# File lib/wpscan/modules/wp_timthumbs.rb, line 27 def has_timthumbs?(theme_name, options = {}) !timthumbs(theme_name, options).empty? end
# File lib/wpscan/modules/wp_timthumbs.rb, line 31 def timthumbs(theme_name = nil, options = {}) if @wp_timthumbs.nil? options[:type] = 'timthumbs' options[:only_vulnerable_ones] = false options[:file] = options[:file] || DATA_DIR + '/timthumbs.txt' options[:vulns_file] = 'xxx' options[:vulns_xpath] = 'xxx' options[:vulns_xpath_2] = 'xxx' WpOptions.check_options(options) if theme_name == nil custom_items = nil else custom_items = targets_url_from_theme(theme_name, options) end @wp_timthumbs = WpEnumerator.enumerate(options, custom_items) end @wp_timthumbs end
# File lib/wpscan/modules/wp_timthumbs.rb, line 52 def targets_url_from_theme(theme_name, options) targets = [] theme_name = URI.escape(theme_name) %w{ timthumb.php lib/timthumb.php inc/timthumb.php includes/timthumb.php scripts/timthumb.php tools/timthumb.php functions/timthumb.php }.each do |file| targets << WpItem.new( base_url: options[:base_url], path: "themes/#{theme_name}/#{file}", wp_content_dir: options[:wp_content_dir], name: theme_name, vulns_file: 'XX', type: 'timthumbs', wp_plugins_dir: options[:wp_plugins_dir] ) end targets end