.merge("#{wp_content_dir}/mu-plugins/").to_s
+    end
+
+  end
+end
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -171,6 +171,10 @@ def main
      puts "#{green('[+]')} This site seems to be a multisite (http://codex.wordpress.org/Glossary#Multisite)"
    end

+    if wp_target.has_must_use_plugins?
+      puts "#{green('[+]')} This site has must use plugins (http://codex.wordpress.org/Must_Use_Plugins)"
+    end
+
    if wp_target.registration_enabled?
      puts "#{amber('[+]')} Registration is enabled: #{wp_target.registration_url}"
    end