garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
e6b3d83ef5417d7bfdfc818944e77f5e1034c87d
wpscan/doc/WpVersion.html
Christian Mehlmauer 3f9ab4b38e docs
2013-01-19 21:42:44 +01:00

688 lines
32 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title>class WpVersion - RDoc Documentation</title>
<link type="text/css" media="screen" href="./rdoc.css" rel="stylesheet">
<script type="text/javascript">
var rdoc_rel_prefix = "./";
</script>
<script type="text/javascript" charset="utf-8" src="./js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="./js/navigation.js"></script>
<script type="text/javascript" charset="utf-8" src="./js/search_index.js"></script>
<script type="text/javascript" charset="utf-8" src="./js/search.js"></script>
<script type="text/javascript" charset="utf-8" src="./js/searcher.js"></script>
<script type="text/javascript" charset="utf-8" src="./js/darkfish.js"></script>
<body id="top" class="class">
<nav id="metadata">
<nav id="home-section" class="section">
<h3 class="section-header">
<a href="./index.html">Home</a>
<a href="./table_of_contents.html#classes">Classes</a>
<a href="./table_of_contents.html#methods">Methods</a>
</h3>
</nav>
<nav id="search-section" class="section project-section" class="initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<h3 class="section-header">
<input type="text" name="search" placeholder="Search" id="search-field"
title="Type to search, Up and Down to navigate, Enter to load">
</h3>
</form>
<ul id="search-results" class="initially-hidden"></ul>
</nav>
<div id="file-metadata">
<nav id="file-list-section" class="section">
<h3 class="section-header">Defined In</h3>
<ul>
<li>lib/wpscan/wp_version.rb
</ul>
</nav>
</div>
<div id="class-metadata">
<nav id="parent-class-section" class="section">
<h3 class="section-header">Parent</h3>
<p class="link"><a href="Vulnerable.html">Vulnerable</a>
</nav>
<!-- Method Quickref -->
<nav id="method-list-section" class="section">
<h3 class="section-header">Methods</h3>
<ul class="link-list">
<li><a href="#method-c-find">::find</a>
<li><a href="#method-c-find_from_advanced_fingerprinting">::find_from_advanced_fingerprinting</a>
<li><a href="#method-c-find_from_atom_generator">::find_from_atom_generator</a>
<li><a href="#method-c-find_from_links_opml">::find_from_links_opml</a>
<li><a href="#method-c-find_from_meta_generator">::find_from_meta_generator</a>
<li><a href="#method-c-find_from_rdf_generator">::find_from_rdf_generator</a>
<li><a href="#method-c-find_from_readme">::find_from_readme</a>
<li><a href="#method-c-find_from_rss_generator">::find_from_rss_generator</a>
<li><a href="#method-c-find_from_sitemap_generator">::find_from_sitemap_generator</a>
<li><a href="#method-c-new">::new</a>
<li><a href="#method-c-version_pattern">::version_pattern</a>
</ul>
</nav>
</div>
<div id="project-metadata">
<nav id="fileindex-section" class="section project-section">
<h3 class="section-header">Pages</h3>
<ul>
<li class="file"><a href="./CREDITS.html">CREDITS</a>
<li class="file"><a href="./Gemfile.html">Gemfile</a>
<li class="file"><a href="./README.html">README</a>
<li class="file"><a href="./log_txt.html">log</a>
</ul>
</nav>
<nav id="classindex-section" class="section project-section">
<h3 class="section-header">Class and Module Index</h3>
<ul class="link-list">
<li><a href="./Array.html">Array</a>
<li><a href="./Browser.html">Browser</a>
<li><a href="./BruteForce.html">BruteForce</a>
<li><a href="./CacheFileStore.html">CacheFileStore</a>
<li><a href="./CheckerPlugin.html">CheckerPlugin</a>
<li><a href="./CustomOptionParser.html">CustomOptionParser</a>
<li><a href="./GenerateList.html">GenerateList</a>
<li><a href="./GitUpdater.html">GitUpdater</a>
<li><a href="./ListGeneratorPlugin.html">ListGeneratorPlugin</a>
<li><a href="./Malwares.html">Malwares</a>
<li><a href="./Object.html">Object</a>
<li><a href="./Plugin.html">Plugin</a>
<li><a href="./Plugins.html">Plugins</a>
<li><a href="./SvnParser.html">SvnParser</a>
<li><a href="./SvnUpdater.html">SvnUpdater</a>
<li><a href="./URI.html">URI</a>
<li><a href="./Updater.html">Updater</a>
<li><a href="./UpdaterFactory.html">UpdaterFactory</a>
<li><a href="./Vulnerable.html">Vulnerable</a>
<li><a href="./WebSite.html">WebSite</a>
<li><a href="./WpConfigBackup.html">WpConfigBackup</a>
<li><a href="./WpDetector.html">WpDetector</a>
<li><a href="./WpEnumerator.html">WpEnumerator</a>
<li><a href="./WpFullPathDisclosure.html">WpFullPathDisclosure</a>
<li><a href="./WpItem.html">WpItem</a>
<li><a href="./WpLoginProtection.html">WpLoginProtection</a>
<li><a href="./WpOptions.html">WpOptions</a>
<li><a href="./WpPlugin.html">WpPlugin</a>
<li><a href="./WpPlugins.html">WpPlugins</a>
<li><a href="./WpReadme.html">WpReadme</a>
<li><a href="./WpTarget.html">WpTarget</a>
<li><a href="./WpTheme.html">WpTheme</a>
<li><a href="./WpThemes.html">WpThemes</a>
<li><a href="./WpTimthumbs.html">WpTimthumbs</a>
<li><a href="./WpUser.html">WpUser</a>
<li><a href="./WpUsernames.html">WpUsernames</a>
<li><a href="./WpVersion.html">WpVersion</a>
<li><a href="./WpVulnerability.html">WpVulnerability</a>
<li><a href="./WpscanOptions.html">WpscanOptions</a>
</ul>
</nav>
</div>
</nav>
<div id="documentation">
<h1 class="class">class WpVersion</h1>
<div id="description" class="description">
</div><!-- description -->
<section id="5Buntitled-5D" class="documentation-section">
<!-- Attributes -->
<section id="attribute-method-details" class="method-section section">
<h3 class="section-header">Attributes</h3>
<div id="attribute-i-discovery_method" class="method-detail">
<div class="method-heading attribute-method-heading">
