Class: WpTarget
- Inherits:
-
WebSite
- Object
- WebSite
- WpTarget
- Includes:
- Malwares, WpConfigBackup, WpCustomDirectories, WpFullPathDisclosure, WpLoginProtection, WpReadme, WpRegistrable
- Defined in:
- lib/wpscan/wp_target.rb,
lib/wpscan/wp_target/malwares.rb,
lib/wpscan/wp_target/wp_readme.rb,
lib/wpscan/wp_target/wp_registrable.rb,
lib/wpscan/wp_target/wp_config_backup.rb,
lib/wpscan/wp_target/wp_login_protection.rb,
lib/wpscan/wp_target/wp_custom_directories.rb,
lib/wpscan/wp_target/wp_full_path_disclosure.rb
Defined Under Namespace
Modules: Malwares, WpConfigBackup, WpCustomDirectories, WpFullPathDisclosure, WpLoginProtection, WpReadme, WpRegistrable
Constant Summary
Constant Summary
Constants included from WpLoginProtection
WpLoginProtection::LOGIN_PROTECTION_METHOD_PATTERN
Instance Attribute Summary (collapse)
-
- (Object) verbose
readonly
Returns the value of attribute verbose.
Attributes inherited from WebSite
Class Method Summary (collapse)
-
+ (Object) valid_response_codes
Valid HTTP return codes.
Instance Method Summary (collapse)
- - (String) debug_log_url
- - (Boolean) has_debug_log?
-
- (Boolean) has_plugin?(name, version = nil)
The version is not yet considerated.
-
- (WpTarget) initialize(target_url, options = {})
constructor
A new instance of WpTarget.
- - (Object) login_url
- - (Boolean) search_replace_db_2_exists?
-
- (String) search_replace_db_2_url
Script for replacing strings in wordpress databases reveals databse credentials after hitting submit interconnectit.com/124/search-and-replace-for-wordpress-databases/.
-
- (WpTheme) theme
:nocov:.
-
- (WpVersion) version(versions_xml)
:nocov:.
-
- (Boolean) wordpress?
check if the target website is actually running wordpress.
Methods included from WpFullPathDisclosure
#full_path_disclosure_url, #has_full_path_disclosure?
Methods included from WpCustomDirectories
#default_wp_content_dir_exists?, #wp_content_dir, #wp_plugins_dir, #wp_plugins_dir_exists?
Methods included from WpLoginProtection
#better_wp_security_url, #bluetrait_event_viewer_url, #has_better_wp_security_protection?, #has_bluetrait_event_viewer_protection?, #has_limit_login_attempts_protection?, #has_login_lock_protection?, #has_login_lockdown_protection?, #has_login_protection?, #has_login_security_solution_protection?, #has_simple_login_lockdown_protection?, #limit_login_attempts_url, #login_protection_plugin, #login_security_solution_url, #plugin_url, #simple_login_lockdown_url
Methods included from WpConfigBackup
#config_backup, config_backup_files
Methods included from WpRegistrable
#multisite?, #registration_enabled?, #registration_url
Methods included from WpReadme
Methods included from Malwares
#has_malwares?, malware_pattern, #malwares, malwares_file
Methods inherited from WebSite
#error_404_hash, #has_basic_auth?, has_log?, #has_robots?, #has_xml_rpc?, #homepage_hash, #online?, page_hash, #redirection, #robots_url, #rss_url, #url, #url=, #xml_rpc_url, #xml_rpc_url_from_body, #xml_rpc_url_from_headers
Constructor Details
- (WpTarget) initialize(target_url, options = {})
A new instance of WpTarget
23 24 25 26 27 28 29 30 31 32 |
# File 'lib/wpscan/wp_target.rb', line 23 def initialize(target_url, = {}) super(target_url) @verbose = [:verbose] @wp_content_dir = [:wp_content_dir] @wp_plugins_dir = [:wp_plugins_dir] @multisite = nil Browser.instance(.merge(:max_threads => [:threads])) end |
Instance Attribute Details
- (Object) verbose (readonly)
Returns the value of attribute verbose
21 22 23 |
# File 'lib/wpscan/wp_target.rb', line 21 def verbose @verbose end |
Class Method Details
+ (Object) valid_response_codes
Valid HTTP return codes
73 74 75 |
# File 'lib/wpscan/wp_target.rb', line 73 def self.valid_response_codes [200, 301, 302, 401, 403, 500, 400] end |
Instance Method Details
- (String) debug_log_url
115 116 117 |
# File 'lib/wpscan/wp_target.rb', line 115 def debug_log_url @uri.merge("#{wp_content_dir()}/debug.log").to_s end |
- (Boolean) has_debug_log?
110 111 112 |
# File 'lib/wpscan/wp_target.rb', line 110 def has_debug_log? WebSite.has_log?(debug_log_url, %r{\[[^\]]+\] PHP (?:Warning|Error|Notice):}) end |
- (Boolean) has_plugin?(name, version = nil)
The version is not yet considerated
99 100 101 102 103 104 105 106 107 |
# File 'lib/wpscan/wp_target.rb', line 99 def has_plugin?(name, version = nil) WpPlugin.new( @uri, name: name, version: version, wp_content_dir: wp_content_dir, wp_plugins_dir: wp_plugins_dir ).exists? end |
- (Object) login_url
60 61 62 63 64 65 66 67 68 69 70 |
# File 'lib/wpscan/wp_target.rb', line 60 def login_url url = @uri.merge('wp-login.php').to_s # Let's check if the login url is redirected (to https url for example) redirection = redirection(url) if redirection url = redirection end url end |
- (Boolean) search_replace_db_2_exists?
129 130 131 132 |
# File 'lib/wpscan/wp_target.rb', line 129 def search_replace_db_2_exists? resp = Browser.get(search_replace_db_2_url) resp.code == 200 && resp.body[%r{by interconnect}i] end |
- (String) search_replace_db_2_url
Script for replacing strings in wordpress databases reveals databse credentials after hitting submit interconnectit.com/124/search-and-replace-for-wordpress-databases/
124 125 126 |
# File 'lib/wpscan/wp_target.rb', line 124 def search_replace_db_2_url @uri.merge('searchreplacedb2.php').to_s end |
- (WpTheme) theme
:nocov:
79 80 81 |
# File 'lib/wpscan/wp_target.rb', line 79 def theme WpTheme.find(@uri) end |
- (WpVersion) version(versions_xml)
:nocov:
88 89 90 |
# File 'lib/wpscan/wp_target.rb', line 88 def version(versions_xml) WpVersion.find(@uri, wp_content_dir, wp_plugins_dir, versions_xml) end |
- (Boolean) wordpress?
check if the target website is actually running wordpress.
36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
# File 'lib/wpscan/wp_target.rb', line 36 def wordpress? wordpress = false response = Browser.get_and_follow_location(@uri.to_s) if response.body =~ /["'][^"']*\/wp-content\/[^"']*["']/i wordpress = true else response = Browser.get_and_follow_location(xml_rpc_url) if response.body =~ %r{XML-RPC server accepts POST requests only}i wordpress = true else response = Browser.get_and_follow_location(login_url) if response.code == 200 && response.body =~ %r{WordPress}i wordpress = true end end end wordpress end |