Class: WPScan::Target

Inherits:
CMSScanner::Target
  • Object
show all
Includes:
Platform::WordPress
Defined in:
lib/wpscan/target.rb,
lib/wpscan/target/platform/wordpress.rb,
lib/wpscan/target/platform/wordpress/custom_directories.rb

Overview

Includes the WordPress Platform

Defined Under Namespace

Modules: Platform

Constant Summary

Constants included from Platform::WordPress

Platform::WordPress::WORDPRESS_PATTERN

Instance Attribute Summary

Attributes included from Platform::WordPress

#mu_plugins, #multisite, #registration_enabled

Instance Method Summary collapse

Methods included from Platform::WordPress

#content_dir, #content_dir=, #content_uri, #content_url, #do_login, #login_request, #login_url, #plugins_dir, #plugins_dir=, #plugins_uri, #plugins_url, #registration_url, #sub_dir, #themes_dir, #themes_uri, #themes_url, #url, #wordpress?, #wordpress_hosted?

Instance Method Details

#config_backups(opts = {}) ⇒ Array<ConfigBackup>

Parameters:

  • opts (Hash) (defaults to: {})

Returns:



69
70
71
 
# File 'lib/wpscan/target.rb', line 69

def config_backups(opts = {})
  @config_backups ||= Finders::ConfigBackups::Base.find(self, opts)
end

#db_exports(opts = {}) ⇒ Array<DBExport>

Parameters:

  • opts (Hash) (defaults to: {})

Returns:

  • (Array<DBExport>) 


76
77
78
 
# File 'lib/wpscan/target.rb', line 76

def db_exports(opts = {})
  @db_exports ||= Finders::DbExports::Base.find(self, opts)
end

#main_theme(opts = {}) ⇒ Theme

Parameters:

  • opts (Hash) (defaults to: {})

Returns:



39
40
41
42
43
 
# File 'lib/wpscan/target.rb', line 39

def main_theme(opts = {})
  @main_theme = Finders::MainTheme::Base.find(self, opts) if @main_theme.nil?

  @main_theme
end

#medias(opts = {}) ⇒ Array<Media>

Parameters:

  • opts (Hash) (defaults to: {})

Returns:



83
84
85
 
# File 'lib/wpscan/target.rb', line 83

def medias(opts = {})
  @medias ||= Finders::Medias::Base.find(self, opts)
end

#plugins(opts = {}) ⇒ Array<Plugin>

Parameters:

  • opts (Hash) (defaults to: {})

Returns:



48
49
50
 
# File 'lib/wpscan/target.rb', line 48

def plugins(opts = {})
  @plugins ||= Finders::Plugins::Base.find(self, opts)
end

#themes(opts = {}) ⇒ Array<Theme>

Parameters:

  • opts (Hash) (defaults to: {})

Returns:



55
56
57
 
# File 'lib/wpscan/target.rb', line 55

def themes(opts = {})
  @themes ||= Finders::Themes::Base.find(self, opts)
end

#timthumbs(opts = {}) ⇒ Array<Timthumb>

Parameters:

  • opts (Hash) (defaults to: {})

Returns:



62
63
64
 
# File 'lib/wpscan/target.rb', line 62

def timthumbs(opts = {})
  @timthumbs ||= Finders::Timthumbs::Base.find(self, opts)
end

#users(opts = {}) ⇒ Array<User>

Parameters:

  • opts (Hash) (defaults to: {})

Returns:

  • (Array<User>) 


90
91
92
 
# File 'lib/wpscan/target.rb', line 90

def users(opts = {})
  @users ||= Finders::Users::Base.find(self, opts)
end

#vulnerable?Boolean

Returns:

  • (Boolean) 


9
10
11
12
13
14
15
16
17
18
19
20
 
# File 'lib/wpscan/target.rb', line 9

def vulnerable?
  [@wp_version, @main_theme, @plugins, @themes, @timthumbs].each do |e|
    [*e].each { |ae| return true if ae && ae.vulnerable? } # rubocop:disable Style/SafeNavigation
  end

  return true unless [*@config_backups].empty?
  return true unless [*@db_exports].empty?

  [*@users].each { |u| return true if u.password }

  false
end

#wp_version(opts = {}) ⇒ WpVersion, false

Returns The WpVersion found or false if not detected.

Parameters:

  • opts (Hash) (defaults to: {})

Returns:

  • (WpVersion, false)

    The WpVersion found or false if not detected



30
31
32
33
34
 
# File 'lib/wpscan/target.rb', line 30

def wp_version(opts = {})
  @wp_version = Finders::WpVersion::Base.find(self, opts) if @wp_version.nil?

  @wp_version
end

#xmlrpcXMLRPC?

Returns:



23
24
25
 
# File 'lib/wpscan/target.rb', line 23

def xmlrpc
  @xmlrpc ||= interesting_findings&.select { |f| f.is_a?(WPScan::XMLRPC) }&.first
end