61 lines
1.9 KiB
Ruby
61 lines
1.9 KiB
Ruby
#--
|
|
# WPScan - WordPress Security Scanner
|
|
# Copyright (C) 2012
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
#++
|
|
|
|
module Malwares
|
|
# Used as cache : nil => malwares not checked, [] => no malwares, otherwise array of malwares url found
|
|
@malwares = nil
|
|
|
|
def has_malwares?(malwares_file_path = nil)
|
|
!malwares(malwares_file_path).empty?
|
|
end
|
|
|
|
# return array of string (url of malwares found)
|
|
def malwares(malwares_file_path = nil)
|
|
if @malwares.nil?
|
|
malwares_found = []
|
|
malwares_file = Malwares.malwares_file(malwares_file_path)
|
|
index_page_body = Browser.instance.get(@uri.to_s).body
|
|
|
|
File.open(malwares_file, 'r') do |file|
|
|
file.readlines.collect do |url|
|
|
chomped_url = url.chomp
|
|
|
|
if chomped_url.length > 0
|
|
malwares_found += index_page_body.scan(Malwares.malware_pattern(chomped_url))
|
|
end
|
|
end
|
|
end
|
|
|
|
malwares_found.flatten!
|
|
malwares_found.uniq!
|
|
|
|
@malwares = malwares_found
|
|
end
|
|
@malwares
|
|
end
|
|
|
|
def self.malwares_file(malwares_file_path)
|
|
malwares_file_path || DATA_DIR + '/malwares.txt'
|
|
end
|
|
|
|
def self.malware_pattern(url_regex)
|
|
# no need to escape regex here, because malware.txt contains regex
|
|
%r{<(?:script|iframe).* src=(?:"|')(#{url_regex}[^"']*)(?:"|')[^>]*>}i
|
|
end
|
|
end
|