Class: WpscanOptions
- Inherits:
-
Object
- Object
- WpscanOptions
- Defined in:
- lib/wpscan/wpscan_options.rb
Constant Summary
- ACCESSOR_OPTIONS =
[ :enumerate_plugins, :enumerate_only_vulnerable_plugins, :enumerate_all_plugins, :enumerate_themes, :enumerate_only_vulnerable_themes, :enumerate_all_themes, :enumerate_timthumbs, :enumerate_usernames, :enumerate_usernames_range, :proxy, :proxy_auth, :threads, :url, :wordlist, :force, :update, :verbose, :username, :password, :follow_redirection, :wp_content_dir, :wp_plugins_dir, :help, :config_file, :exclude_content_based, :basic_auth ]
Class Method Summary (collapse)
-
+ (Object) clean_option(option)
protected
Will removed the '-' or '--' chars at the beginning of option and replace any remaining '-' by '_'.
-
+ (Object) get_opt_long
protected
Even if a short option is given (IE : -u), the long one will be returned (IE : --url).
- + (Boolean) is_long_option?(option) protected
-
+ (Object) load_from_arguments
Will load the options from ARGV return WpscanOptions.
- + (Object) option_to_instance_variable_setter(option) protected
Instance Method Summary (collapse)
- - (Object) basic_auth=(basic_auth)
- - (Object) enumerate_all_plugins=(enumerate_all_plugins)
- - (Object) enumerate_all_themes=(enumerate_all_themes)
- - (Object) enumerate_only_vulnerable_plugins=(enumerate_only_vulnerable_plugins)
- - (Object) enumerate_only_vulnerable_themes=(enumerate_only_vulnerable_themes)
-
- (Object) enumerate_options_from_string(value)
Will set enumerate_* from the string value IE : if value = vp => :enumerate_only_vulnerable_plugins will be set to true multiple enumeration are possible : 'u,p' => :enumerate_usernames and :enumerate_plugins Special case for usernames, a range is possible : u will enumerate usernames from 1 to 10.
- - (Object) enumerate_plugins=(enumerate_plugins)
- - (Object) enumerate_themes=(enumerate_themes)
- - (Boolean) has_options?
-
- (WpscanOptions) initialize
constructor
A new instance of WpscanOptions.
- - (Object) proxy=(proxy)
- - (Object) proxy_auth=(auth)
-
- (Object) set_option_from_cli(cli_option, cli_value)
string cli_option : --url, -u, --proxy etc string cli_value : the option value.
- - (Object) threads=(threads)
-
- (Object) to_h
return Hash.
- - (Object) url=(url)
- - (Object) wordlist=(wordlist)
Constructor Details
- (WpscanOptions) initialize
A new instance of WpscanOptions
36 37 38 39 40 |
# File 'lib/wpscan/wpscan_options.rb', line 36 def initialize ACCESSOR_OPTIONS.each do |option| instance_variable_set("@#{option}", nil) end end |
Class Method Details
+ (Object) clean_option(option) (protected)
Will removed the '-' or '--' chars at the beginning of option and replace any remaining '-' by '_'
param string option return string
247 248 249 250 |
# File 'lib/wpscan/wpscan_options.rb', line 247 def self.clean_option(option) cleaned_option = option.gsub(/^--?/, '') cleaned_option.gsub(/-/, '_') end |
+ (Object) get_opt_long (protected)
Even if a short option is given (IE : -u), the long one will be returned (IE : --url)
216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 |
# File 'lib/wpscan/wpscan_options.rb', line 216 def self.get_opt_long GetoptLong.new( ['--url', '-u', GetoptLong::REQUIRED_ARGUMENT], ['--enumerate', '-e', GetoptLong::OPTIONAL_ARGUMENT], ['--username', '-U', GetoptLong::REQUIRED_ARGUMENT], ['--wordlist', '-w', GetoptLong::REQUIRED_ARGUMENT], ['--threads', '-t', GetoptLong::REQUIRED_ARGUMENT], ['--force', '-f', GetoptLong::NO_ARGUMENT], ['--help', '-h', GetoptLong::NO_ARGUMENT], ['--verbose', '-v', GetoptLong::NO_ARGUMENT], ['--proxy', GetoptLong::REQUIRED_ARGUMENT], ['--proxy-auth', GetoptLong::REQUIRED_ARGUMENT], ['--update', GetoptLong::NO_ARGUMENT], ['--follow-redirection', GetoptLong::NO_ARGUMENT], ['--wp-content-dir', GetoptLong::REQUIRED_ARGUMENT], ['--wp-plugins-dir', GetoptLong::REQUIRED_ARGUMENT], ['--config-file', '-c', GetoptLong::REQUIRED_ARGUMENT], ['--exclude-content-based', GetoptLong::REQUIRED_ARGUMENT], ['--basic-auth', GetoptLong::REQUIRED_ARGUMENT] ) end |
+ (Boolean) is_long_option?(option) (protected)
