Parent

Object

Files

WpscanOptions

Constants

ACCESSOR_OPTIONS

Public Class Methods

load_from_arguments() click to toggle source

Will load the options from ARGV return WpscanOptions

# File lib/wpscan/wpscan_options.rb, line 134
def self.load_from_arguments
  wpscan_options = WpscanOptions.new

  if ARGV.length > 0
    WpscanOptions.get_opt_long.each do |opt, arg|
     wpscan_options.set_option_from_cli(opt, arg)
    end
  end

  wpscan_options
end
new() click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 47
def initialize
  @enumerate_plugins = false
  @enumerate_themes = false
  @enumerate_only_vulnerable_plugins = false
  @enumerate_only_vulnerable_themes = false
  @enumerate_timthumbs = false
  @enumerate_usernames = false
end

Protected Class Methods

clean_option(option) click to toggle source

Will removed the ‘-’ or ‘–’ chars at the beginning of option and replace any remaining ‘-’ by ‘_’

param string option return string

# File lib/wpscan/wpscan_options.rb, line 221
def self.clean_option(option)
  cleaned_option = option.gsub(/^--?/, '')
  cleaned_option.gsub(/-/, '_')
end
get_opt_long() click to toggle source

Even if a short option is given (IE : -u), the long one will be returned (IE : –url)

# File lib/wpscan/wpscan_options.rb, line 193
def self.get_opt_long
  GetoptLong.new(
    ["--url", "-u", GetoptLong::REQUIRED_ARGUMENT],
    ["--enumerate", "-e", GetoptLong::OPTIONAL_ARGUMENT],
    ["--username", "-U", GetoptLong::REQUIRED_ARGUMENT],
    ["--wordlist", "-w", GetoptLong::REQUIRED_ARGUMENT],
    ["--threads", "-t",GetoptLong::REQUIRED_ARGUMENT],
    ["--force", "-f",GetoptLong::NO_ARGUMENT],
    ["--help", "-h", GetoptLong::NO_ARGUMENT],
    ["--verbose", "-v", GetoptLong::NO_ARGUMENT] ,
    ["--proxy", GetoptLong::OPTIONAL_ARGUMENT],
    ["--update", GetoptLong::NO_ARGUMENT],
    ["--follow-redirection", GetoptLong::NO_ARGUMENT],
    ["--wp-content-dir", GetoptLong::REQUIRED_ARGUMENT],
    ["--wp-plugins-dir", GetoptLong::REQUIRED_ARGUMENT],
    ["--config-file", "-c", GetoptLong::REQUIRED_ARGUMENT]
  )
end
is_long_option?(option) click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 212
def self.is_long_option?(option)
  ACCESSOR_OPTIONS.include?(:"#{WpscanOptions.clean_option(option)}")
end
option_to_instance_variable_setter(option) click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 226
def self.option_to_instance_variable_setter(option)
  cleaned_option = WpscanOptions.clean_option(option)
  option_syms    = ACCESSOR_OPTIONS.grep(%{^#{cleaned_option}})

  option_syms.length == 1 ? :"#{option_syms.at(0)}=" : nil
end

Public Instance Methods

enumerate_only_vulnerable_plugins=(enumerate_only_vulnerable_plugins) click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 90
def enumerate_only_vulnerable_plugins=(enumerate_only_vulnerable_plugins)
  if enumerate_only_vulnerable_plugins === true and @enumerate_plugins === true
    raise "You can't enumerate plugins and only vulnerable plugins at the same time, please choose only one"
  else
    @enumerate_only_vulnerable_plugins = enumerate_only_vulnerable_plugins
  end
end
enumerate_only_vulnerable_themes=(enumerate_only_vulnerable_themes) click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 106
def enumerate_only_vulnerable_themes=(enumerate_only_vulnerable_themes)
  if enumerate_only_vulnerable_themes === true and @enumerate_plugins === true
    raise "You can't enumerate themes and only vulnerable themes at the same time, please choose only one"
  else
    @enumerate_only_vulnerable_themes = enumerate_only_vulnerable_themes
  end
end
enumerate_options_from_string(value) click to toggle source

