garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
21221d48d04e5833859f44a99898e0a5d0108a92
wpscan/lib/common/collections/wp_plugins/detectable.rb
Christian Mehlmauer 12dfc60f75 Added detection for Yoast Wordpress SEO plugin
2014-08-30 12:18:31 +02:00

80 lines
2.0 KiB
Ruby
Raw Blame History

# encoding: UTF-8
class WpPlugins < WpItems
module Detectable
# @return [ String ]
def vulns_file
PLUGINS_VULNS_FILE
end
# @return [ String ]
# def item_xpath
# '//plugin'
# end
# @param [ WpTarget ] wp_target
# @param [ Hash ] options
#
# @return [ WpPlugins ]
def passive_detection(wp_target, options = {})
detected = super(wp_target, options)
detected += from_header(wp_target)
detected += from_content(wp_target)
detected.uniq! { |i| i.name }
detected
end
protected
# X-Powered-By: W3 Total Cache/0.9.2.5
# WP-Super-Cache: Served supercache file from PHP
# @param [ WpTarget ] wp_target
#
# @return [ WpPlugins ]
def from_header(wp_target)
headers = Browser.get(wp_target.url).headers
wp_plugins = WpPlugins.new(wp_target)
if headers
powered_by = headers['X-Powered-By'].to_s
wp_super_cache = headers['wp-super-cache'].to_s
if matches = /W3 Total Cache\/([0-9.]+)/i.match(powered_by)
wp_plugins.add('w3-total-cache', version: matches[1])
end
wp_plugins.add('wp-super-cache') if wp_super_cache =~ /supercache/i
end
wp_plugins
end
# <!-- Cached page generated by WP-Super-Cache on 2013-05-03 14:46:37 -->
# <!-- Performance optimized by W3 Total Cache.
# @param [ WpTarget ] wp_target
#
# @return [ WpPlugins ]
def from_content(wp_target)
body = Browser.get(wp_target.url).body
wp_plugins = WpPlugins.new(wp_target)
wp_plugins.add('wp-super-cache') if body =~ /wp-super-cache/i
wp_plugins.add('w3-total-cache') if body =~ /w3 total cache/i
if body =~ /<!-- all in one seo pack ([^\s]+)/i
wp_plugins.add('all-in-one-seo-pack', version: $1)
end
if body =~ /<!-- This site is optimized with the Yoast WordPress SEO plugin v([^\s]+) -/i
wp_plugins.add('wordpress-seo', version: $1)
end
wp_plugins
end
end
end
Reference in New Issue View Git Blame Copy Permalink