238 239 240 |
# File 'lib/wpscan/wpscan_options.rb', line 238 def self.is_long_option?(option) ACCESSOR_OPTIONS.include?(:#{WpscanOptions.clean_option(option)}") end |
+ (Object) load_from_arguments
Will load the options from ARGV return WpscanOptions
149 150 151 152 153 154 155 156 157 158 159 |
# File 'lib/wpscan/wpscan_options.rb', line 149 def self.load_from_arguments = WpscanOptions.new if ARGV.length > 0 WpscanOptions.get_opt_long.each do |opt, arg| .set_option_from_cli(opt, arg) end end end |
+ (Object) option_to_instance_variable_setter(option) (protected)
252 253 254 255 256 257 |
# File 'lib/wpscan/wpscan_options.rb', line 252 def self.option_to_instance_variable_setter(option) cleaned_option = WpscanOptions.clean_option(option) option_syms = ACCESSOR_OPTIONS.grep(%r{^#{cleaned_option}$}) option_syms.length == 1 ? :#{option_syms.at(0)}=" : nil end |
Instance Method Details
- (Object) basic_auth=(basic_auth)
124 125 126 127 |
# File 'lib/wpscan/wpscan_options.rb', line 124 def basic_auth=(basic_auth) raise 'Invalid basic authentication format, login:password expected' if basic_auth.index(':').nil? @basic_auth = "Basic #{Base64.encode64(basic_auth).chomp}" end |
- (Object) enumerate_all_plugins=(enumerate_all_plugins)
92 93 94 95 96 97 98 |
# File 'lib/wpscan/wpscan_options.rb', line 92 def enumerate_all_plugins=(enumerate_all_plugins) if enumerate_all_plugins === true and (@enumerate_plugins === true or @enumerate_only_vulnerable_plugins === true) raise 'Please choose only one plugin enumeration option' else @enumerate_all_plugins = enumerate_all_plugins end end |
- (Object) enumerate_all_themes=(enumerate_all_themes)
116 117 118 119 120 121 122 |
# File 'lib/wpscan/wpscan_options.rb', line 116 def enumerate_all_themes=(enumerate_all_themes) if enumerate_all_themes === true and (@enumerate_themes === true or @enumerate_only_vulnerable_themes === true) raise 'Please choose only one theme enumeration option' else @enumerate_all_themes = enumerate_all_themes end end |
- (Object) enumerate_only_vulnerable_plugins=(enumerate_only_vulnerable_plugins)
84 85 86 87 88 89 90 |
# File 'lib/wpscan/wpscan_options.rb', line 84 def enumerate_only_vulnerable_plugins=(enumerate_only_vulnerable_plugins) if enumerate_only_vulnerable_plugins === true and (@enumerate_all_plugins === true or @enumerate_plugins === true) raise 'Please choose only one plugin enumeration option' else @enumerate_only_vulnerable_plugins = enumerate_only_vulnerable_plugins end end |
- (Object) enumerate_only_vulnerable_themes=(enumerate_only_vulnerable_themes)
108 109 110 111 112 113 114 |
# File 'lib/wpscan/wpscan_options.rb', line 108 def enumerate_only_vulnerable_themes=(enumerate_only_vulnerable_themes) if enumerate_only_vulnerable_themes === true and (@enumerate_all_themes === true or @enumerate_themes === true) raise 'Please choose only one theme enumeration option' else @enumerate_only_vulnerable_themes = enumerate_only_vulnerable_themes end end |
- (Object) enumerate_options_from_string(value)
Will set enumerate_* from the string value IE : if value = vp => :enumerate_only_vulnerable_plugins will be set to true multiple enumeration are possible : 'u,p' => :enumerate_usernames and :enumerate_plugins Special case for usernames, a range is possible : u will enumerate usernames from 1 to 10
184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 |
