Class: WPScan::Finders::Users::YoastSeoAuthorSitemap

Inherits:

CMSScanner::Finders::Finder

• Object
• CMSScanner::Finders::Finder
• WPScan::Finders::Users::YoastSeoAuthorSitemap

Defined in:

app/finders/users/yoast_seo_author_sitemap.rb

Overview

The YOAST SEO plugin has an author-sitemap.xml which can leak usernames See github.com/wpscanteam/wpscan/issues/1228

Instance Method Summary

• #aggressive(_opts = {}) ⇒ Array<User>
• #sitemap_url ⇒ String

  The URL of the author-sitemap.

Instance Method Details

#aggressive(_opts = {}) ⇒ Array<User>

Parameters:

• opts (Hash)

Returns:

• (Array<User>)

# File 'app/finders/users/yoast_seo_author_sitemap.rb', line 12

def aggressive(_opts = {})
  found = []

  Browser.get(sitemap_url).html.xpath('//url/loc').each do |user_tag|
    username = user_tag.text.to_s[%r{/author/([^\/]+)/}, 1]

    next unless username && !username.strip.empty?

    found << Model::User.new(username,
                             found_by: found_by,
                             confidence: 100,
                             interesting_entries: [sitemap_url])
  end

  found
end

#sitemap_url ⇒ String

Returns The URL of the author-sitemap.

Returns:

• (String) —

  The URL of the author-sitemap

# File 'app/finders/users/yoast_seo_author_sitemap.rb', line 30

def sitemap_url
  @sitemap_url ||= target.url('author-sitemap.xml')
end