Class: WPScan::Finders::InterestingFindings::BackupDB

Inherits:

CMSScanner::Finders::Finder

• Object
• CMSScanner::Finders::Finder
• WPScan::Finders::InterestingFindings::BackupDB

Defined in:

app/finders/interesting_findings/backup_db.rb

Overview

BackupDB finder

Instance Method Summary

• #aggressive(_opts = {}) ⇒ InterestingFinding

Instance Method Details

#aggressive(_opts = {}) ⇒ InterestingFinding

Returns:

• (InterestingFinding)

# File 'app/finders/interesting_findings/backup_db.rb', line 9

def aggressive(_opts = {})
  path = 'wp-content/backup-db/'
  res  = target.head_and_get(path, [200, 403])

  return unless [200, 403].include?(res.code) && !target.homepage_or_404?(res)

  Model::BackupDB.new(
    target.url(path),
    confidence: 70,
    found_by: DIRECT_ACCESS,
    interesting_entries: target.directory_listing_entries(path),
    references: { url: 'https://github.com/wpscanteam/wpscan/issues/422' }
  )
end