Class: WPScan::Finders::MainTheme::CssStyleInHomepage

Inherits:
CMSScanner::Finders::Finder
  • Object
show all
Includes:
WpItems::UrlsInPage
Defined in:
app/finders/main_theme/css_style_in_homepage.rb

Overview

From the CSS style in the homepage

Direct Known Subclasses

CssStyleIn404Page

Instance Method Summary collapse

Methods included from WpItems::UrlsInPage

#item_attribute_pattern, #item_code_pattern, #item_url_pattern, #items_from_codes, #items_from_links

Instance Method Details

#create_theme(slug, style_url, opts) ⇒ Object



10
11
12
13
14
15
16
# File 'app/finders/main_theme/css_style_in_homepage.rb', line 10

def create_theme(slug, style_url, opts)
  Model::Theme.new(
    slug,
    target,
    opts.merge(found_by: found_by, confidence: 70, style_url: style_url)
  )
end

#passive(opts = {}) ⇒ Object



18
19
20
# File 'app/finders/main_theme/css_style_in_homepage.rb', line 18

def passive(opts = {})
  passive_from_css_href(target.homepage_res, opts) || passive_from_style_code(target.homepage_res, opts)
end

#passive_from_css_href(res, opts) ⇒ Object



22
23
24
25
26
27
28
29
# File 'app/finders/main_theme/css_style_in_homepage.rb', line 22

def passive_from_css_href(res, opts)
  target.in_scope_uris(res, '//link/@href[contains(., "style.css")]') do |uri|
    next unless uri.path =~ %r{/themes/([^/]+)/style.css\z}i

    return create_theme(Regexp.last_match[1], uri.to_s, opts)
  end
  nil
end

#passive_from_style_code(res, opts) ⇒ Object



31
32
33
34
35
36
37
38
39
40
41
# File 'app/finders/main_theme/css_style_in_homepage.rb', line 31

def passive_from_style_code(res, opts)
  res.html.css('style').each do |tag|
    code = tag.text.to_s
    next if code.empty?

    next unless code =~ %r{#{item_code_pattern('themes')}\\?/style\.css[^"'( ]*}i

    return create_theme(Regexp.last_match[1], Regexp.last_match[0].strip, opts)
  end
  nil
end