wpscan/app/finders/users.rb

# frozen_string_literal: true

require_relative 'users/author_posts'
require_relative 'users/wp_json_api'
require_relative 'users/oembed_api'
require_relative 'users/rss_generator'
require_relative 'users/author_id_brute_forcing'
require_relative 'users/login_error_messages'
require_relative 'users/author_sitemap'
require_relative 'users/yoast_seo_author_sitemap'

module WPScan
  module Finders
    # Specific Finders container to filter the usernames found
    # and remove the ones matching ParsedCli.exclude_username if supplied
    class UsersFinders < SameTypeFinders
      def filter_findings
        findings.delete_if { |user| ParsedCli.exclude_usernames.match?(user.username) } if ParsedCli.exclude_usernames

        findings
      end
    end

    module Users
      # Users Finder
      class Base
        include CMSScanner::Finders::SameTypeFinder

        # @param [ WPScan::Target ] target
        def initialize(target)
          finders <<
            Users::AuthorPosts.new(target) <<
            Users::WpJsonApi.new(target) <<
            Users::OembedApi.new(target) <<
            Users::RSSGenerator.new(target) <<
            Users::AuthorSitemap.new(target) <<
            Users::YoastSeoAuthorSitemap.new(target) <<
            Users::AuthorIdBruteForcing.new(target) <<
            Users::LoginErrorMessages.new(target)
        end

        def finders
          @finders ||= Finders::UsersFinders.new
        end
      end
    end
  end
end