Merges with Master (and solves conflicts)
This commit is contained in:
erwanlr
@@ -62,7 +62,7 @@ module WPScan
|
||||
|
||||
# @param [ String ] slug
|
||||
# @return [ Constant ]
|
||||
def self.maybe_create_modudle(slug)
|
||||
def self.maybe_create_module(slug)
|
||||
# What about slugs such as js_composer which will be done as JsComposer, just like js-composer
|
||||
constant_name = classify_slug(slug)
|
||||
|
||||
@@ -75,10 +75,7 @@ module WPScan
|
||||
|
||||
def self.create_versions_finders
|
||||
versions_finders_configs.each do |slug, finders|
|
||||
# Kind of an issue here, module is created even if there is no valid classes
|
||||
# Could put the #maybe_ directly in the #send() BUT it would be checked everytime,
|
||||
# which is kind of a waste
|
||||
mod = maybe_create_modudle(slug)
|
||||
mod = maybe_create_module(slug)
|
||||
|
||||
finders.each do |finder_class, config|
|
||||
klass = config['class'] || finder_class
|
||||
|
||||
@@ -41,9 +41,6 @@ module WPScan
|
||||
#
|
||||
# @yield [ Typhoeus::Response, String ]
|
||||
def enumerate(urls, opts = {})
|
||||
determine_request_params(urls, opts)
|
||||
# determine_valid_response_codes(opts)
|
||||
|
||||
create_progress_bar(opts.merge(total: urls.size))
|
||||
|
||||
urls.each do |url, slug|
|
||||
@@ -61,6 +58,11 @@ module WPScan
|
||||
hydra.run
|
||||
end
|
||||
|
||||
# @return [ Hash ]
|
||||
def request_params
|
||||
@request_params ||= target.head_or_get_request_params.merge(cache_ttl: 0)
|
||||
end
|
||||
|
||||
# @param [ Typhoeus::Response ] res
|
||||
# @param [ Regexp,nil ] exclude_content
|
||||
#
|
||||
@@ -73,7 +75,9 @@ module WPScan
|
||||
|
||||
# Perform a full get to check if homepage or custom 404
|
||||
if res.code == 200
|
||||
full_res = Browser.get(res.effective_url, cache_ttl: 0)
|
||||
# The cache is not disabled to avoid additional request/s when checking
|
||||
# for directory listing
|
||||
full_res = Browser.get(res.effective_url)
|
||||
|
||||
return false if target.homepage_or_404?(full_res) ||
|
||||
exclude_content && full_res.body.match(exclude_content)
|
||||
@@ -83,23 +87,6 @@ module WPScan
|
||||
end
|
||||
# rubocop:enable Metrics/PerceivedComplexity
|
||||
|
||||
# @return [ Hash ]
|
||||
def request_params
|
||||
@request_params ||= { cache_ttl: 0 }
|
||||
end
|
||||
|
||||
# @param [ Hash ] urls
|
||||
# @param [ Hash ] opts
|
||||
def determine_request_params(urls, _opts)
|
||||
head_res = Browser.head(urls.first[0], cache_ttl: 0)
|
||||
|
||||
@request_params = if head_res.code == 405
|
||||
{ method: :get, maxfilesize: 1, cache_ttl: 0 }
|
||||
else
|
||||
{ method: :head, cache_ttl: 0 }
|
||||
end
|
||||
end
|
||||
|
||||
# @return [ Array<Integer> ]
|
||||
def valid_response_codes
|
||||
@valid_response_codes ||= [200, 401, 403, 301]
|
||||
|
||||
@@ -7,6 +7,15 @@ module WPScan
|
||||
class Target < CMSScanner::Target
|
||||
include Platform::WordPress
|
||||
|
||||
# @return [ Hash ]
|
||||
def head_or_get_request_params
|
||||
@head_or_get_request_params ||= if Browser.head(url).code == 405
|
||||
{ method: :get, maxfilesize: 1 }
|
||||
else
|
||||
{ method: :head }
|
||||
end
|
||||
end
|
||||
|
||||
# @return [ Boolean ]
|
||||
def vulnerable?
|
||||
[@wp_version, @main_theme, @plugins, @themes, @timthumbs].each do |e|
|
||||
|
||||
@@ -17,7 +17,7 @@ module WPScan
|
||||
def content_dir
|
||||
unless @content_dir
|
||||
escaped_url = Regexp.escape(url).gsub(/https?/i, 'https?')
|
||||
pattern = %r{#{escaped_url}([^\/]+)\/(?:themes|plugins|uploads|cache)\/}i
|
||||
pattern = %r{#{escaped_url}([\w\s\-\/]+)\/(?:themes|plugins|uploads|cache)\/}i
|
||||
|
||||
in_scope_urls(homepage_res) do |url|
|
||||
return @content_dir = Regexp.last_match[1] if url.match(pattern)
|
||||
|
||||
Reference in New Issue
Block a user