Class: WPScan::Finders::WpVersion::RSSGenerator
- Inherits:
-
CMSScanner::Finders::Finder
- Object
- CMSScanner::Finders::Finder
- WPScan::Finders::WpVersion::RSSGenerator
- Includes:
- Finder::WpVersion::SmartURLChecker
- Defined in:
- app/finders/wp_version/rss_generator.rb
Overview
RSS Generator Version Finder
Instance Method Summary collapse
- #aggressive_urls(_opts = {}) ⇒ Object
- #passive_urls_xpath ⇒ Object
- #process_urls(urls, _opts = {}) ⇒ Object
Methods included from Finder::WpVersion::SmartURLChecker
Instance Method Details
#aggressive_urls(_opts = {}) ⇒ Object
35 36 37 38 39 |
# File 'app/finders/wp_version/rss_generator.rb', line 35 def aggressive_urls(_opts = {}) %w[feed/ comments/feed/ feed/rss/ feed/rss2/].reduce([]) do |a, uri| a << target.url(uri) end end |
#passive_urls_xpath ⇒ Object
31 32 33 |
# File 'app/finders/wp_version/rss_generator.rb', line 31 def passive_urls_xpath '//link[@rel="alternate" and @type="application/rss+xml"]' end |
#process_urls(urls, _opts = {}) ⇒ Object
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# File 'app/finders/wp_version/rss_generator.rb', line 8 def process_urls(urls, _opts = {}) found = Findings.new urls.each do |url| res = Browser.get_and_follow_location(url) res.html.xpath('//comment()[contains(., "wordpress")] | //generator').each do |node| node_text = node.text.to_s.strip next unless node_text =~ %r{\Ahttps?://wordpress\.(?:[a-z]+)/\?v=(.*)\z}i || node_text =~ %r{\Agenerator="wordpress/([^"]+)"\z}i found << create_version( Regexp.last_match[1], found_by: found_by, entries: ["#{res.effective_url}, #{node.to_s.strip}"] ) end end found end |