Class: WPScan::DB::DynamicFinders::Wordpress

Inherits:

Base

• Object
• Base
• WPScan::DB::DynamicFinders::Wordpress

Defined in:

lib/wpscan/db/dynamic_finders/wordpress.rb

Class Method Summary

• .allowed_classes ⇒ Array<Symbol>
• .create_versions_finders ⇒ Object
• .db_data ⇒ Hash
• .finder_configs(finder_class, aggressive = false) ⇒ Hash
• .version_finder_module ⇒ Constant
• .version_finder_super_class(klass) ⇒ Constant
• .versions_finders_configs ⇒ Hash

Methods inherited from Base

db_file, method_missing, respond_to_missing?

Class Method Details

.allowed_classes ⇒ Array<Symbol>

Returns:

• (Array<Symbol>)

# File 'lib/wpscan/db/dynamic_finders/wordpress.rb', line 16

def self.allowed_classes
  @allowed_classes ||= %i[
    Comment Xpath HeaderPattern BodyPattern JavascriptVar QueryParameter WpItemQueryParameter
  ]
end

.create_versions_finders ⇒ Object

# File 'lib/wpscan/db/dynamic_finders/wordpress.rb', line 52

def self.create_versions_finders
  versions_finders_configs.each do |finder_class, config|
    klass = config['class'] || finder_class

    # Instead of raising exceptions, skip unallowed/already defined finders
    # So that, when new DF configs are put in the .yml
    # users with old version of WPScan will still be able to scan blogs
    # when updating the DB but not the tool
    next if version_finder_module.constants.include?(finder_class.to_sym) ||
            !allowed_classes.include?(klass.to_sym)

    version_finder_super_class(klass).create_child_class(version_finder_module, finder_class.to_sym, config)
  end
end

.db_data ⇒ Hash

Returns:

• (Hash)

# File 'lib/wpscan/db/dynamic_finders/wordpress.rb', line 6

def self.db_data
  @db_data ||= super['wordpress'] || {}
end

.finder_configs(finder_class, aggressive = false) ⇒ Hash

Parameters:

• finder_class (Symbol)
• aggressive (Boolean) (defaults to: false)

Returns:

• (Hash)

# File 'lib/wpscan/db/dynamic_finders/wordpress.rb', line 25

def self.finder_configs(finder_class, aggressive = false)
  configs = {}

  return configs unless allowed_classes.include?(finder_class)

  finders = if aggressive
              db_data.reject { |_f, c| c['path'].nil? }
            else
              db_data.select { |_f, c| c['path'].nil? }
            end

  finders.each do |finder_name, config|
    klass = config['class'] || finder_name

    next unless klass.to_sym == finder_class

    configs[finder_name] = config
  end

  configs
end

.version_finder_module ⇒ Constant

Returns:

• (Constant)

# File 'lib/wpscan/db/dynamic_finders/wordpress.rb', line 11

def self.version_finder_module
  Finders::WpVersion
end

.version_finder_super_class(klass) ⇒ Constant

Parameters:

• klass (String, Symbol)

Returns:

• (Constant)

# File 'lib/wpscan/db/dynamic_finders/wordpress.rb', line 69

def self.version_finder_super_class(klass)
  "WPScan::Finders::DynamicFinder::WpVersion::#{klass}".constantize
end

.versions_finders_configs ⇒ Hash

Returns:

• (Hash)

# File 'lib/wpscan/db/dynamic_finders/wordpress.rb', line 48

def self.versions_finders_configs
  @versions_finders_configs ||= db_data.select { |_finder_name, config| config.key?('version') }
end