Class: WPScan::Finders::WpVersion::RSSGenerator

Inherits:

CMSScanner::Finders::Finder

• Object
• CMSScanner::Finders::Finder
• WPScan::Finders::WpVersion::RSSGenerator

Includes:

Finder::WpVersion::SmartURLChecker

Defined in:

app/finders/wp_version/rss_generator.rb

Overview

RSS Generator Version Finder

Direct Known Subclasses

Users::RSSGenerator

Instance Method Summary

• #aggressive_urls(_opts = {}) ⇒ Object
• #passive_urls_xpath ⇒ Object
• #process_urls(urls, _opts = {}) ⇒ Object

Methods included from Finder::WpVersion::SmartURLChecker

#create_version

Instance Method Details

#aggressive_urls(_opts = {}) ⇒ Object

# File 'app/finders/wp_version/rss_generator.rb', line 37

def aggressive_urls(_opts = {})
  %w[feed/ comments/feed/ feed/rss/ feed/rss2/].reduce([]) do |a, uri|
    a << target.url(uri)
  end
end

#passive_urls_xpath ⇒ Object

# File 'app/finders/wp_version/rss_generator.rb', line 33

def passive_urls_xpath
  '//link[@rel="alternate" and @type="application/rss+xml"]/@href'
end

#process_urls(urls, _opts = {}) ⇒ Object

# File 'app/finders/wp_version/rss_generator.rb', line 10

def process_urls(urls, _opts = {})
  found = Findings.new

  urls.each do |url|
    res = Browser.get_and_follow_location(url)

    res.html.xpath('//comment()[contains(., "wordpress")] | //generator').each do |node|
      node_text = node.text.to_s.strip

      next unless node_text =~ %r{\Ahttps?://wordpress\.(?:[a-z]+)/\?v=(.*)\z}i ||
                  node_text =~ %r{\Agenerator="wordpress/([^"]+)"\z}i

      found << create_version(
        Regexp.last_match[1],
        found_by: found_by,
        entries: ["#{res.effective_url}, #{node.to_s.strip}"]
      )
    end
  end

  found
end