garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs

Browse Source
This commit is contained in:
Christian Mehlmauer
2013-08-10 12:47:52 +02:00
parent 5ea911c9b3
commit faf234b482
187 changed files with 2898 additions and 1908 deletions
Download Patch File Download Diff File Expand all files Collapse all files

231
doc_rdoc/WebSite.html
View File

@@ -34,6 +34,12 @@
<div class="section-body">
<ul>
<li><a href="./lib/wpscan/web_site/interesting_headers_rb.html?TB_iframe=true&amp;height=550&amp;width=785"
class="thickbox" title="lib/wpscan/web_site/interesting_headers.rb">lib/wpscan/web_site/interesting_headers.rb</a></li>
<li><a href="./lib/wpscan/web_site/robots_txt_rb.html?TB_iframe=true&amp;height=550&amp;width=785"
class="thickbox" title="lib/wpscan/web_site/robots_txt.rb">lib/wpscan/web_site/robots_txt.rb</a></li>
<li><a href="./lib/wpscan/web_site_rb.html?TB_iframe=true&amp;height=550&amp;width=785"
class="thickbox" title="lib/wpscan/web_site.rb">lib/wpscan/web_site.rb</a></li>
@@ -58,6 +64,18 @@
<!-- Namespace Contents -->
<div id="namespace-list-section" class="section">
<h3 class="section-header">Namespace</h3>
<ul class="link-list">
<li><span class="type">MODULE</span> <a href="WebSite/InterestingHeaders.html">WebSite::InterestingHeaders</a></li>
<li><span class="type">MODULE</span> <a href="WebSite/RobotsTxt.html">WebSite::RobotsTxt</a></li>
</ul>
</div>
<!-- Method Quickref -->
@@ -75,8 +93,6 @@
<li><a href="#method-i-has_basic_auth-3F">#has_basic_auth?</a></li>
<li><a href="#method-i-has_robots-3F">#has_robots?</a></li>
<li><a href="#method-i-has_xml_rpc-3F">#has_xml_rpc?</a></li>
<li><a href="#method-i-homepage_hash">#homepage_hash</a></li>
@@ -85,8 +101,6 @@
<li><a href="#method-i-redirection">#redirection</a></li>
<li><a href="#method-i-robots_url">#robots_url</a></li>
<li><a href="#method-i-rss_url">#rss_url</a></li>
<li><a href="#method-i-url">#url</a></li>
@@ -95,15 +109,27 @@
<li><a href="#method-i-xml_rpc_url">#xml_rpc_url</a></li>
<li><a href="#method-i-xml_rpc_url_from_body">#xml_rpc_url_from_body</a></li>
<li><a href="#method-i-xml_rpc_url_from_headers">#xml_rpc_url_from_headers</a></li>
</ul>
</div>
<!-- Included Modules -->
<div id="includes-section" class="section">
<h3 class="section-header">Included Modules</h3>
<ul class="link-list">
<li><a class="include" href="WebSite/RobotsTxt.html">WebSite::RobotsTxt</a></li>
<li><a class="include" href="WebSite/InterestingHeaders.html">WebSite::InterestingHeaders</a></li>
</ul>
</div>
</div>
<div id="project-metadata">
@@ -142,8 +168,6 @@
<li><a href="./WpTarget.html">WpTarget</a></li>
<li><a href="./WpTarget/InterestingHeaders.html">WpTarget::InterestingHeaders</a></li>
<li><a href="./WpTarget/Malwares.html">WpTarget::Malwares</a></li>
<li><a href="./WpTarget/WpConfigBackup.html">WpTarget::WpConfigBackup</a></li>
@@ -224,6 +248,12 @@
<li><a href="./Terminal/Table/Style.html">Terminal::Table::Style</a></li>
<li><a href="./WebSite.html">WebSite</a></li>
<li><a href="./WebSite/InterestingHeaders.html">WebSite::InterestingHeaders</a></li>
<li><a href="./WebSite/RobotsTxt.html">WebSite::RobotsTxt</a></li>
<li><a href="./WpItems.html">WpItems</a></li>
<li><a href="./WpItems/Detectable.html">WpItems::Detectable</a></li>
@@ -298,8 +328,6 @@
<li><a href="./VersionCompare.html">VersionCompare</a></li>
<li><a href="./WebSite.html">WebSite</a></li>
<li><a href="./WpscanOptions.html">WpscanOptions</a></li>
</ul>
@@ -381,7 +409,7 @@ file which can be very huge (like 2 Go)</p>
<div class="method-source-code" id="has_log-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 132</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 108</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">has_log?</span>(<span class="ruby-identifier">log_url</span>, <span class="ruby-identifier">pattern</span>)
<span class="ruby-identifier">log_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">log_url</span>, <span class="ruby-identifier">headers</span><span class="ruby-operator">:</span> {<span class="ruby-string">'range'</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">'bytes=0-700'</span>}).<span class="ruby-identifier">body</span>
<span class="ruby-identifier">log_body</span>[<span class="ruby-identifier">pattern</span>] <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
@@ -415,7 +443,7 @@ file which can be very huge (like 2 Go)</p>
<div class="method-source-code" id="new-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 6</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 11</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">site_url</span>)
<span class="ruby-keyword">self</span>.<span class="ruby-identifier">url</span> = <span class="ruby-identifier">site_url</span>
<span class="ruby-keyword">end</span></pre>
@@ -454,7 +482,7 @@ page The url of the response of the page</p>
<div class="method-source-code" id="page_hash-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 84</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 72</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">page_hash</span>(<span class="ruby-identifier">page</span>)
<span class="ruby-identifier">page</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">page</span>) <span class="ruby-keyword">unless</span> <span class="ruby-identifier">page</span>.<span class="ruby-identifier">is_a?</span>(<span class="ruby-constant">Typhoeus</span><span class="ruby-operator">::</span><span class="ruby-constant">Response</span>)
