Class: WPScan::DB::DynamicFinders::Plugin

Inherits:
Base
  • Object
show all
Defined in:
lib/wpscan/db/dynamic_finders/plugin.rb

Class Method Summary collapse

Methods inherited from Base

allowed_classes, db_file, method_missing, respond_to_missing?

Class Method Details

.create_versions_findersObject 



74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
# File 'lib/wpscan/db/dynamic_finders/plugin.rb', line 74

def self.create_versions_finders
  versions_finders_configs.each do |slug, finders|
    # Kind of an issue here, module is created even if there is no valid classes
    # Could put the #maybe_ directly in the #send() BUT it would be checked everytime,
    # which is kind of a waste
    mod = maybe_create_modudle(slug)

    finders.each do |finder_class, config|
      klass = config['class'] || finder_class

      # Instead of raising exceptions, skip unallowed/already defined finders
      # So that, when new DF configs are put in the .yml
      # users with old version of WPScan will still be able to scan blogs
      # when updating the DB but not the tool
      next if mod.constants.include?(finder_class.to_sym) ||
              !allowed_classes.include?(klass.to_sym)

      version_finder_super_class(klass).create_child_class(mod, finder_class.to_sym, config)
    end
  end
end

.db_dataHash

Returns:

  • (Hash) 


6
7
8
 
# File 'lib/wpscan/db/dynamic_finders/plugin.rb', line 6

def self.db_data
  @db_data ||= super['plugins'] || {}
end

.finder_configs(finder_class, aggressive = false) ⇒ Hash

Parameters:

  • finder_class (Symbol)
  • aggressive (Boolean) (defaults to: false)

Returns:

  • (Hash) 


17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/wpscan/db/dynamic_finders/plugin.rb', line 17

def self.finder_configs(finder_class, aggressive = false)
  configs = {}

  return configs unless allowed_classes.include?(finder_class)

  db_data.each do |slug, finders|
    # Quite sure better can be done with some kind of logic statement in the select
    fs = if aggressive
           finders.reject { |_f, c| c['path'].nil? }
         else
           finders.select { |_f, c| c['path'].nil? }
         end

    fs.each do |finder_name, config|
      klass = config['class'] || finder_name

      next unless klass.to_sym == finder_class

      configs[slug] ||= {}
      configs[slug][finder_name] = config
    end
  end

  configs
end

.maybe_create_modudle(slug) ⇒ Constant

Parameters:

  • slug (String)

Returns:

  • (Constant) 


63
64
65
66
67
68
69
70
71
72
 
# File 'lib/wpscan/db/dynamic_finders/plugin.rb', line 63

def self.maybe_create_modudle(slug)
  # What about slugs such as js_composer which will be done as JsComposer, just like js-composer
  constant_name = classify_slug(slug)

  unless version_finder_module.constants.include?(constant_name)
    version_finder_module.const_set(constant_name, Module.new)
  end

  version_finder_module.const_get(constant_name)
end

.version_finder_moduleObject 



10
11
12
 
# File 'lib/wpscan/db/dynamic_finders/plugin.rb', line 10

def self.version_finder_module
  Finders::PluginVersion
end

.version_finder_super_class(klass) ⇒ Constant

The idea here would be to check if the class exist in the Finders::DynamicFinders::Plugins/Themes::klass or WpItemVersion::klass and return the related constant when one has been found.

So far, the Finders::DynamicFinders::WPItemVersion is enought as nothing else is used

Parameters:

  • klass (String, Symbol)

Returns:

  • (Constant) 


105
106
107
 
# File 'lib/wpscan/db/dynamic_finders/plugin.rb', line 105

def self.version_finder_super_class(klass)
  "WPScan::Finders::DynamicFinder::WpItemVersion::#{klass}".constantize
end

.versions_finders_configsHash

Returns:

  • (Hash) 


44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/wpscan/db/dynamic_finders/plugin.rb', line 44

def self.versions_finders_configs
  return @versions_finders_configs if @versions_finders_configs

  @versions_finders_configs = {}

  db_data.each do |slug, finders|
    finders.each do |finder_name, config|
      next unless config.key?('version')

      @versions_finders_configs[slug] ||= {}
      @versions_finders_configs[slug][finder_name] = config
    end
  end

  @versions_finders_configs
end