Parent

Object

Files

WpTarget

Attributes

uri[R]
verbose[R]

Public Class Methods

new(target_url, options = {}) click to toggle source 
# File lib/wpscan/wp_target.rb, line 35
def initialize(target_url, options = {})
  @uri            = URI.parse(add_trailing_slash(add_http_protocol(target_url)))
  @verbose        = options[:verbose]
  @wp_content_dir = options[:wp_content_dir]
  @wp_plugins_dir = options[:wp_plugins_dir]

  Browser.instance(options.merge(:max_threads => options[:threads]))
end
valid_response_codes() click to toggle source

Valid HTTP return codes

# File lib/wpscan/wp_target.rb, line 75
def self.valid_response_codes
  [200, 403, 301, 302, 500]
end

Public Instance Methods

debug_log_url() click to toggle source 
# File lib/wpscan/wp_target.rb, line 115
def debug_log_url
  @uri.merge("#{wp_content_dir()}/debug.log").to_s
end
error_404_hash() click to toggle source

Return the MD5 hash of a 404 page

# File lib/wpscan/wp_target.rb, line 62
def error_404_hash
  unless @error_404_hash
    non_existant_page = Digest::MD5.hexdigest(rand(9999999999).to_s) + ".html"

    response = Browser.instance.get(@uri.merge(non_existant_page).to_s)

    @error_404_hash = Digest::MD5.hexdigest(response.body)
  end

  @error_404_hash
end
has_debug_log?() click to toggle source 
# File lib/wpscan/wp_target.rb, line 109
def has_debug_log?
  # We only get the first 700 bytes of the file to avoid loading huge file (like 2Go)
  response_body = Browser.instance.get(debug_log_url(), :headers => { "range" => "bytes=0-700"}).body
  response_body[%{\[[^\]]+\] PHP (?:Warning|Error|Notice):}] ? true : false
end
login_url() click to toggle source 
# File lib/wpscan/wp_target.rb, line 49
def login_url
  url = @uri.merge("wp-login.php").to_s

  # Let's check if the login url is redirected (to https url for example)
  redirection = redirection(url)
  if redirection
    url = redirection
  end

  url
end
theme() click to toggle source

return WpTheme

# File lib/wpscan/wp_target.rb, line 80
def theme
  WpTheme.find(@uri)
end
url() click to toggle source

Alias of @uri.to_s

# File lib/wpscan/wp_target.rb, line 45
def url
  @uri.to_s
end
version() click to toggle source

return WpVersion

# File lib/wpscan/wp_target.rb, line 85
def version
  WpVersion.find(@uri, wp_content_dir)
end
wp_content_dir() click to toggle source 
# File lib/wpscan/wp_target.rb, line 89
def wp_content_dir
  unless @wp_content_dir
    index_body = Browser.instance.get(@uri.to_s).body

    if index_body[%{/wp-content/(?:themes|plugins)/}]
      @wp_content_dir = "wp-content"
    else
      @wp_content_dir = index_body[%{(?:href|src)=(?:"|')#{@uri}/?([^"']+)/(?:themes|plugins)/.*(?:"|')}, 1]
    end
  end
  @wp_content_dir
end
wp_plugins_dir() click to toggle source 
# File lib/wpscan/wp_target.rb, line 102
def wp_plugins_dir
  unless @wp_plugins_dir
    @wp_plugins_dir = wp_content_dir() + "/plugins"
  end
  @wp_plugins_dir
end

[Validate]

Generated with the Darkfish Rdoc Generator 2.