@@ -495,7 +523,7 @@ page The url of the response of the page</p>
<div class="method-source-code" id="error_404_hash-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 98</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 86</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">error_404_hash</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@error_404_hash</span>
<span class="ruby-identifier">non_existant_page</span> = <span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">MD5</span>.<span class="ruby-identifier">hexdigest</span>(<span class="ruby-identifier">rand</span>(<span class="ruby-value">999_999_999</span>).<span class="ruby-identifier">to_s</span>) <span class="ruby-operator">+</span> <span class="ruby-string">'.html'</span>
@@ -532,7 +560,7 @@ page The url of the response of the page</p>
<div class="method-source-code" id="has_basic_auth-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 23</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 28</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_basic_auth?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">401</span>
<span class="ruby-keyword">end</span></pre>
@@ -546,39 +574,6 @@ page The url of the response of the page</p>
</div><!-- has_basic_auth-3F-method -->
<div id="has_robots-3F-method" class="method-detail ">
<a name="method-i-has_robots-3F"></a>
<div class="method-heading">
<span class="method-name">has_robots?</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Checks if a robots.txt file exists</p>
<div class="method-source-code" id="has_robots-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 114</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_robots?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">robots_url</span>).<span class="ruby-identifier">code</span> <span class="ruby-operator">==</span> <span class="ruby-value">200</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_robots-3F-source -->
</div>
</div><!-- has_robots-3F-method -->
<div id="has_xml_rpc-3F-method" class="method-detail ">
<a name="method-i-has_xml_rpc-3F"></a>
@@ -598,9 +593,10 @@ page The url of the response of the page</p>
<div class="method-source-code" id="has_xml_rpc-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 27</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 32</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">has_xml_rpc?</span>
<span class="ruby-operator">!</span><span class="ruby-identifier">xml_rpc_url</span>.<span class="ruby-identifier">nil?</span>
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get_and_follow_location</span>(<span class="ruby-identifier">xml_rpc_url</span>)
<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">%{XML-RPC server accepts POST requests only}</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- has_xml_rpc-3F-source -->
@@ -631,7 +627,7 @@ page The url of the response of the page</p>
<div class="method-source-code" id="homepage_hash-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 90</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 78</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">homepage_hash</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@homepage_hash</span>
<span class="ruby-ivar">@homepage_hash</span> = <span class="ruby-constant">WebSite</span>.<span class="ruby-identifier">page_hash</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>)
@@ -667,7 +663,7 @@ page The url of the response of the page</p>
<div class="method-source-code" id="online-3F-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 19</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 24</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">online?</span>
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">code</span> <span class="ruby-operator">!=</span> <span class="ruby-value">0</span>
<span class="ruby-keyword">end</span></pre>
@@ -701,7 +697,7 @@ a string with the redirection or nil</p>
<div class="method-source-code" id="redirection-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 61</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 49</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">redirection</span>(<span class="ruby-identifier">url</span> = <span class="ruby-keyword">nil</span>)
<span class="ruby-identifier">redirection</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-identifier">url</span> <span class="ruby-operator">||=</span> <span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>
@@ -728,41 +724,6 @@ a string with the redirection or nil</p>
</div><!-- redirection-method -->
<div id="robots_url-method" class="method-detail ">
<a name="method-i-robots_url"></a>
<div class="method-heading">
<span class="method-name">robots_url</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Gets a robots.txt URL</p>
<p>@return [ String ]</p>
<div class="method-source-code" id="robots_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 121</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">robots_url</span>
<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">'robots.txt'</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- robots_url-source -->
