Will load the options from ARGV return WpscanOptions
# File lib/wpscan/wpscan_options.rb, line 159 def self.load_from_arguments wpscan_options = WpscanOptions.new if ARGV.length > 0 WpscanOptions.get_opt_long.each do |opt, arg| wpscan_options.set_option_from_cli(opt, arg) end end wpscan_options end
# File lib/wpscan/wpscan_options.rb, line 51 def initialize ACCESSOR_OPTIONS.each do |option| instance_variable_set("@#{option}", nil) end end
Will removed the ‘-’ or ‘–’ chars at the beginning of option and replace any remaining ‘-’ by ‘_’
param string option return string
# File lib/wpscan/wpscan_options.rb, line 256 def self.clean_option(option) cleaned_option = option.gsub(%r^--?/, '') cleaned_option.gsub(%r-/, '_') end
Even if a short option is given (IE : -u), the long one will be returned (IE : –url)
# File lib/wpscan/wpscan_options.rb, line 226 def self.get_opt_long GetoptLong.new( ["--url", "-u", GetoptLong::REQUIRED_ARGUMENT], ["--enumerate", "-e", GetoptLong::OPTIONAL_ARGUMENT], ["--username", "-U", GetoptLong::REQUIRED_ARGUMENT], ["--wordlist", "-w", GetoptLong::REQUIRED_ARGUMENT], ["--threads", "-t", GetoptLong::REQUIRED_ARGUMENT], ["--force", "-f", GetoptLong::NO_ARGUMENT], ["--help", "-h", GetoptLong::NO_ARGUMENT], ["--verbose", "-v", GetoptLong::NO_ARGUMENT], ["--proxy", GetoptLong::REQUIRED_ARGUMENT], ["--proxy-auth", GetoptLong::REQUIRED_ARGUMENT], ["--update", GetoptLong::NO_ARGUMENT], ["--follow-redirection", GetoptLong::NO_ARGUMENT], ["--wp-content-dir", GetoptLong::REQUIRED_ARGUMENT], ["--wp-plugins-dir", GetoptLong::REQUIRED_ARGUMENT], ["--config-file", "-c", GetoptLong::REQUIRED_ARGUMENT], ["--exclude-content-based", GetoptLong::REQUIRED_ARGUMENT] ) end
# File lib/wpscan/wpscan_options.rb, line 247 def self.is_long_option?(option) ACCESSOR_OPTIONS.include?(:"#{WpscanOptions.clean_option(option)}") end
# File lib/wpscan/wpscan_options.rb, line 261 def self.option_to_instance_variable_setter(option) cleaned_option = WpscanOptions.clean_option(option) option_syms = ACCESSOR_OPTIONS.grep(%r{^#{cleaned_option}$}) option_syms.length == 1 ? :"#{option_syms.at(0)}=" : nil end
# File lib/wpscan/wpscan_options.rb, line 107 def enumerate_all_plugins=(enumerate_all_plugins) if enumerate_all_plugins === true and (@enumerate_plugins === true or @enumerate_only_vulnerable_plugins === true) raise "Please choose only one plugin enumeration option" else @enumerate_all_plugins = enumerate_all_plugins end end
# File lib/wpscan/wpscan_options.rb, line 131 def enumerate_all_themes=(enumerate_all_themes) if enumerate_all_themes === true and (@enumerate_themes === true or @enumerate_only_vulnerable_themes === true) raise "Please choose only one theme enumeration option" else @enumerate_all_themes = enumerate_all_themes end end
# File lib/wpscan/wpscan_options.rb, line 99 def enumerate_only_vulnerable_plugins=(enumerate_only_vulnerable_plugins) if enumerate_only_vulnerable_plugins === true and (@enumerate_all_plugins === true or @enumerate_plugins === true) raise "Please choose only one plugin enumeration option" else @enumerate_only_vulnerable_plugins = enumerate_only_vulnerable_plugins end end
# File lib/wpscan/wpscan_options.rb, line 123 def enumerate_only_vulnerable_themes=(enumerate_only_vulnerable_themes) if enumerate_only_vulnerable_themes === true and (@enumerate_all_themes === true or @enumerate_themes === true) raise "Please choose only one theme enumeration option" else @enumerate_only_vulnerable_themes = enumerate_only_vulnerable_themes end end
Will set enumerate_* from the string value IE : if value = vp => :enumerate_only_vulnerable_plugins will be set to true multiple enumeration are possible : ‘u,p’ => :enumerate_usernames and :enumerate_plugins Special case for usernames, a range is possible : u will enumerate usernames from 1 to 10
