79 lines
1.8 KiB
Ruby
79 lines
1.8 KiB
Ruby
# encoding: UTF-8
|
|
|
|
class WpPlugins < WpItems
|
|
module Detectable
|
|
|
|
# @return [ String ]
|
|
def vulns_file
|
|
PLUGINS_VULNS_FILE
|
|
end
|
|
|
|
# @return [ String ]
|
|
def item_xpath
|
|
'//plugin'
|
|
end
|
|
|
|
# @param [ WpTarget ] wp_target
|
|
# @param [ Hash ] options
|
|
#
|
|
# @return [ WpPlugins ]
|
|
def passive_detection(wp_target, options = {})
|
|
detected = super(wp_target, options)
|
|
|
|
detected += from_header(wp_target)
|
|
detected += from_content(wp_target)
|
|
|
|
detected.uniq! { |i| i.name }
|
|
detected
|
|
end
|
|
|
|
protected
|
|
|
|
# X-Powered-By: W3 Total Cache/0.9.2.5
|
|
# WP-Super-Cache: Served supercache file from PHP
|
|
# @param [ WpTarget ] wp_target
|
|
#
|
|
# @return [ WpPlugins ]
|
|
def from_header(wp_target)
|
|
headers = Browser.get(wp_target.url).headers
|
|
wp_plugins = WpPlugins.new
|
|
|
|
if headers
|
|
powered_by = headers[:x_powered_by]
|
|
wp_super_cache = headers['wp-super-cache']
|
|
|
|
if powered_by =~ /W3 Total Cache/i
|
|
wp_plugins << create_item(WpPlugin, 'w3-total-cache', wp_target)
|
|
end
|
|
|
|
if wp_super_cache =~ /supercache/i
|
|
wp_plugins << create_item(WpPlugin, 'wp-super-cache', wp_target)
|
|
end
|
|
end
|
|
|
|
wp_plugins
|
|
end
|
|
|
|
# <!-- Cached page generated by WP-Super-Cache on 2013-05-03 14:46:37 -->
|
|
# <!-- Performance optimized by W3 Total Cache.
|
|
# @param [ WpTarget ] wp_target
|
|
#
|
|
# @return [ WpPlugins ]
|
|
def from_content(wp_target)
|
|
body = Browser.get(wp_target.url).body
|
|
wp_plugins = WpPlugins.new
|
|
|
|
if body =~ /wp-super-cache/i
|
|
wp_plugins << create_item(WpPlugin, 'wp-super-cache', wp_target)
|
|
end
|
|
|
|
if body =~ /w3 total cache/i
|
|
wp_plugins << create_item(WpPlugin, 'w3-total-cache', wp_target)
|
|
end
|
|
|
|
wp_plugins
|
|
end
|
|
|
|
end
|
|
end
|