Class: WPScan::Finders::MainTheme::CssStyle

Inherits:

CMSScanner::Finders::Finder

• Object
• CMSScanner::Finders::Finder
• WPScan::Finders::MainTheme::CssStyle

Includes:

WpItems::URLsInHomepage

Defined in:

app/finders/main_theme/css_style.rb

Overview

From the css style

Instance Method Summary

• #create_theme(name, style_url, opts) ⇒ Object
• #passive(opts = {}) ⇒ Object
• #passive_from_css_href(res, opts) ⇒ Object
• #passive_from_style_code(res, opts) ⇒ Object

Methods included from WpItems::URLsInHomepage

#item_attribute_pattern, #item_code_pattern, #item_url_pattern, #items_from_codes, #items_from_links

Instance Method Details

#create_theme(name, style_url, opts) ⇒ Object

# File 'app/finders/main_theme/css_style.rb', line 8

def create_theme(name, style_url, opts)
  WPScan::Theme.new(
    name,
    target,
    opts.merge(found_by: found_by, confidence: 70, style_url: style_url)
  )
end

#passive(opts = {}) ⇒ Object

# File 'app/finders/main_theme/css_style.rb', line 16

def passive(opts = {})
  passive_from_css_href(target.homepage_res, opts) || passive_from_style_code(target.homepage_res, opts)
end

#passive_from_css_href(res, opts) ⇒ Object

# File 'app/finders/main_theme/css_style.rb', line 20

def passive_from_css_href(res, opts)
  target.in_scope_urls(res, '//style|//link') do |url|
    next unless Addressable::URI.parse(url).path =~ %r{/themes/([^\/]+)/style.css\z}i

    return create_theme(Regexp.last_match[1], url, opts)
  end
  nil
end

#passive_from_style_code(res, opts) ⇒ Object

# File 'app/finders/main_theme/css_style.rb', line 29

def passive_from_style_code(res, opts)
  res.html.css('style').each do |tag|
    code = tag.text.to_s
    next if code.empty?

    next unless code =~ %r{#{item_code_pattern('themes')}\\?/style\.css[^"'\( ]*}i

    return create_theme(Regexp.last_match[1], Regexp.last_match[0].strip, opts)
  end
  nil
end