</div>
</div><!-- robots_url-method -->
<div id="rss_url-method" class="method-detail ">
<a name="method-i-rss_url"></a>
@@ -776,14 +737,14 @@ a string with the redirection or nil</p>
<div class="method-description">
<p>Will try to find the rss url in the homepage Only the first one found iw
<p>Will try to find the rss url in the homepage Only the first one found is
returned</p>
<div class="method-source-code" id="rss_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 108</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 96</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">rss_url</span>
<span class="ruby-identifier">homepage_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>
<span class="ruby-identifier">homepage_body</span>[<span class="ruby-regexp">%{&lt;link .* type=&quot;application/rss\+xml&quot; .* href=&quot;([^&quot;]+)&quot; /&gt;}</span>, <span class="ruby-value">1</span>]
@@ -817,7 +778,7 @@ returned</p>
<div class="method-source-code" id="url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 14</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 19</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">url</span>
<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span></pre>
@@ -850,7 +811,7 @@ returned</p>
<div class="method-source-code" id="url-3D-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 10</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 15</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">url=</span>(<span class="ruby-identifier">url</span>)
<span class="ruby-ivar">@uri</span> = <span class="ruby-constant">URI</span>.<span class="ruby-identifier">parse</span>(<span class="ruby-identifier">add_trailing_slash</span>(<span class="ruby-identifier">add_http_protocol</span>(<span class="ruby-identifier">url</span>)))
<span class="ruby-keyword">end</span></pre>
@@ -884,11 +845,12 @@ href="http://www.hixie.ch/specs/pingback/pingback-1.0#TOC2.3">www.hixie.ch/specs
<div class="method-source-code" id="xml_rpc_url-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 32</span>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 38</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">xml_rpc_url</span>
<span class="ruby-keyword">unless</span> <span class="ruby-ivar">@xmlrpc_url</span>
<span class="ruby-ivar">@xmlrpc_url</span> = <span class="ruby-identifier">xml_rpc_url_from_headers</span>() <span class="ruby-operator">||</span> <span class="ruby-identifier">xml_rpc_url_from_body</span>()
<span class="ruby-ivar">@xmlrpc_url</span> = <span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">'xmlrpc.php'</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-keyword">end</span>
<span class="ruby-ivar">@xmlrpc_url</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- xml_rpc_url-source -->
@@ -901,83 +863,6 @@ href="http://www.hixie.ch/specs/pingback/pingback-1.0#TOC2.3">www.hixie.ch/specs
</div><!-- xml_rpc_url-method -->
<div id="xml_rpc_url_from_body-method" class="method-detail ">
<a name="method-i-xml_rpc_url_from_body"></a>
<div class="method-heading">
<span class="method-name">xml_rpc_url_from_body</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="xml_rpc_url_from_body-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 52</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">xml_rpc_url_from_body</span>
<span class="ruby-identifier">body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>
<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%{&lt;link rel=&quot;pingback&quot; href=&quot;([^&quot;]+)&quot; ?\/?&gt;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
</div><!-- xml_rpc_url_from_body-source -->
</div>
</div><!-- xml_rpc_url_from_body-method -->
<div id="xml_rpc_url_from_headers-method" class="method-detail ">
<a name="method-i-xml_rpc_url_from_headers"></a>
<div class="method-heading">
<span class="method-name">xml_rpc_url_from_headers</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="xml_rpc_url_from_headers-source">
<pre>
<span class="ruby-comment"># File lib/wpscan/web_site.rb, line 39</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">xml_rpc_url_from_headers</span>
<span class="ruby-identifier">headers</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">headers_hash</span>
<span class="ruby-identifier">xmlrpc_url</span> = <span class="ruby-keyword">nil</span>
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">headers</span>.<span class="ruby-identifier">nil?</span>
<span class="ruby-identifier">pingback_url</span> = <span class="ruby-identifier">headers</span>[<span class="ruby-string">'X-Pingback'</span>]
<span class="ruby-keyword">unless</span> <span class="ruby-identifier">pingback_url</span>.<span class="ruby-identifier">nil?</span> <span class="ruby-operator">||</span> <span class="ruby-identifier">pingback_url</span>.<span class="ruby-identifier">empty?</span>
<span class="ruby-identifier">xmlrpc_url</span> = <span class="ruby-identifier">pingback_url</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">xmlrpc_url</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- xml_rpc_url_from_headers-source -->
</div>
</div><!-- xml_rpc_url_from_headers-method -->
</div><!-- public-instance-method-details -->
</div><!-- 5Buntitled-5D -->