Class: WPScan::Finders::DbExports::KnownLocations
- Inherits:
-
CMSScanner::Finders::Finder
- Object
- CMSScanner::Finders::Finder
- WPScan::Finders::DbExports::KnownLocations
- Includes:
- CMSScanner::Finders::Finder::Enumerator
- Defined in:
- app/finders/db_exports/known_locations.rb
Overview
DB Exports finder
Constant Summary collapse
- SQL_PATTERN =
/(?:DROP|(?:UN)?LOCK|CREATE) TABLE|INSERT INTO/.freeze
Instance Method Summary collapse
- #aggressive(opts = {}) ⇒ Array<DBExport>
- #create_progress_bar(opts = {}) ⇒ Object
- #full_request_params ⇒ Object
- #potential_urls(opts = {}) ⇒ Hash
Instance Method Details
#aggressive(opts = {}) ⇒ Array<DBExport>
17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# File 'app/finders/db_exports/known_locations.rb', line 17 def aggressive(opts = {}) found = [] enumerate(potential_urls(opts), opts.merge(check_full_response: 200)) do |res| if res.effective_url.end_with?('.zip') next unless %r{\Aapplication/zip}i.match?(res.headers['Content-Type']) else next unless SQL_PATTERN.match?(res.body) end found << Model::DbExport.new(res.request.url, found_by: DIRECT_ACCESS, confidence: 100) end found end |
#create_progress_bar(opts = {}) ⇒ Object
54 55 56 |
# File 'app/finders/db_exports/known_locations.rb', line 54 def (opts = {}) super(opts.merge(title: ' Checking DB Exports -')) end |
#full_request_params ⇒ Object
33 34 35 |
# File 'app/finders/db_exports/known_locations.rb', line 33 def full_request_params @full_request_params ||= { headers: { 'Range' => 'bytes=0-3000' } } end |
#potential_urls(opts = {}) ⇒ Hash
41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'app/finders/db_exports/known_locations.rb', line 41 def potential_urls(opts = {}) urls = {} domain_name = PublicSuffix.domain(target.uri.host)[/(^[\w|-]+)/, 1] File.open(opts[:list]).each_with_index do |path, index| path.gsub!('{domain_name}', domain_name) urls[target.url(path.chomp)] = index end urls end |