Class: WPScan::DB::VulnApi
- Inherits:
-
Object
- Object
- WPScan::DB::VulnApi
- Defined in:
- lib/wpscan/db/vuln_api.rb
Overview
WPVulnDB API
Constant Summary collapse
- NON_ERROR_CODES =
[200, 401].freeze
Class Attribute Summary collapse
-
.token ⇒ Object
Returns the value of attribute token.
Class Method Summary collapse
- .get(path, params = {}) ⇒ Hash
- .plugin_data(slug) ⇒ Hash
- .request_params ⇒ Hash
- .status ⇒ Hash
- .theme_data(slug) ⇒ Hash
- .uri ⇒ Addressable::URI
- .wordpress_data(version_number) ⇒ Hash
Class Attribute Details
.token ⇒ Object
Returns the value of attribute token.
10 11 12 |
# File 'lib/wpscan/db/vuln_api.rb', line 10 def token @token end |
Class Method Details
.get(path, params = {}) ⇒ Hash
22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
# File 'lib/wpscan/db/vuln_api.rb', line 22 def self.get(path, params = {}) return {} unless token res = Browser.get(uri.join(path), params.merge(request_params)) return {} if res.code == 404 # This is for API inconsistencies when dots in path return JSON.parse(res.body) if NON_ERROR_CODES.include?(res.code) raise Error::HTTP, res rescue Error::HTTP => e retries ||= 0 if (retries += 1) <= 3 sleep(1) retry end { 'http_error' => e } end |
.plugin_data(slug) ⇒ Hash
43 44 45 |
# File 'lib/wpscan/db/vuln_api.rb', line 43 def self.plugin_data(slug) get("plugins/#{slug}")&.dig(slug) || {} end |
.request_params ⇒ Hash
67 68 69 70 71 72 73 74 75 76 |
# File 'lib/wpscan/db/vuln_api.rb', line 67 def self.request_params { headers: { 'Host' => uri.host, # Reset in case user provided a --vhost for the target 'Referer' => nil, # Removes referer set by the cmsscanner to the target url 'User-Agent' => Browser.instance.default_user_agent, 'Authorization' => "Token token=#{token}" } } end |
.status ⇒ Hash
58 59 60 61 62 63 64 |
# File 'lib/wpscan/db/vuln_api.rb', line 58 def self.status json = get('status', params: { version: WPScan::VERSION }, cache_ttl: 0) json['requests_remaining'] = 'Unlimited' if json['requests_remaining'] == -1 json end |
.theme_data(slug) ⇒ Hash
48 49 50 |
# File 'lib/wpscan/db/vuln_api.rb', line 48 def self.theme_data(slug) get("themes/#{slug}")&.dig(slug) || {} end |
.uri ⇒ Addressable::URI
14 15 16 |
# File 'lib/wpscan/db/vuln_api.rb', line 14 def self.uri @uri ||= Addressable::URI.parse('https://wpvulndb.com/api/v3/') end |
.wordpress_data(version_number) ⇒ Hash
53 54 55 |
# File 'lib/wpscan/db/vuln_api.rb', line 53 def self.wordpress_data(version_number) get("wordpresses/#{version_number.tr('.', '')}")&.dig(version_number) || {} end |