class WpTarget

Attributes

verbose[R]

Public Class Methods

new(target_url, options = {}) click to toggle source
Calls superclass method WebSite.new
# File lib/wpscan/wp_target.rb, line 22
def initialize(target_url, options = {})
  super(target_url)

  @verbose        = options[:verbose]
  @wp_content_dir = options[:wp_content_dir]
  @wp_plugins_dir = options[:wp_plugins_dir]
  @multisite      = nil

  Browser.instance(options.merge(:max_threads => options[:threads]))
end
valid_response_codes() click to toggle source

Valid HTTP return codes

# File lib/wpscan/wp_target.rb, line 72
def self.valid_response_codes
  [200, 301, 302, 401, 403, 500, 400]
end

Public Instance Methods

debug_log_url() click to toggle source

@return [ String ]

# File lib/wpscan/wp_target.rb, line 114
def debug_log_url
  @uri.merge("#{wp_content_dir()}/debug.log").to_s
end
has_debug_log?() click to toggle source

@return [ Boolean ]

# File lib/wpscan/wp_target.rb, line 109
def has_debug_log?
  WebSite.has_log?(debug_log_url, %r{\[[^\]]+\] PHP (?:Warning|Error|Notice):})
end
has_plugin?(name, version = nil) click to toggle source

The version is not yet considerated

@param [ String ] name @param [ String ] version

@return [ Boolean ]

# File lib/wpscan/wp_target.rb, line 98
def has_plugin?(name, version = nil)
  WpPlugin.new(
    @uri,
    name: name,
    version: version,
    wp_content_dir: wp_content_dir,
    wp_plugins_dir: wp_plugins_dir
  ).exists?
end
login_url() click to toggle source
# File lib/wpscan/wp_target.rb, line 59
def login_url
  url = @uri.merge('wp-login.php').to_s

  # Let's check if the login url is redirected (to https url for example)
  redirection = redirection(url)
  if redirection
    url = redirection
  end

  url
end
search_replace_db_2_exists?() click to toggle source

@return [ Boolean ]

# File lib/wpscan/wp_target.rb, line 128
def search_replace_db_2_exists?
  resp = Browser.get(search_replace_db_2_url)
  resp.code == 200 && resp.body[%r{by interconnect}]
end
search_replace_db_2_url() click to toggle source

Script for replacing strings in wordpress databases reveals databse credentials after hitting submit interconnectit.com/124/search-and-replace-for-wordpress-databases/

@return [ String ]

# File lib/wpscan/wp_target.rb, line 123
def search_replace_db_2_url
  @uri.merge('searchreplacedb2.php').to_s
end
theme() click to toggle source

@return [ WpTheme ] :nocov:

# File lib/wpscan/wp_target.rb, line 78
def theme
  WpTheme.find(@uri)
end
version(versions_xml) click to toggle source

@param [ String ] versions_xml

@return [ WpVersion ] :nocov:

# File lib/wpscan/wp_target.rb, line 87
def version(versions_xml)
  WpVersion.find(@uri, wp_content_dir, wp_plugins_dir, versions_xml)
end
wordpress?() click to toggle source

check if the target website is actually running wordpress.

# File lib/wpscan/wp_target.rb, line 35
def wordpress?
  wordpress = false

  response = Browser.get_and_follow_location(@uri.to_s)

  if response.body =~ /["'][^"']*\/wp-content\/[^"']*["']/
    wordpress = true
  else
    response = Browser.get_and_follow_location(xml_rpc_url)

    if response.body =~ %r{XML-RPC server accepts POST requests only}
      wordpress = true
    else
      response = Browser.get_and_follow_location(login_url)

      if response.code == 200 && response.body =~ %r{WordPress}
        wordpress = true
      end
    end
  end

  wordpress
end