garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs

Browse Source
This commit is contained in:
Christian Mehlmauer
2013-08-10 12:47:52 +02:00
parent 5ea911c9b3
commit faf234b482
187 changed files with 2898 additions and 1908 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
doc_rdoc/WpItems/Detectable.html
View File

@@ -63,10 +63,10 @@
<li><a href="#method-i-item_class">#item_class</a></li>
<li><a href="#method-i-item_options">#item_options</a></li>
<li><a href="#method-i-passive_detection">#passive_detection</a></li>
<li><a href="#method-i-passive_detection_pattern">#passive_detection_pattern</a></li>
<li><a href="#method-i-progress_bar">#progress_bar</a></li>
<li><a href="#method-i-request_params">#request_params</a></li>
@@ -120,8 +120,6 @@
<li><a href="../WpTarget.html">WpTarget</a></li>
<li><a href="../WpTarget/InterestingHeaders.html">WpTarget::InterestingHeaders</a></li>
<li><a href="../WpTarget/Malwares.html">WpTarget::Malwares</a></li>
<li><a href="../WpTarget/WpConfigBackup.html">WpTarget::WpConfigBackup</a></li>
@@ -202,6 +200,12 @@
<li><a href="../Terminal/Table/Style.html">Terminal::Table::Style</a></li>
<li><a href="../WebSite.html">WebSite</a></li>
<li><a href="../WebSite/InterestingHeaders.html">WebSite::InterestingHeaders</a></li>
<li><a href="../WebSite/RobotsTxt.html">WebSite::RobotsTxt</a></li>
<li><a href="../WpItems.html">WpItems</a></li>
<li><a href="../WpItems/Detectable.html">WpItems::Detectable</a></li>
@@ -276,8 +280,6 @@
<li><a href="../VersionCompare.html">VersionCompare</a></li>
<li><a href="../WebSite.html">WebSite</a></li>
<li><a href="../WpscanOptions.html">WpscanOptions</a></li>
</ul>
@@ -398,7 +400,9 @@ check for vulnerable items @option options [ String ] :exclude_content</p>
<span class="ruby-identifier">request</span>.<span class="ruby-identifier">on_complete</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">response</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">progress_bar</span>.<span class="ruby-identifier">progress</span> <span class="ruby-operator">+=</span> <span class="ruby-value">1</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:show_progression</span>]
<span class="ruby-keyword">if</span> <span class="ruby-identifier">target_item</span>.<span class="ruby-identifier">exists?</span>(<span class="ruby-identifier">exist_options</span>, <span class="ruby-identifier">response</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">target_item</span>.<span class="ruby-identifier">exists?</span>(<span class="ruby-identifier">exist_options</span>, <span class="ruby-identifier">response</span>)
<span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">results</span>.<span class="ruby-identifier">include?</span>(<span class="ruby-identifier">target_item</span>)
<span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-value">:only_vulnerable</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">options</span>[<span class="ruby-value">:only_vulnerable</span>] <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">target_item</span>.<span class="ruby-identifier">vulnerable?</span>
<span class="ruby-identifier">results</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">target_item</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
@@ -442,23 +446,13 @@ check for vulnerable items @option options [ String ] :exclude_content</p>
<p>@return [ <a href="../WpItems.html">WpItems</a> ]</p>
<div class="method-source-code" id="passive_detection-source">
<pre>
<span class="ruby-comment"># File lib/common/collections/wp_items/detectable.rb, line 70</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">passive_detection</span>(<span class="ruby-identifier">wp_target</span>, <span class="ruby-identifier">options</span> = {})
<span class="ruby-identifier">results</span> = <span class="ruby-identifier">new</span>
<span class="ruby-identifier">item_class</span> = <span class="ruby-keyword">self</span>.<span class="ruby-identifier">item_class</span>
<pre>
<span class="ruby-comment"># File lib/common/collections/wp_items/detectable.rb, line 72</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">passive_detection</span>(<span class="ruby-identifier">wp_target</span>, <span class="ruby-identifier">options</span> = {})
<span class="ruby-identifier">results</span> = <span class="ruby-identifier">new</span>(<span class="ruby-identifier">wp_target</span>)
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">wp_target</span>.<span class="ruby-identifier">url</span>)
<span class="ruby-identifier">item_options</span> = <span class="ruby-keyword">self</span>.<span class="ruby-identifier">item_options</span>(<span class="ruby-identifier">wp_target</span>)
<span class="ruby-identifier">regex1</span> = <span class="ruby-regexp">%{(?:[^=:]+)\s?(?:=|:)\s?(?:&quot;|')[^&quot;']+\\?/}</span>
<span class="ruby-identifier">regex2</span> = <span class="ruby-regexp">%{\\?/}</span>
<span class="ruby-identifier">regex3</span> = <span class="ruby-regexp">%{\\?/([^/\\&quot;']+)\\?(?:/|&quot;|')}</span>
<span class="ruby-identifier">names</span> = <span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>.<span class="ruby-identifier">scan</span>(<span class="ruby-node">/#{regex1}#{Regexp.escape(wp_target.wp_content_dir)}#{regex2}#{Regexp.escape(type)}#{regex3}/</span>)
<span class="ruby-identifier">body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">wp_target</span>.<span class="ruby-identifier">url</span>).<span class="ruby-identifier">body</span>
