Class: WPScan::Finders::DynamicFinder::Version::QueryParameter

Inherits:

Finder

• Object
• CMSScanner::Finders::Finder
• Finder
• Finder
• WPScan::Finders::DynamicFinder::Version::QueryParameter

Defined in:

lib/wpscan/finders/dynamic_finder/version/query_parameter.rb

Overview

Version finder using QueryParameter method

Direct Known Subclasses

WpItemVersion::QueryParameter, WpVersion::QueryParameter

Class Method Summary

• .child_class_constants ⇒ Hash

Instance Method Summary

• #find(response, _opts = {}) ⇒ Array<Version>^?
• #path_pattern ⇒ Regexp
• #scan_response(response) ⇒ Hash
• #xpath ⇒ String

Methods inherited from Finder

#aggressive, child_class_constant, create_child_class, #passive

Class Method Details

.child_class_constants ⇒ Hash

Returns:

• (Hash)

# File 'lib/wpscan/finders/dynamic_finder/version/query_parameter.rb', line 10

def self.child_class_constants
  @child_class_constants ||= super().merge(
    XPATH: nil, FILES: nil, PATTERN: /(?:v|ver|version)\=(?<v>\d+\.[\.\d]+)/i, CONFIDENCE_PER_OCCURENCE: 10
  )
end

Instance Method Details

#find(response, _opts = {}) ⇒ Array<Version>^?

Parameters:

• response (Typhoeus::Response)
• opts (Hash)

Returns:

• (Array<Version>, nil)

# File 'lib/wpscan/finders/dynamic_finder/version/query_parameter.rb', line 19

def find(response, _opts = {})
  found = []

  scan_response(response).each do |version_number, occurences|
    found << create_version(
      version_number,
      confidence: self.class::CONFIDENCE_PER_OCCURENCE * occurences.size,
      interesting_entries: occurences
    )
  end

  found.compact
end

#path_pattern ⇒ Regexp

Returns:

• (Regexp)

# File 'lib/wpscan/finders/dynamic_finder/version/query_parameter.rb', line 56

def path_pattern
  @path_pattern ||= %r{/(?:#{self.class::FILES.join('|')})\z}i
end

#scan_response(response) ⇒ Hash

Parameters:

• response (Typhoeus::Response)

Returns:

• (Hash)

# File 'lib/wpscan/finders/dynamic_finder/version/query_parameter.rb', line 35

def scan_response(response)
  found = {}

  target.in_scope_uris(response, xpath) do |uri|
    next unless uri.path =~ path_pattern && uri.query&.match(self.class::PATTERN)

    version = Regexp.last_match[:v].to_s

    found[version] ||= []
    found[version] << uri.to_s
  end

  found
end

#xpath ⇒ String

Returns:

• (String)

# File 'lib/wpscan/finders/dynamic_finder/version/query_parameter.rb', line 51

def xpath
  @xpath ||= self.class::XPATH || '//link[@href]/@href|//script[@src]/@src'
end