# File lib/wpscan/wpscan_options.rb, line 194 def enumerate_options_from_string(value) # Usage of self is mandatory because there are overridden setters value = value.split(',').map{ |c| c.downcase } self.enumerate_only_vulnerable_plugins = true if value.include?('vp') self.enumerate_plugins = true if value.include?('p') self.enumerate_all_plugins = true if value.include?('ap') @enumerate_timthumbs = true if value.include?('tt') self.enumerate_only_vulnerable_themes = true if value.include?('vt') self.enumerate_themes = true if value.include?('t') self.enumerate_all_themes = true if value.include?('at') value.grep(%r^u/) do |username_enum_value| @enumerate_usernames = true # Check for usernames range matches = %r{\[([\d]+)-([\d]+)\]}.match(username_enum_value) if matches @enumerate_usernames_range = (matches[1].to_i..matches[2].to_i) end end end
# File lib/wpscan/wpscan_options.rb, line 91 def enumerate_plugins=(enumerate_plugins) if enumerate_plugins === true and (@enumerate_all_plugins === true or @enumerate_only_vulnerable_plugins === true) raise "Please choose only one plugin enumeration option" else @enumerate_plugins = enumerate_plugins end end
# File lib/wpscan/wpscan_options.rb, line 115 def enumerate_themes=(enumerate_themes) if enumerate_themes === true and (@enumerate_all_themes === true or @enumerate_only_vulnerable_themes === true) raise "Please choose only one theme enumeration option" else @enumerate_themes = enumerate_themes end end
# File lib/wpscan/wpscan_options.rb, line 139 def has_options? !to_h.empty? end
# File lib/wpscan/wpscan_options.rb, line 75 def proxy=(proxy) if proxy.index(':') == nil raise "Invalid proxy format. Should be host:port." else @proxy = proxy end end
# File lib/wpscan/wpscan_options.rb, line 83 def proxy_auth=(auth) if auth.index(':') == nil raise "Invalid proxy auth format, username:password expected" else @proxy_auth = auth end end
string cli_option : –url, -u, –proxy etc string cli_value : the option value
# File lib/wpscan/wpscan_options.rb, line 173 def set_option_from_cli(cli_option, cli_value) if WpscanOptions.is_long_option?(cli_option) self.send( WpscanOptions.option_to_instance_variable_setter(cli_option), cli_value ) elsif cli_option === "--enumerate" # Special cases # Default value if no argument is given cli_value = "vt,tt,u,vp" if cli_value.length == 0 enumerate_options_from_string(cli_value) else raise "Unknow option : #{cli_option} with value #{cli_value}" end end
# File lib/wpscan/wpscan_options.rb, line 63 def threads=(threads) @threads = threads.is_a?(Integer) ? threads : threads.to_i end
return Hash
# File lib/wpscan/wpscan_options.rb, line 144 def to_h options = {} ACCESSOR_OPTIONS.each do |option| instance_variable = instance_variable_get("@#{option}") unless instance_variable.nil? options[:"#{option}"] = instance_variable end end options end
# File lib/wpscan/wpscan_options.rb, line 57 def url=(url) raise "Empty URL given" if !url @url = URI.parse(add_http_protocol(url)).to_s end
# File lib/wpscan/wpscan_options.rb, line 67 def wordlist=(wordlist) if File.exists?(wordlist) @wordlist = wordlist else raise "The file #{wordlist} does not exist" end end