<span class="ruby-identifier">names</span> = <span class="ruby-identifier">body</span>.<span class="ruby-identifier">scan</span>(<span class="ruby-identifier">passive_detection_pattern</span>(<span class="ruby-identifier">wp_target</span>))
<span class="ruby-identifier">names</span>.<span class="ruby-identifier">flatten</span>.<span class="ruby-identifier">uniq</span>.<span class="ruby-identifier">each</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">name</span><span class="ruby-operator">|</span> <span class="ruby-identifier">results</span>.<span class="ruby-identifier">add</span>(<span class="ruby-identifier">name</span>) }
@@ -494,7 +488,7 @@ check for vulnerable items @option options [ String ] :exclude_content</p>
<p>@return [ ProgressBar ] :nocov:</p>
<div class="method-source-code" id="progress_bar-source">
<pre>
<span class="ruby-comment"># File lib/common/collections/wp_items/detectable.rb, line 57</span>
@@ -543,7 +537,7 @@ href="Detectable.html#attribute-i-vulns_file">vulns_file</a></p>
<p>@return [ <a href="../WpItem.html">WpItem</a> ]</p>
<div class="method-source-code" id="create_item-source">
<pre>
@@ -582,7 +576,7 @@ href="Detectable.html#attribute-i-vulns_file">vulns_file</a></p>
<p>@return [ Class ]</p>
<div class="method-source-code" id="item_class-source">
<pre>
@@ -596,12 +590,12 @@ href="Detectable.html#attribute-i-vulns_file">vulns_file</a></p>
</div><!-- item_class-method -->
</div><!-- item_class-method -->
<div id="passive_detection_pattern-method" class="method-detail ">
<a name="method-i-item_options"></a>
<a name="method-i-passive_detection_pattern"></a>
<div class="method-heading">
@@ -611,28 +605,29 @@ href="Detectable.html#attribute-i-vulns_file">vulns_file</a></p>
</div>
<div class="method-description">
<div class="method-description">
<p>@param [ <a href="../WpTarget.html">WpTarget</a> ] wp_target</p>
<p>@return [ Hash ]</p>
<p>@return [ Regex ]</p>
<div class="method-source-code" id="item_options-source">
<pre>
<span class="ruby-comment"># File lib/common/collections/wp_items/detectable.rb, line 96</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">item_options</span>(<span class="ruby-identifier">wp_target</span>)
{
<div class="method-source-code" id="passive_detection_pattern-source">
<pre>
<span class="ruby-comment"># File lib/common/collections/wp_items/detectable.rb, line 88</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">passive_detection_pattern</span>(<span class="ruby-identifier">wp_target</span>)
<span class="ruby-identifier">type</span> = <span class="ruby-keyword">self</span>.<span class="ruby-identifier">to_s</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp">/Wp/</span>, <span class="ruby-string">''</span>).<span class="ruby-identifier">downcase</span>
<span class="ruby-identifier">regex1</span> = <span class="ruby-regexp">%{(?:[^=:]+)\s?(?:=|:)\s?(?:&quot;|')[^&quot;']+\\?/}</span>
<span class="ruby-identifier">regex2</span> = <span class="ruby-regexp">%{\\?/}</span>
<span class="ruby-identifier">wp_plugins_dir</span><span class="ruby-operator">:</span> <span class="ruby-identifier">wp_target</span>.<span class="ruby-identifier">wp_plugins_dir</span>,
<span class="ruby-identifier">regex3</span> = <span class="ruby-regexp">%{\\?/([^/\\&quot;']+)\\?(?:/|&quot;|')}</span>
<span class="ruby-node">/#{regex1}#{Regexp.escape(wp_target.wp_content_dir)}#{regex2}#{Regexp.escape(type)}#{regex3}/</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- passive_detection_pattern-source -->
</div>
@@ -656,7 +651,7 @@ href="Detectable.html#attribute-i-vulns_file">vulns_file</a></p>
<p>@return [ Hash ]</p>
<div class="method-source-code" id="request_params-source">
<pre>
@@ -691,7 +686,7 @@ options [ String ] :file The path to the file containing the targets</p>
<p>@return [ <a href="../Array.html">Array</a>&lt;WpItem&gt; ]</p>
<div class="method-source-code" id="targets_items-source">
<pre>
@@ -743,7 +738,7 @@ href="Detectable.html#method-i-item_class">item_class</a> @param [ String ]
<p>@return [ <a href="../Array.html">Array</a>&lt;WpItem&gt; ]</p>
<div class="method-source-code" id="targets_items_from_file-source">
<pre>
@@ -792,7 +787,7 @@ String ] <a href="Detectable.html#attribute-i-vulns_file">vulns_file</a></p>
<p>@return [ <a href="../Array.html">Array</a>&lt;WpItem&gt; ]</p>
<div class="method-source-code" id="vulnerable_targets_items-source">
<pre>

10
doc_rdoc/WpItems/Output.html
View File

@@ -102,8 +102,6 @@
<li><a href="../WpTarget.html">WpTarget</a></li>
<li><a href="../WpTarget/InterestingHeaders.html">WpTarget::InterestingHeaders</a></li>
<li><a href="../WpTarget/Malwares.html">WpTarget::Malwares</a></li>
<li><a href="../WpTarget/WpConfigBackup.html">WpTarget::WpConfigBackup</a></li>
@@ -184,6 +182,12 @@
<li><a href="../Terminal/Table/Style.html">Terminal::Table::Style</a></li>
<li><a href="../WebSite.html">WebSite</a></li>
<li><a href="../WebSite/InterestingHeaders.html">WebSite::InterestingHeaders</a></li>
<li><a href="../WebSite/RobotsTxt.html">WebSite::RobotsTxt</a></li>
<li><a href="../WpItems.html">WpItems</a></li>
<li><a href="../WpItems/Detectable.html">WpItems::Detectable</a></li>
@@ -258,8 +262,6 @@
<li><a href="../VersionCompare.html">VersionCompare</a></li>
<li><a href="../WebSite.html">WebSite</a></li>
<li><a href="../WpscanOptions.html">WpscanOptions</a></li>
</ul>