75 lines
1.8 KiB
Ruby
75 lines
1.8 KiB
Ruby
# encoding: UTF-8
|
|
|
|
class WpPlugins < WpItems
|
|
module Detectable
|
|
|
|
# @return [ String ]
|
|
def vulns_file
|
|
PLUGINS_VULNS_FILE
|
|
end
|
|
|
|
# @return [ String ]
|
|
def item_xpath
|
|
'//plugin'
|
|
end
|
|
|
|
# @param [ WpTarget ] wp_target
|
|
# @param [ Hash ] options
|
|
#
|
|
# @return [ WpPlugins ]
|
|
def passive_detection(wp_target, options = {})
|
|
detected = super(wp_target, options)
|
|
|
|
detected += from_header(wp_target)
|
|
detected += from_content(wp_target)
|
|
|
|
detected.sort.uniq!
|
|
detected
|
|
end
|
|
|
|
protected
|
|
|
|
# X-Powered-By: W3 Total Cache/0.9.2.5
|
|
# @param [ Typhoeus::Response ] response
|
|
#
|
|
# @return [ WpPlugins ]
|
|
def from_header(wp_target)
|
|
wp_plugins = WpPlugins.new
|
|
response = Browser.get(wp_target.url)
|
|
|
|
if response.headers && powered_by = response.headers[:x_powered_by]
|
|
if powered_by =~ /W3 Total Cache\/([^0-9.]+)/i
|
|
wp_plugins << WpPlugin.new(
|
|
wp_target.uri,
|
|
self.item_options(wp_target).merge(name: 'w3-total-cache', version: $1)
|
|
)
|
|
end
|
|
end
|
|
wp_plugins
|
|
end
|
|
|
|
# <!-- Cached page generated by WP-Super-Cache on 2013-05-03 14:46:37 -->
|
|
# <!-- Performance optimized by W3 Total Cache.
|
|
# @param [ Typhoeus::Response ] response
|
|
#
|
|
# @return [ WpPlugins ]
|
|
def from_content(wp_target)
|
|
body = Browser.get(wp_target.url).body
|
|
wp_plugins = WpPlugins.new
|
|
options = self.item_options(wp_target)
|
|
|
|
if body =~ /wp-super-cache/i
|
|
wp_plugins << WpPlugin.new(wp_target.uri, options.merge(name: 'wp-super-cache'))
|
|
end
|
|
|
|
if body =~ /w3 total cache/i
|
|
wp_plugins << WpPlugin.new(wp_target.uri, options.merge(name: 'w3-total-cache'))
|
|
end
|
|
|
|
wp_plugins.uniq!
|
|
wp_plugins
|
|
end
|
|
|
|
end
|
|
end
|