Class: WPScan::Finders::InterestingFindings::Registration

Inherits:

CMSScanner::Finders::Finder

• Object
• CMSScanner::Finders::Finder
• WPScan::Finders::InterestingFindings::Registration

Defined in:

app/finders/interesting_findings/registration.rb

Overview

Registration Enabled checker

Instance Method Summary

• #aggressive(_opts = {}) ⇒ InterestingFinding
• #passive(_opts = {}) ⇒ InterestingFinding

Instance Method Details

#aggressive(_opts = {}) ⇒ InterestingFinding

Returns:

• (InterestingFinding)

# File 'app/finders/interesting_findings/registration.rb', line 14

def aggressive(_opts = {})
  res = Browser.get_and_follow_location(target.registration_url)

  return unless res.code == 200
  return if res.html.css('form#setupform').empty? &&
            res.html.css('form#registerform').empty?

  target.registration_enabled = true

  Model::Registration.new(
    res.effective_url,
    confidence: 100,
    found_by: DIRECT_ACCESS,
    to_s: "Registration is enabled: #{res.effective_url}"
  )
end

#passive(_opts = {}) ⇒ InterestingFinding

Returns:

• (InterestingFinding)

# File 'app/finders/interesting_findings/registration.rb', line 9

def passive(_opts = {})
  # Maybe check in the homepage if there is the registration url ?
end