Module: WPScan::Finders::WpItems::UrlsInPage

Included in:
MainTheme::CssStyleInHomepage, MainTheme::UrlsInHomepage, Plugins::UrlsInHomepage, Themes::UrlsInHomepage
Defined in:
app/finders/wp_items/urls_in_page.rb

Overview

URLs In Homepage Module to use in plugins & themes finders

Instance Method Summary collapse

Instance Method Details

#item_attribute_pattern(type) ⇒ Regexp

Parameters:

  • type (String)

Returns:

  • (Regexp)


50
51
52
# File 'app/finders/wp_items/urls_in_page.rb', line 50

def item_attribute_pattern(type)
  @item_attribute_pattern ||= %r{#{item_url_pattern(type)}([^/]+)/}i
end

#item_code_pattern(type) ⇒ Regexp

Parameters:

  • type (String)

Returns:

  • (Regexp)


57
58
59
# File 'app/finders/wp_items/urls_in_page.rb', line 57

def item_code_pattern(type)
  @item_code_pattern ||= %r{["'( ]#{item_url_pattern(type)}([^\\/)"']+)}i
end

#item_url_pattern(type) ⇒ Regexp

Parameters:

  • type (String)

Returns:

  • (Regexp)


64
65
66
67
68
69
70
71
72
# File 'app/finders/wp_items/urls_in_page.rb', line 64

def item_url_pattern(type)
  item_dir = type == 'plugins' ? target.plugins_dir : target.content_dir
  item_url = type == 'plugins' ? target.plugins_url : target.content_url

  url = /#{item_url.gsub(/\A(?:https?)/i, 'https?').gsub('/', '\\\\\?\/')}/i
  item_dir = %r{(?:#{url}|\\?/#{item_dir.gsub('/', '\\\\\?\/')}\\?/)}i

  type == 'plugins' ? item_dir : %r{#{item_dir}#{type}\\?/}i
end

#items_from_codes(type, uniq: true) ⇒ Array<String>

Returns The plugins/themes detected in the javascript/style of the homepage.

Parameters:

  • type (String)

    plugins / themes

  • uniq (Boolean) (defaults to: true)

    Wether or not to apply the #uniq on the results

Returns:

  • (Array<String>)

    The plugins/themes detected in the javascript/style of the homepage



34
35
36
37
38
39
40
41
42
43
44
45
# File 'app/finders/wp_items/urls_in_page.rb', line 34

def items_from_codes(type, uniq: true)
  found = []

  page_res.html.xpath('//script[not(@src)]|//style[not(@src)]').each do |tag|
    code = tag.text.to_s
    next if code.empty?

    code.scan(item_code_pattern(type)).flatten.uniq.each { |slug| found << slug }
  end

  uniq ? found.uniq.sort : found.sort
end

Returns The plugins/themes detected in the href, src attributes of the page.

Parameters:

  • type (String)

    plugins / themes

  • uniq (Boolean) (defaults to: true)

    Wether or not to apply the #uniq on the results

Returns:

  • (Array<String>)

    The plugins/themes detected in the href, src attributes of the page



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# File 'app/finders/wp_items/urls_in_page.rb', line 12

def items_from_links(type, uniq: true)
  found = []
  xpath = format(
    '(//@href|//@src|//@data-src)[contains(., "%s")]',
    type == 'plugins' ? target.plugins_dir : target.content_dir
  )

  target.in_scope_uris(page_res, xpath) do |uri|
    next unless uri.to_s =~ item_attribute_pattern(type)

    slug = Regexp.last_match[1]&.strip

    found << slug unless slug&.empty?
  end

  uniq ? found.uniq.sort : found.sort
end