<span class="method-name">discovery_method</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
</div>
</div>
<div id="attribute-i-number" class="method-detail">
<div class="method-heading attribute-method-heading">
<span class="method-name">number</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
</div>
</div>
</section><!-- attribute-method-details -->
<!-- Methods -->
<section id="public-class-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Public Class Methods</h3>
<div id="method-c-find" class="method-detail ">
<div class="method-heading">
<span class="method-name">find</span><span
class="method-args">(target_uri, wp_content_dir)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Will use all method self.find_from_* to try to detect the version Once the
version is found, it will return a <a href="WpVersion.html">WpVersion</a>
object The method_name will be without find_from_ and _ will be replace
by (IE meta generator, rss generator etc) If the version is not
found, nil is returned</p>
<p>The order in which the find_from_* methods are is important, they will be
called in the same order (<a
href="WpVersion.html#method-c-find_from_meta_generator">::find_from_meta_generator</a>,
<a
href="WpVersion.html#method-c-find_from_rss_generator">::find_from_rss_generator</a>
etc)</p>
<div class="method-source-code" id="find-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 39</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find</span>(<span class="ruby-identifier">target_uri</span>, <span class="ruby-identifier">wp_content_dir</span>)
<span class="ruby-identifier">options</span> = {
<span class="ruby-value">:base_url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">target_uri</span>,
<span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">wp_content_dir</span>
}
<span class="ruby-keyword">self</span>.<span class="ruby-identifier">methods</span>.<span class="ruby-identifier">grep</span>(<span class="ruby-regexp">%rfind_from_/</span>).<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">method_to_call</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">version</span> = <span class="ruby-keyword">self</span>.<span class="ruby-identifier">send</span>(<span class="ruby-identifier">method_to_call</span>, <span class="ruby-identifier">options</span>)
<span class="ruby-keyword">if</span> <span class="ruby-identifier">version</span>
<span class="ruby-keyword">return</span> <span class="ruby-identifier">new</span>(<span class="ruby-identifier">version</span>, <span class="ruby-value">:discovery_method</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">method_to_call</span>[<span class="ruby-regexp">%r{find_from_(.*)}</span>, <span class="ruby-value">1</span>].<span class="ruby-identifier">gsub</span>(<span class="ruby-string">'_'</span>, <span class="ruby-string">' '</span>))
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">nil</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- find-source -->
</div>
</div><!-- find-method -->
<div id="method-c-new" class="method-detail ">
<div class="method-heading">
<span class="method-name">new</span><span
class="method-args">(number, options = {})</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="new-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 25</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">number</span>, <span class="ruby-identifier">options</span> = {})
<span class="ruby-ivar">@number</span> = <span class="ruby-identifier">number</span>
<span class="ruby-ivar">@discovery_method</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:discovery_method</span>]
<span class="ruby-ivar">@vulns_file</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_file</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">WP_VULNS_FILE</span>
<span class="ruby-ivar">@vulns_xpath</span> = <span class="ruby-node">&quot;//wordpress[@version='#{@number}']/vulnerability&quot;</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- new-source -->
</div>
</div><!-- new-method -->
</section><!-- public-class-method-details -->
<section id="protected-class-5Buntitled-5D-method-details" class="method-section section">
<h3 class="section-header">Protected Class Methods</h3>
<div id="method-c-find_from_advanced_fingerprinting" class="method-detail ">
<div class="method-heading">
<span class="method-name">find_from_advanced_fingerprinting</span><span
class="method-args">(options)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Uses data/wp_versions.xml to try to identify a wordpress version.</p>
<p>It does this by using client side file hashing</p>
<pre>/!\ Warning : this method might return false positive if the file used for fingerprinting is part of a theme (they can be updated)</pre>
<div class="method-source-code" id="find_from_advanced_fingerprinting-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 124</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_advanced_fingerprinting</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:base_url</span>]
<span class="ruby-comment"># needed for rpsec tests</span>
<span class="ruby-identifier">version_xml</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:version_xml</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">&quot;/wp_versions.xml&quot;</span>
<span class="ruby-identifier">xml</span> = <span class="ruby-constant">Nokogiri</span><span class="ruby-operator">::</span><span class="ruby-constant">XML</span>(<span class="ruby-constant">File</span>.<span class="ruby-identifier">open</span>(<span class="ruby-identifier">version_xml</span>)) <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">config</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">config</span>.<span class="ruby-identifier">noblanks</span>
