Module: WpTarget::Malwares

Included in:
WpTarget
Defined in:
lib/wpscan/wp_target/malwares.rb

Class Method Summary (collapse)

Instance Method Summary (collapse)

Class Method Details

+ (Object) malware_pattern(url_regex)



44
45
46
47
# File 'lib/wpscan/wp_target/malwares.rb', line 44

def self.malware_pattern(url_regex)
  # no need to escape regex here, because malware.txt contains regex
  %r{<(?:script|iframe).* src=(?:"|')(#{url_regex}[^"']*)(?:"|')[^>]*>}i
end

+ (Object) malwares_file(malwares_file_path)



40
41
42
# File 'lib/wpscan/wp_target/malwares.rb', line 40

def self.malwares_file(malwares_file_path)
  malwares_file_path || DATA_DIR + '/malwares.txt'
end

Instance Method Details

- (Boolean) has_malwares?(malwares_file_path = nil)

Returns:

  • (Boolean)


11
12
13
# File 'lib/wpscan/wp_target/malwares.rb', line 11

def has_malwares?(malwares_file_path = nil)
  !malwares(malwares_file_path).empty?
end

- (Object) malwares(malwares_file_path = nil)

return array of string (url of malwares found)



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# File 'lib/wpscan/wp_target/malwares.rb', line 16

def malwares(malwares_file_path = nil)
  unless @malwares
    malwares_found = []
    malwares_file = Malwares.malwares_file(malwares_file_path)
    index_page_body = Browser.get(@uri.to_s).body

    File.open(malwares_file, 'r') do |file|
      file.readlines.collect do |url|
        chomped_url = url.chomp

        if chomped_url.length > 0
          malwares_found += index_page_body.scan(Malwares.malware_pattern(chomped_url))
        end
      end
    end

    malwares_found.flatten!
    malwares_found.uniq!

    @malwares = malwares_found
  end
  @malwares
end