# File 'lib/wpscan/wpscan_options.rb', line 184 def (value) # Usage of self is mandatory because there are overridden setters value = value.split(',').map { |c| c.downcase } self.enumerate_only_vulnerable_plugins = true if value.include?('vp') self.enumerate_plugins = true if value.include?('p') self.enumerate_all_plugins = true if value.include?('ap') @enumerate_timthumbs = true if value.include?('tt') self.enumerate_only_vulnerable_themes = true if value.include?('vt') self.enumerate_themes = true if value.include?('t') self.enumerate_all_themes = true if value.include?('at') value.grep(/^u/) do |username_enum_value| @enumerate_usernames = true # Check for usernames range matches = %r{\[([\d]+)-([\d]+)\]}.match(username_enum_value) if matches @enumerate_usernames_range = (matches[1].to_i..matches[2].to_i) end end end |
- (Object) enumerate_plugins=(enumerate_plugins)
76 77 78 79 80 81 82 |
# File 'lib/wpscan/wpscan_options.rb', line 76 def enumerate_plugins=(enumerate_plugins) if enumerate_plugins === true and (@enumerate_all_plugins === true or @enumerate_only_vulnerable_plugins === true) raise 'Please choose only one plugin enumeration option' else @enumerate_plugins = enumerate_plugins end end |
- (Object) enumerate_themes=(enumerate_themes)
100 101 102 103 104 105 106 |
# File 'lib/wpscan/wpscan_options.rb', line 100 def enumerate_themes=(enumerate_themes) if enumerate_themes === true and (@enumerate_all_themes === true or @enumerate_only_vulnerable_themes === true) raise 'Please choose only one theme enumeration option' else @enumerate_themes = enumerate_themes end end |
- (Boolean) has_options?
129 130 131 |
# File 'lib/wpscan/wpscan_options.rb', line 129 def !to_h.empty? end |
- (Object) proxy=(proxy)
60 61 62 63 64 65 66 |
# File 'lib/wpscan/wpscan_options.rb', line 60 def proxy=(proxy) if proxy.index(':') == nil raise 'Invalid proxy format. Should be host:port.' else @proxy = proxy end end |
- (Object) proxy_auth=(auth)
68 69 70 71 72 73 74 |
# File 'lib/wpscan/wpscan_options.rb', line 68 def proxy_auth=(auth) if auth.index(':') == nil raise 'Invalid proxy auth format, username:password expected' else @proxy_auth = auth end end |
- (Object) set_option_from_cli(cli_option, cli_value)
string cli_option : --url, -u, --proxy etc string cli_value : the option value
163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 |
# File 'lib/wpscan/wpscan_options.rb', line 163 def set_option_from_cli(cli_option, cli_value) if WpscanOptions.is_long_option?(cli_option) self.send( WpscanOptions.option_to_instance_variable_setter(cli_option), cli_value ) elsif cli_option === '--enumerate' # Special cases # Default value if no argument is given cli_value = 'vt,tt,u,vp' if cli_value.length == 0 (cli_value) else raise "Unknow option : #{cli_option} with value #{cli_value}" end end |
- (Object) threads=(threads)
48 49 50 |
# File 'lib/wpscan/wpscan_options.rb', line 48 def threads=(threads) @threads = threads.is_a?(Integer) ? threads : threads.to_i end |
- (Object) to_h
return Hash
134 135 136 137 138 139 140 141 142 143 144 145 |
# File 'lib/wpscan/wpscan_options.rb', line 134 def to_h = {} ACCESSOR_OPTIONS.each do |option| instance_variable = instance_variable_get("@#{option}") unless instance_variable.nil? [:#{option}"] = instance_variable end end end |
- (Object) url=(url)
42 43 44 45 46 |
# File 'lib/wpscan/wpscan_options.rb', line 42 def url=(url) raise 'Empty URL given' if !url @url = URI.parse(add_http_protocol(url)).to_s end |
- (Object) wordlist=(wordlist)
52 53 54 55 56 57 58 |
# File 'lib/wpscan/wpscan_options.rb', line 52 def wordlist=(wordlist) if File.exists?(wordlist) @wordlist = wordlist else raise "The file #{wordlist} does not exist" end end |