Class: WPScan::Finders::DbExports::KnownLocations

Inherits:

CMSScanner::Finders::Finder

• Object
• CMSScanner::Finders::Finder
• WPScan::Finders::DbExports::KnownLocations

Includes:

CMSScanner::Finders::Finder::Enumerator

Defined in:

app/finders/db_exports/known_locations.rb

Overview

DB Exports finder See github.com/wpscanteam/wpscan-v3/issues/62

Instance Method Summary

• #aggressive(opts = {}) ⇒ Array<DBExport>
• #create_progress_bar(opts = {}) ⇒ Object
• #potential_urls(opts = {}) ⇒ Hash

Instance Method Details

#aggressive(opts = {}) ⇒ Array<DBExport>

Parameters:

• opts (Hash) (defaults to: {})

Options Hash (opts):

• :list (String)
• :show_progression (Boolean)

Returns:

• (Array<DBExport>)

# File 'app/finders/db_exports/known_locations.rb', line 14

def aggressive(opts = {})
  found = []

  enumerate(potential_urls(opts), opts) do |res|
    next unless res.code == 200 && res.body =~ /INSERT INTO/

    found << WPScan::DbExport.new(res.request.url, found_by: DIRECT_ACCESS, confidence: 100)
  end

  found
end

#create_progress_bar(opts = {}) ⇒ Object

# File 'app/finders/db_exports/known_locations.rb', line 43

def create_progress_bar(opts = {})
  super(opts.merge(title: ' Checking DB Exports -'))
end

#potential_urls(opts = {}) ⇒ Hash

Parameters:

• opts (Hash) (defaults to: {})

Options Hash (opts):

• :list (String) —

  Mandatory

Returns:

• (Hash)

# File 'app/finders/db_exports/known_locations.rb', line 30

def potential_urls(opts = {})
  urls        = {}
  domain_name = target.uri.host[/(^[\w|-]+)/, 1]

  File.open(opts[:list]).each_with_index do |path, index|
    path.gsub!('{domain_name}', domain_name)

    urls[target.url(path.chomp)] = index
  end

  urls
end