Class: WPScan::Finders::Plugins::HeaderPattern

Inherits:
DynamicFinder::WpItems::Finder show all
Defined in:
app/finders/plugins/header_pattern.rb

Overview

Plugins finder from Dynamic Finder ‘HeaderPattern’

Constant Summary collapse

DEFAULT_CONFIDENCE = 
30

Instance Method Summary collapse

Methods inherited from DynamicFinder::WpItems::Finder

#aggressive_, #aggressive_configs, #aggressive_path, #passive_configs

Instance Method Details

#aggressive(_opts = {}) ⇒ nil

Parameters:

  • opts (Hash)

Returns:

  • (nil) 


37
38
39
 
# File 'app/finders/plugins/header_pattern.rb', line 37

def aggressive(_opts = {})
  # None
end

#passive(opts = {}) ⇒ Array<Plugin>

Parameters:

  • opts (Hash) (defaults to: {})

Returns:

  • (Array<Plugin>) 


13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
# File 'app/finders/plugins/header_pattern.rb', line 13

def passive(opts = {})
  found = []
  headers = target.homepage_res.headers

  return found if headers.empty?

  DB::DynamicFinders::Plugin.passive_header_pattern_finder_configs.each do |slug, configs|
    configs.each do |klass, config|
      next unless headers[config['header']] && headers[config['header']].to_s =~ config['pattern']

      found << Model::Plugin.new(
        slug,
        target,
        opts.merge(found_by: found_by(klass), confidence: config['confidence'] || DEFAULT_CONFIDENCE)
      )
    end
  end

  found
end