Class: WPScan::Finders::DynamicFinder::WpItems::Finder
- Inherits:
-
CMSScanner::Finders::Finder
- Object
- CMSScanner::Finders::Finder
- WPScan::Finders::DynamicFinder::WpItems::Finder
- Defined in:
- lib/wpscan/finders/dynamic_finder/wp_items/finder.rb
Overview
Not really a dynamic finder in itself (hence not a child class of DynamicFinder::Finder) but will use the dynamic finder DB configs to find collections of WpItems (such as Plugins and Themes)
Also used to factorise some code used between such finders. The #process_response should be implemented in each child class, or the #passive and #aggressive overriden
Direct Known Subclasses
Plugins::BodyPattern, Plugins::Comment, Plugins::ConfigParser, Plugins::HeaderPattern, Plugins::JavascriptVar, Plugins::QueryParameter, Plugins::Xpath
Instance Method Summary collapse
- #aggressive(_opts = {}) ⇒ Array<Plugin>, Array<Theme>
- #aggressive_(opts = {}) ⇒ Array<Plugin>, Array<Theme>
-
#aggressive_configs ⇒ Hash
The related dynamic finder passive configurations for the current class (all its usefullness comes from child classes).
-
#aggressive_path(slug, config) ⇒ String
The path related to the aggresive configuration ie config if it’s an absolute path (like /file.txt) or the path from inside the related plugin directory.
- #passive(opts = {}) ⇒ Array<Plugin>, Array<Theme>
-
#passive_configs ⇒ Hash
The related dynamic finder passive configurations for the current class (all its usefullness comes from child classes).
Instance Method Details
#aggressive(_opts = {}) ⇒ Array<Plugin>, Array<Theme>
57 58 59 60 |
# File 'lib/wpscan/finders/dynamic_finder/wp_items/finder.rb', line 57 def aggressive(_opts = {}) # Disable this as it would make quite a lot of extra requests just to find plugins/themes # Kept the original method below for future implementation end |
#aggressive_(opts = {}) ⇒ Array<Plugin>, Array<Theme>
65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
# File 'lib/wpscan/finders/dynamic_finder/wp_items/finder.rb', line 65 def aggressive_(opts = {}) found = [] aggressive_configs.each do |slug, configs| configs.each do |klass, config| path = aggressive_path(slug, config) response = Browser.get(target.url(path)) item = process_response(opts, response, slug, klass, config) found << item if item.is_a?(Model::WpItem) end end found end |
#aggressive_configs ⇒ Hash
Returns The related dynamic finder passive configurations for the current class (all its usefullness comes from child classes).
45 46 47 48 49 50 51 52 |
# File 'lib/wpscan/finders/dynamic_finder/wp_items/finder.rb', line 45 def aggressive_configs # So far only the Plugins have dynamic finders so using DB:: DynamicFinders::Plugin # is ok. However, when Themes have some, will need to create other child classes for them method = "aggressive_#{self.class.to_s.demodulize.underscore}_finder_configs".to_sym DB::DynamicFinders::Plugin.public_send(method) end |
#aggressive_path(slug, config) ⇒ String
Returns The path related to the aggresive configuration ie config if it’s an absolute path (like /file.txt) or the path from inside the related plugin directory.
88 89 90 91 92 93 |
# File 'lib/wpscan/finders/dynamic_finder/wp_items/finder.rb', line 88 def aggressive_path(slug, config) return config['path'] if config['path'][0] == '/' # No need to set the correct plugins dir, it will be handled by target.url() "wp-content/plugins/#{slug}/#{config['path']}" end |
#passive(opts = {}) ⇒ Array<Plugin>, Array<Theme>
29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/wpscan/finders/dynamic_finder/wp_items/finder.rb', line 29 def passive(opts = {}) found = [] passive_configs.each do |slug, configs| configs.each do |klass, config| item = process_response(opts, target.homepage_res, slug, klass, config) found << item if item.is_a?(Model::WpItem) end end found end |
#passive_configs ⇒ Hash
Returns The related dynamic finder passive configurations for the current class (all its usefullness comes from child classes).
17 18 19 20 21 22 23 24 |
# File 'lib/wpscan/finders/dynamic_finder/wp_items/finder.rb', line 17 def passive_configs # So far only the Plugins have dynamic finders so using DB:: DynamicFinders::Plugin # is ok. However, when Themes have some, will need to create other child classes for them method = "passive_#{self.class.to_s.demodulize.underscore}_finder_configs".to_sym DB::DynamicFinders::Plugin.public_send(method) end |