Will set enumerate_* from the string value IE : if value = p! => :enumerate_only_vulnerable_plugins will be set to true multiple enumeration are possible : ‘up’ => :enumerate_usernames and :enumerate_plugins Special case for usernames, a range is possible : u will enumerate usernames from 1 to 10

# File lib/wpscan/wpscan_options.rb, line 169
def enumerate_options_from_string(value)
  # Usage of self is mandatory because there are overridden setters
  self.enumerate_only_vulnerable_plugins = true if value =~ /p!/

  self.enumerate_plugins = true if value =~ /p(?!!)/

  @enumerate_timthumbs = true if value =~ /t/

  self.enumerate_only_vulnerable_themes = true if value =~ /T!/

  self.enumerate_themes = true if value =~ /T(?!!)/

  if value =~ /u/
    @enumerate_usernames = true
    # Check for usernames range
    if matches = %{\[([\d]+)-([\d]+)\]}.match(value)
      @enumerate_usernames_range = (matches[1].to_i..matches[2].to_i)
    end
  end

end
enumerate_plugins=(enumerate_plugins) click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 82
def enumerate_plugins=(enumerate_plugins)
  if enumerate_plugins === true and @enumerate_only_vulnerable_plugins === true
    raise "You can't enumerate plugins and only vulnerable plugins at the same time, please choose only one"
  else
    @enumerate_plugins = enumerate_plugins
  end
end
enumerate_themes=(enumerate_themes) click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 98
def enumerate_themes=(enumerate_themes)
  if enumerate_themes === true and @enumerate_only_vulnerable_themes === true
    raise "You can't enumerate themes and only vulnerable themes at the same time, please choose only one"
  else
    @enumerate_themes = enumerate_themes
  end
end
has_options?() click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 114
def has_options?
  !to_h.empty?
end
proxy=(proxy) click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 74
def proxy=(proxy)
  if proxy.index(':') == nil
    raise "Invalid proxy format. Should be host:port."
  else
    @proxy = proxy
  end
end
set_option_from_cli(cli_option, cli_value) click to toggle source

string cli_option : –url, -u, –proxy etc string cli_value : the option value

# File lib/wpscan/wpscan_options.rb, line 148
def set_option_from_cli(cli_option, cli_value)

  if WpscanOptions.is_long_option?(cli_option)
    self.send(
      WpscanOptions.option_to_instance_variable_setter(cli_option),
      cli_value
    )
  elsif cli_option === "--enumerate" # Special cases
    # Default value if no argument is given
    cli_value = "Ttup!" if cli_value.length == 0

    enumerate_options_from_string(cli_value)
  else
    raise "Unknow option : #{cli_option} with value #{cli_value}"
  end
end
threads=(threads) click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 62
def threads=(threads)
  @threads = threads.is_a?(Integer) ? threads : threads.to_i
end
to_h() click to toggle source

return Hash

# File lib/wpscan/wpscan_options.rb, line 119
def to_h
  options = {}

  ACCESSOR_OPTIONS.each do |option|
    instance_variable = instance_variable_get("@#{option}")

    unless instance_variable.nil?
      options[:"#{option}"] = instance_variable
    end
  end
  options
end
url=(url) click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 56
def url=(url)
  raise "Empty URL given" if !url

  @url = URI.parse(add_http_protocol(url)).to_s
end
wordlist=(wordlist) click to toggle source 
# File lib/wpscan/wpscan_options.rb, line 66
def wordlist=(wordlist)
  if File.exists?(wordlist)
    @wordlist = wordlist
  else
    raise "The file #{wordlist} does not exist"
  end
end

[Validate]

Generated with the Darkfish Rdoc Generator 2.