![[+]](./images/find.png "show/hide quicksearch"){kind=small}
# File lib/wpscan/wp_item.rb, line 25 def initialize(options) @type = options[:type] @wp_content_dir = options[:wp_content_dir] || "wp-content" @wp_plugin_dir = options[:wp_plugins_dir] || "plugins" @url = options[:url] @path = options[:path] @name = options[:name] || extract_name_from_url @vulns_file = options[:vulns_file] @vulns_xpath = options[:vulns_xpath].sub(/\$name\$/, @name) unless options[:vulns_xpath] == nil raise("url not set") unless @url raise("path not set") unless @path raise("wp_content_dir not set") unless @wp_content_dir raise("name not set") unless @name raise("vulns_file not set") unless @vulns_file raise("type not set") unless @type end
Compare
# File lib/wpscan/wp_item.rb, line 121 def <=>(other) other.name <=> self.name end
Compare
# File lib/wpscan/wp_item.rb, line 111 def ==(other) other.name == self.name end
Compare
# File lib/wpscan/wp_item.rb, line 116 def ===(other) other.name == self.name end
Url for changelog.txt
# File lib/wpscan/wp_item.rb, line 131 def changelog_url get_url_without_filename.merge("changelog.txt") end
Is directory listing enabled?
# File lib/wpscan/wp_item.rb, line 94 def directory_listing? # Need to remove to file part from the url Browser.instance.get(get_url_without_filename).body[%{<title>Index of}] ? true : false end
Extract item name from a url
# File lib/wpscan/wp_item.rb, line 100 def extract_name_from_url get_url.to_s[%{^(https?://.*/([^/]+)/)}, 2] end
# File lib/wpscan/wp_item.rb, line 43 def get_sub_folder case @type when "plugins" folder = @wp_plugin_dir when "themes" folder = "themes" when "timthumbs" # not needed folder = nil else raise("unknown type #@type") end folder end
Get the full url for this item
# File lib/wpscan/wp_item.rb, line 59 def get_url url = @url.to_s.end_with?("/") ? @url.to_s : "#@url/" # remove first and last / wp_content_dir = @wp_content_dir.sub(/^\//, "").sub(/\/$/, "") # remove first / path = @path.sub(/^\//, "") if type == "timthumbs" # timthumbs have folder in path variable ret = URI.parse("#{url}#{wp_content_dir}/#{path}") else ret = URI.parse("#{url}#{wp_content_dir}/#{get_sub_folder}/#{path}") end ret end
Gets the full url for this item without filenames
# File lib/wpscan/wp_item.rb, line 75 def get_url_without_filename location_url = get_url.to_s valid_location_url = location_url[%{^(https?://.*/)[^.]+\.[^/]+$}, 1] unless valid_location_url valid_location_url = add_trailing_slash(location_url) end URI.parse(valid_location_url) end
changelog.txt present?
# File lib/wpscan/wp_item.rb, line 145 def has_changelog? unless @changelog status = Browser.instance.get(changelog_url).code @changelog = status == 200 ? true : false end @changelog end
readme.txt present?
# File lib/wpscan/wp_item.rb, line 136 def has_readme? unless @readme status = Browser.instance.get(readme_url).code @readme = status == 200 ? true : false end @readme end
Url for readme.txt
# File lib/wpscan/wp_item.rb, line 126 def readme_url get_url_without_filename.merge("readme.txt") end
To string. Adds a version number if detected
# File lib/wpscan/wp_item.rb, line 105 def to_s item_version = version "#@name#{' v' + item_version.strip if item_version}" end
Returns version number from readme.txt if it exists
# File lib/wpscan/wp_item.rb, line 85 def version unless @version response = Browser.instance.get(get_url.merge("readme.txt").to_s) @version = response.body[%{stable tag: #{WpVersion.version_pattern}}, 1] end @version end
Generated with the Darkfish Rdoc Generator 2.