Module: WpTarget::WpCustomDirectories
- Included in:
- WpTarget
- Defined in:
- lib/wpscan/wp_target/wp_custom_directories.rb
Instance Method Summary (collapse)
- - (Boolean) default_wp_content_dir_exists?
-
- (String) wp_content_dir
The wp-content directory.
-
- (String) wp_plugins_dir
The wp-plugins directory.
- - (Boolean) wp_plugins_dir_exists?
Instance Method Details
- (Boolean) default_wp_content_dir_exists?
24 25 26 27 28 29 30 31 32 33 |
# File 'lib/wpscan/wp_target/wp_custom_directories.rb', line 24 def default_wp_content_dir_exists? response = Browser.get(@uri.merge('wp-content').to_s) hash = Digest::MD5.hexdigest(response.body) if WpTarget.valid_response_codes.include?(response.code) return true if hash != error_404_hash and hash != homepage_hash end false end |
- (String) wp_content_dir
The wp-content directory
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
# File 'lib/wpscan/wp_target/wp_custom_directories.rb', line 7 def wp_content_dir unless @wp_content_dir index_body = Browser.get(@uri.to_s).body uri_path = @uri.path # Only use the path because domain can be text or an IP if index_body[/\/wp-content\/(?:themes|plugins)\//i] || default_wp_content_dir_exists? @wp_content_dir = 'wp-content' else domains_excluded = '(?:www\.)?(facebook|twitter)\.com' @wp_content_dir = index_body[/(?:href|src)\s*=\s*(?:"|').+#{Regexp.escape(uri_path)}((?!#{domains_excluded})[^"']+)\/(?:themes|plugins)\/.*(?:"|')/i, 1] end end @wp_content_dir end |
- (String) wp_plugins_dir
The wp-plugins directory
36 37 38 39 40 41 |
# File 'lib/wpscan/wp_target/wp_custom_directories.rb', line 36 def wp_plugins_dir unless @wp_plugins_dir @wp_plugins_dir = "#{wp_content_dir}/plugins" end @wp_plugins_dir end |
- (Boolean) wp_plugins_dir_exists?
44 45 46 |
# File 'lib/wpscan/wp_target/wp_custom_directories.rb', line 44 def wp_plugins_dir_exists? Browser.get(@uri.merge(wp_plugins_dir).to_s).code != 404 end |