Class: WPScan::Finders::PluginVersion::LayerSlider::TranslationFile

Inherits:

CMSScanner::Finders::Finder

• Object
• CMSScanner::Finders::Finder
• WPScan::Finders::PluginVersion::LayerSlider::TranslationFile

Defined in:

app/finders/plugin_version/layer_slider/translation_file.rb

Overview

Version from a Translation file

See github.com/wpscanteam/wpscan/issues/765

Instance Method Summary

• #aggressive(_opts = {}) ⇒ Version
• #potential_urls ⇒ Array<String>

  The potential URLs where the version is disclosed.

Instance Method Details

#aggressive(_opts = {}) ⇒ Version

Parameters:

• opts (Hash)

Returns:

• (Version)

# File 'app/finders/plugin_version/layer_slider/translation_file.rb', line 12

def aggressive(_opts = {})
  potential_urls.each do |url|
    res = Browser.get(url)

    next unless res.code == 200 && res.body =~ /Project-Id-Version: LayerSlider WP v?([0-9\.][^\\\s]+)/

    return WPScan::Version.new(
      Regexp.last_match[1],
      found_by: 'Translation File (Aggressive Detection)',
      confidence: 90,
      interesting_entries: ["#{url}, Match: '#{Regexp.last_match}'"]
    )
  end
  nil
end

#potential_urls ⇒ Array<String>

Returns The potential URLs where the version is disclosed.

Returns:

• (Array<String>) —

  The potential URLs where the version is disclosed

# File 'app/finders/plugin_version/layer_slider/translation_file.rb', line 29

def potential_urls
  # Recent versions seem to use the 'locales' directory instead of the 'languages' one.
  # Maybe also check other locales ?
  %w[locales languages].reduce([]) do |a, e|
    a << target.url("#{e}/LayerSlider-en_US.po")
  end
end