<span class="ruby-keyword">end</span>
<span class="ruby-identifier">xml</span>.<span class="ruby-identifier">xpath</span>(<span class="ruby-string">&quot;//file&quot;</span>).<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">node</span><span class="ruby-operator">|</span>
<span class="ruby-identifier">wp_content</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>]
<span class="ruby-identifier">wp_plugins</span> = <span class="ruby-node">&quot;#{wp_content}/plugins&quot;</span>
<span class="ruby-identifier">file_url</span> = <span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-identifier">node</span>.<span class="ruby-identifier">attribute</span>(<span class="ruby-string">'src'</span>).<span class="ruby-identifier">text</span>).<span class="ruby-identifier">to_s</span>
<span class="ruby-identifier">file_url</span> = <span class="ruby-identifier">file_url</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp">%r\$wp-plugins\$/</span>, <span class="ruby-identifier">wp_plugins</span>).<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp">%r\$wp-content\$/</span>, <span class="ruby-identifier">wp_content</span>)
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">file_url</span>)
<span class="ruby-identifier">md5sum</span> = <span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">MD5</span>.<span class="ruby-identifier">hexdigest</span>(<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>)
<span class="ruby-identifier">node</span>.<span class="ruby-identifier">search</span>(<span class="ruby-string">'hash'</span>).<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">hash</span><span class="ruby-operator">|</span>
<span class="ruby-keyword">if</span> <span class="ruby-identifier">hash</span>.<span class="ruby-identifier">attribute</span>(<span class="ruby-string">'md5'</span>).<span class="ruby-identifier">text</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">md5sum</span>
<span class="ruby-keyword">return</span> <span class="ruby-identifier">hash</span>.<span class="ruby-identifier">search</span>(<span class="ruby-string">'version'</span>).<span class="ruby-identifier">text</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span>
<span class="ruby-keyword">nil</span> <span class="ruby-comment"># Otherwise the data['file'] is returned (issue #107)</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- find_from_advanced_fingerprinting-source -->
</div>
</div><!-- find_from_advanced_fingerprinting-method -->
<div id="method-c-find_from_atom_generator" class="method-detail ">
<div class="method-heading">
<span class="method-name">find_from_atom_generator</span><span
class="method-args">(options)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Attempts to find the WordPress version from, the generator tag in the Atom
source.</p>
<div class="method-source-code" id="find_from_atom_generator-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 99</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_atom_generator</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:base_url</span>]
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;feed/atom/&quot;</span>).<span class="ruby-identifier">to_s</span>, {<span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>})
<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-node">%r{&lt;generator uri=&quot;http://wordpress.org/&quot; version=&quot;#{WpVersion.version_pattern}&quot;&gt;WordPress&lt;/generator&gt;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
</div><!-- find_from_atom_generator-source -->
</div>
</div><!-- find_from_atom_generator-method -->
<div id="method-c-find_from_links_opml" class="method-detail ">
<div class="method-heading">
<span class="method-name">find_from_links_opml</span><span
class="method-args">(options)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Attempts to find the WordPress version from the p-links-opml.php file.</p>
<div class="method-source-code" id="find_from_links_opml-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 164</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_links_opml</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:base_url</span>]
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;wp-links-opml.php&quot;</span>).<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>[<span class="ruby-node">%r{generator=&quot;wordpress/#{WpVersion.version_pattern}&quot;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
</div><!-- find_from_links_opml-source -->
</div>
</div><!-- find_from_links_opml-method -->
<div id="method-c-find_from_meta_generator" class="method-detail ">
<div class="method-heading">
<span class="method-name">find_from_meta_generator</span><span
class="method-args">(options)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Attempts to find the wordpress version from, the generator meta tag in the
html source.</p>
<p>The meta tag can be removed however it seems, that it is reinstated on
upgrade.</p>
<div class="method-source-code" id="find_from_meta_generator-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 61</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_meta_generator</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:base_url</span>]
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">to_s</span>, {<span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>})
<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-node">%r{name=&quot;generator&quot; content=&quot;wordpress #{WpVersion.version_pattern}&quot;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
