garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WpItems detection: Perform the passive check and filter only vulnerable results at the end if required, fixes #727

Browse Source
This commit is contained in:
erwanlr
2014-11-21 16:49:04 +01:00
parent bc4f0c002b
commit fb8ad72335
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/common/collections/wp_items.rb
View File

@@ -14,7 +14,7 @@ class WpItems < Array
self.wp_target = wp_target self.wp_target = wp_target
end end
# @param [String,] argv # @param [String] argv
# #
# @return [ void ] # @return [ void ]
def add(*args) def add(*args)

10
lib/common/collections/wp_items/detectable.rb
View File

@@ -23,10 +23,7 @@ class WpItems < Array
homepage_hash: wp_target.homepage_hash, homepage_hash: wp_target.homepage_hash,
exclude_content: options[:exclude_content] ? %r{#{options[:exclude_content]}} : nil exclude_content: options[:exclude_content] ? %r{#{options[:exclude_content]}} : nil
} }
results = passive_detection(wp_target, options)
# If we only want the vulnerable ones, the passive detection is ignored
# Otherwise, a passive detection is performed, and results will be merged
results = options[:only_vulnerable] ? new : passive_detection(wp_target, options)
targets.each do |target_item| targets.each do |target_item|
request = browser.forge_request(target_item.url, request_params) request = browser.forge_request(target_item.url, request_params)
@@ -55,8 +52,11 @@ class WpItems < Array
# run the remaining requests # run the remaining requests
hydra.run hydra.run
results.select!(&:vulnerable?) if options[:only_vulnerable]
results.sort! results.sort!
results # can't just return results.sort because the #sort returns an array, and we want a WpItems
results # can't just return results.sort as it would return an array, and we want a WpItems
end end
# @param [ Integer ] targets_size # @param [ Integer ] targets_size