Class: WPScan::Finders::Themes::KnownLocations
- Inherits:
-
CMSScanner::Finders::Finder
- Object
- CMSScanner::Finders::Finder
- WPScan::Finders::Themes::KnownLocations
- Includes:
- CMSScanner::Finders::Finder::Enumerator
- Defined in:
- app/finders/themes/known_locations.rb
Overview
Known Locations Themes Finder
Instance Method Summary collapse
- #aggressive(opts = {}) ⇒ Array<Theme>
- #create_progress_bar(opts = {}) ⇒ Object
- #target_urls(opts = {}) ⇒ Hash
Instance Method Details
#aggressive(opts = {}) ⇒ Array<Theme>
12 13 14 15 16 17 18 19 20 21 22 23 24 |
# File 'app/finders/themes/known_locations.rb', line 12 def aggressive(opts = {}) found = [] enumerate(target_urls(opts), opts) do |res, name| # TODO: follow the location (from enumerate()) and remove the 301 here ? # As a result, it might remove false positive due to redirection to the homepage next unless [200, 401, 403, 301].include?(res.code) found << WPScan::Theme.new(name, target, opts.merge(found_by: found_by, confidence: 80)) end found end |
#create_progress_bar(opts = {}) ⇒ Object
42 43 44 |
# File 'app/finders/themes/known_locations.rb', line 42 def (opts = {}) super(opts.merge(title: ' Checking Known Locations -')) end |
#target_urls(opts = {}) ⇒ Hash
30 31 32 33 34 35 36 37 38 39 40 |
# File 'app/finders/themes/known_locations.rb', line 30 def target_urls(opts = {}) names = opts[:list] || DB::Themes.vulnerable_slugs urls = {} themes_url = target.url('wp-content/themes/') names.each do |name| urls["#{themes_url}#{URI.encode(name)}/"] = name end urls end |