Class: WPScan::Target

Inherits:

CMSScanner::Target

• Object
• CMSScanner::Target
• WPScan::Target

Includes:

Platform::WordPress

Defined in:

lib/wpscan/target.rb,
lib/wpscan/target/platform/wordpress.rb,
lib/wpscan/target/platform/wordpress/custom_directories.rb

Overview

Includes the WordPress Platform

Defined Under Namespace

Modules: Platform

Constant Summary

Constants included from Platform::WordPress

Platform::WordPress::WORDPRESS_PATTERN

Instance Attribute Summary

Attributes included from Platform::WordPress

#mu_plugins, #multisite, #registration_enabled

Instance Method Summary

• #config_backups(opts = {}) ⇒ Array<ConfigBackup>
• #main_theme(opts = {}) ⇒ Theme
• #medias(opts = {}) ⇒ Array<Media>
• #plugins(opts = {}) ⇒ Array<Plugin>
• #themes(opts = {}) ⇒ Array<Theme>
• #timthumbs(opts = {}) ⇒ Array<Timthumb>
• #users(opts = {}) ⇒ Array<User>
• #vulnerable? ⇒ Boolean
• #wp_version(opts = {}) ⇒ WpVersion, false

  The WpVersion found or false if not detected.

Methods included from Platform::WordPress

#content_dir, #content_dir=, #content_uri, #content_url, #do_login, #login_request, #login_url, #plugins_dir, #plugins_dir=, #plugins_uri, #plugins_url, #registration_url, #sub_dir, #url, #wordpress?, #wordpress_hosted?

Instance Method Details

#config_backups(opts = {}) ⇒ Array<ConfigBackup>

Parameters:

• opts (Hash) (defaults to: {})

Returns:

• (Array<ConfigBackup>)

# File 'lib/wpscan/target.rb', line 63

def config_backups(opts = {})
  @config_backups ||= Finders::ConfigBackups::Base.find(self, opts)
end

#main_theme(opts = {}) ⇒ Theme

Parameters:

• opts (Hash) (defaults to: {})

Returns:

• (Theme)

# File 'lib/wpscan/target.rb', line 33

def main_theme(opts = {})
  @main_theme = Finders::MainTheme::Base.find(self, opts) if @main_theme.nil?

  @main_theme
end

#medias(opts = {}) ⇒ Array<Media>

Parameters:

• opts (Hash) (defaults to: {})

Returns:

• (Array<Media>)

# File 'lib/wpscan/target.rb', line 70

def medias(opts = {})
  @medias ||= Finders::Medias::Base.find(self, opts)
end

#plugins(opts = {}) ⇒ Array<Plugin>

Parameters:

• opts (Hash) (defaults to: {})

Returns:

• (Array<Plugin>)

# File 'lib/wpscan/target.rb', line 42

def plugins(opts = {})
  @plugins ||= Finders::Plugins::Base.find(self, opts)
end

#themes(opts = {}) ⇒ Array<Theme>

Parameters:

• opts (Hash) (defaults to: {})

Returns:

• (Array<Theme>)

# File 'lib/wpscan/target.rb', line 49

def themes(opts = {})
  @themes ||= Finders::Themes::Base.find(self, opts)
end

#timthumbs(opts = {}) ⇒ Array<Timthumb>

Parameters:

• opts (Hash) (defaults to: {})

Returns:

• (Array<Timthumb>)

# File 'lib/wpscan/target.rb', line 56

def timthumbs(opts = {})
  @timthumbs ||= Finders::Timthumbs::Base.find(self, opts)
end

#users(opts = {}) ⇒ Array<User>

Parameters:

• opts (Hash) (defaults to: {})

Returns:

• (Array<User>)

# File 'lib/wpscan/target.rb', line 77

def users(opts = {})
  @users ||= Finders::Users::Base.find(self, opts)
end

#vulnerable? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/wpscan/target.rb', line 9

def vulnerable?
  [@wp_version, @main_theme, @plugins, @themes, @timthumbs].each do |e|
    [*e].each { |ae| return true if ae && ae.vulnerable? }
  end

  return true unless [*@config_backups].empty?

  [*@users].each { |u| return true if u.password }

  false
end

#wp_version(opts = {}) ⇒ WpVersion, false

Returns The WpVersion found or false if not detected.

Parameters:

• opts (Hash) (defaults to: {})

Returns:

• (WpVersion, false) —

  The WpVersion found or false if not detected

# File 'lib/wpscan/target.rb', line 24

def wp_version(opts = {})
  @wp_version = Finders::WpVersion::Base.find(self, opts) if @wp_version.nil?

  @wp_version
end