Class: WPScan::Finders::Plugins::Headers

Inherits:

CMSScanner::Finders::Finder

• Object
• CMSScanner::Finders::Finder
• WPScan::Finders::Plugins::Headers

Defined in:

app/finders/plugins/headers.rb

Overview

Plugins from Headers Finder

Instance Method Summary

• #passive(opts = {}) ⇒ Array<Plugin>
• #plugin_names_from_headers(_opts = {}) ⇒ Array<String>

  X-Powered-By: W3 Total Cache/0.9.2.5 WP-Super-Cache: Served supercache file from PHP.

Instance Method Details

#passive(opts = {}) ⇒ Array<Plugin>

Parameters:

• opts (Hash) (defaults to: {})

Returns:

• (Array<Plugin>)

# File 'app/finders/plugins/headers.rb', line 9

def passive(opts = {})
  plugin_names_from_headers(opts).reduce([]) do |a, e|
    a << WPScan::Plugin.new(e, target, opts.merge(found_by: found_by, confidence: 60))
  end
end

#plugin_names_from_headers(_opts = {}) ⇒ Array<String>

X-Powered-By: W3 Total Cache/0.9.2.5 WP-Super-Cache: Served supercache file from PHP

Returns:

• (Array<String>)

# File 'app/finders/plugins/headers.rb', line 19

def plugin_names_from_headers(_opts = {})
  found   = []
  headers = target.homepage_res.headers

  if headers
    powered_by     = headers['X-Powered-By'].to_s
    wp_super_cache = headers['wp-super-cache'].to_s

    found << 'w3-total-cache' if powered_by =~ Finders::PluginVersion::W3TotalCache::Headers::PATTERN
    found << 'wp-super-cache' if wp_super_cache =~ /supercache/i
  end

  found
end