</div><!-- find_from_meta_generator-source -->
</div>
</div><!-- find_from_meta_generator-method -->
<div id="method-c-find_from_rdf_generator" class="method-detail ">
<div class="method-heading">
<span class="method-name">find_from_rdf_generator</span><span
class="method-args">(options)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Attempts to find WordPress version from, the generator tag in the RDF feed
source.</p>
<div class="method-source-code" id="find_from_rdf_generator-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 79</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_rdf_generator</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:base_url</span>]
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;feed/rdf/&quot;</span>).<span class="ruby-identifier">to_s</span>, {<span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>})
<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-node">%r{&lt;admin:generatorAgent rdf:resource=&quot;http://wordpress.org/\?v=#{WpVersion.version_pattern}&quot; /&gt;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
</div><!-- find_from_rdf_generator-source -->
</div>
</div><!-- find_from_rdf_generator-method -->
<div id="method-c-find_from_readme" class="method-detail ">
<div class="method-heading">
<span class="method-name">find_from_readme</span><span
class="method-args">(options)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Attempts to find the WordPress version from the readme.html file.</p>
<div class="method-source-code" id="find_from_readme-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 150</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_readme</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:base_url</span>]
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;readme.html&quot;</span>).<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>[<span class="ruby-node">%r{&lt;br /&gt;\sversion #{WpVersion.version_pattern}}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
</div><!-- find_from_readme-source -->
</div>
</div><!-- find_from_readme-method -->
<div id="method-c-find_from_rss_generator" class="method-detail ">
<div class="method-heading">
<span class="method-name">find_from_rss_generator</span><span
class="method-args">(options)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Attempts to find the WordPress version from, the generator tag in the RSS
feed source.</p>
<div class="method-source-code" id="find_from_rss_generator-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 70</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_rss_generator</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:base_url</span>]
<span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;feed/&quot;</span>).<span class="ruby-identifier">to_s</span>, {<span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>})
<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>[<span class="ruby-node">%r{&lt;generator&gt;http://wordpress.org/\?v=#{WpVersion.version_pattern}&lt;/generator&gt;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
</div><!-- find_from_rss_generator-source -->
</div>
</div><!-- find_from_rss_generator-method -->
<div id="method-c-find_from_sitemap_generator" class="method-detail ">
<div class="method-heading">
<span class="method-name">find_from_sitemap_generator</span><span
class="method-args">(options)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Attempts to find the WordPress version from the sitemap.xml file.</p>
<p>See: <a
href="http://code.google.com/p/wpscan/issues/detail?id=109">code.google.com/p/wpscan/issues/detail?id=109</a></p>
<div class="method-source-code" id="find_from_sitemap_generator-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 158</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_sitemap_generator</span>(<span class="ruby-identifier">options</span>)
<span class="ruby-identifier">target_uri</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:base_url</span>]
<span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;sitemap.xml&quot;</span>).<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>[<span class="ruby-node">%r{generator=&quot;wordpress/#{WpVersion.version_pattern}&quot;}</span>, <span class="ruby-value">1</span>]
<span class="ruby-keyword">end</span></pre>
</div><!-- find_from_sitemap_generator-source -->
</div>
</div><!-- find_from_sitemap_generator-method -->
<div id="method-c-version_pattern" class="method-detail ">
<div class="method-heading">
<span class="method-name">version_pattern</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<p>Used to check if the version is correct: must contain at least one dot.</p>
<div class="method-source-code" id="version_pattern-source">
<pre><span class="ruby-comment"># File lib/wpscan/wp_version.rb, line 170</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">version_pattern</span>
<span class="ruby-string">'([^\r\n&quot;\]+\.[^\r\n&quot;\]+)'</span>
<span class="ruby-keyword">end</span></pre>
</div><!-- version_pattern-source -->
</div>
</div><!-- version_pattern-method -->
</section><!-- protected-class-method-details -->
</section><!-- 5Buntitled-5D -->
</div><!-- documentation -->
<footer id="validator-badges">
<p><a href="http://validator.w3.org/check/referer">[Validate]</a>
<p>Generated by <a href="https://github.com/rdoc/rdoc">RDoc</a> 3.12.
<p>Generated with the <a href="http://deveiate.org/projects/Darkfish-Rdoc/">Darkfish Rdoc Generator</a> 3.
</footer>
Reference in New Issue View Git Blame Copy Permalink