Module: WpTarget::WpCustomDirectories

Included in:
WpTarget
Defined in:
lib/wpscan/wp_target/wp_custom_directories.rb

Instance Method Summary collapse

Instance Method Details

#default_wp_content_dir_exists?Boolean

Returns:

  • (Boolean)

24
25
26
27
28
29
30
31
32
33
# File 'lib/wpscan/wp_target/wp_custom_directories.rb', line 24

def default_wp_content_dir_exists?
  response = Browser.get(@uri.merge('wp-content').to_s)
  hash = Digest::MD5.hexdigest(response.body)

  if WpTarget.valid_response_codes.include?(response.code)
    return true if hash != error_404_hash and hash != homepage_hash
  end

  false
end

#wp_content_dirString

Returns The wp-content directory

Returns:

  • (String)

    The wp-content directory


7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# File 'lib/wpscan/wp_target/wp_custom_directories.rb', line 7

def wp_content_dir
  unless @wp_content_dir
    index_body = Browser.get(@uri.to_s).body
    uri_path = @uri.path # Only use the path because domain can be text or an IP

    if index_body[/\/wp-content\/(?:themes|plugins)\//i] || default_wp_content_dir_exists?
      @wp_content_dir = 'wp-content'
    else
      domains_excluded = '(?:www\.)?(facebook|twitter)\.com'
      @wp_content_dir  = index_body[/(?:href|src)\s*=\s*(?:"|').+#{Regexp.escape(uri_path)}((?!#{domains_excluded})[^"']+)\/(?:themes|plugins)\/.*(?:"|')/i, 1]
    end
  end

  @wp_content_dir
end

#wp_plugins_dirString

Returns The wp-plugins directory

Returns:

  • (String)

    The wp-plugins directory


36
37
38
39
40
41
# File 'lib/wpscan/wp_target/wp_custom_directories.rb', line 36

def wp_plugins_dir
  unless @wp_plugins_dir
    @wp_plugins_dir = "#{wp_content_dir}/plugins"
  end
  @wp_plugins_dir
end

#wp_plugins_dir_exists?Boolean

Returns:

  • (Boolean)

44
45
46
# File 'lib/wpscan/wp_target/wp_custom_directories.rb', line 44

def wp_plugins_dir_exists?
  Browser.get(@uri.merge(wp_plugins_dir).to_s).code != 404
end