# File lib/wpscan/wp_target/malwares.rb, line 43 def self.malware_pattern(url_regex) # no need to escape regex here, because malware.txt contains regex %r{<(?:script|iframe).* src=(?:"|')(#{url_regex}[^"']*)(?:"|')[^>]*>} end
# File lib/wpscan/wp_target/malwares.rb, line 39 def self.malwares_file(malwares_file_path) malwares_file_path || DATA_DIR + '/malwares.txt' end
# File lib/wpscan/wp_target/malwares.rb, line 10 def has_malwares?(malwares_file_path = nil) !malwares(malwares_file_path).empty? end
return array of string (url of malwares found)
# File lib/wpscan/wp_target/malwares.rb, line 15 def malwares(malwares_file_path = nil) unless @malwares malwares_found = [] malwares_file = Malwares.malwares_file(malwares_file_path) index_page_body = Browser.get(@uri.to_s).body File.open(malwares_file, 'r') do |file| file.readlines.collect do |url| chomped_url = url.chomp if chomped_url.length > 0 malwares_found += index_page_body.scan(Malwares.malware_pattern(chomped_url)) end end end malwares_found.flatten! malwares_found.uniq! @malwares = malwares_found end @malwares end