Class: WPScan::Finders::InterestingFindings::MuPlugins

Inherits:
CMSScanner::Finders::Finder
  • Object
show all
Defined in:
app/finders/interesting_findings/mu_plugins.rb

Overview

Must Use Plugins Directory checker

Instance Method Summary collapse

Instance Method Details

#aggressive(_opts = {}) ⇒ InterestingFinding

Returns:

  • (InterestingFinding) 


25
26
27
28
29
30
31
32
33
34
35
 
# File 'app/finders/interesting_findings/mu_plugins.rb', line 25

def aggressive(_opts = {})
  url = target.url('wp-content/mu-plugins/')
  res = Browser.get_and_follow_location(url)

  return unless [200, 401, 403].include?(res.code)
  return if target.homepage_or_404?(res)

  target.mu_plugins = true

  Model::MuPlugins.new(url, confidence: 80, found_by: DIRECT_ACCESS)
end

#passive(_opts = {}) ⇒ InterestingFinding

Returns:

  • (InterestingFinding) 


9
10
11
12
13
14
15
16
17
18
19
20
21
22
 
# File 'app/finders/interesting_findings/mu_plugins.rb', line 9

def passive(_opts = {})
  pattern = %r{#{target.content_dir}/mu-plugins/}i

  target.in_scope_uris(target.homepage_res, '(//@href|//@src)[contains(., "mu-plugins")]') do |uri|
    next unless uri.path&.match?(pattern)

    url = target.url('wp-content/mu-plugins/')

    target.mu_plugins = true

    return Model::MuPlugins.new(url, confidence: 70, found_by: 'URLs In Homepage (Passive Detection)')
  end
  nil
end