# File lib/wpscan/wp_theme.rb, line 44 def self.find(target_uri) self.methods.grep(%rfind_from_/).each do |method_to_call| theme = self.send(method_to_call, target_uri) return theme if theme end nil end
# File lib/wpscan/wp_theme.rb, line 25 def initialize(options = {}) options[:vulns_file] = (options[:vulns_file] != nil and options[:vulns_file] != "") ? options[:vulns_file] : THEMES_VULNS_FILE options[:vulns_xpath] = "//theme[@name='$name$']/vulnerability" options[:type] = "themes" @version = options[:version] @style_url = options[:style_url] super(options) end
Discover the wordpress theme name by parsing the css link rel
# File lib/wpscan/wp_theme.rb, line 60 def self.find_from_css_link(target_uri) response = Browser.instance.get(target_uri.to_s, {:follow_location => true, :max_redirects => 2}) matches = %r{https?://[^"']+/([^/]+)/themes/([^"']+)/style.css}.match(response.body) if matches style_url = matches[0] wp_content_dir = matches[1] theme_name = matches[2] return new(:name => theme_name, :style_url => style_url, :base_url => target_uri, :path => theme_name, :wp_content_dir => wp_content_dir ) end end
code.google.com/p/wpscan/issues/detail?id=141
# File lib/wpscan/wp_theme.rb, line 79 def self.find_from_wooframework(target_uri) body = Browser.instance.get(target_uri.to_s).body regexp = %r{<meta name="generator" content="([^\s"]+)\s?([^"]+)?" />\s+<meta name="generator" content="WooFramework\s?([^"]+)?" />} matches = regexp.match(body) if matches woo_theme_name = matches[1] woo_theme_version = matches[2] woo_framework_version = matches[3] # Not used at this time return new(:name => woo_theme_name, :version => woo_theme_version, :base_url => matches[0], :path => "", :wp_content_dir => "" ) end end
# File lib/wpscan/wp_theme.rb, line 53 def ===(wp_theme) wp_theme.name === @name and wp_theme.version === @version end