Sha256: 421a9e22cef4bebea9f806f11a477a88ce7678f599ef49f8ab677a8dfa47f556
Contents?: true
Size: 1.55 KB
Versions: 2
Compression:
Stored size: 1.55 KB
Contents
module WPScan
module Finders
module WpVersion
# Stylesheets Version Finder from Homepage
#
# TODO: Maybe put such methods in the CMSScanner to have a generic
# way of getting those versions, and allow the confidence to be
# customised
class HomepageStylesheetNumbers < CMSScanner::Finders::Finder
# @return [ Array<WpVersion> ]
def passive(_opts = {})
wp_versions(target.homepage_url)
end
protected
# @param [ String ] url
#
# @return [ Array<WpVersion> ]
def wp_versions(url)
found = []
scan_page(url).each do |version_number, occurences|
next unless WPScan::WpVersion.valid?(version_number) # Skip invalid versions
found << WPScan::WpVersion.new(
version_number,
found_by: found_by,
confidence: 5 * occurences.count,
interesting_entries: occurences
)
end
found
end
# @param [ String ] url
#
# @return [ Hash ]
def scan_page(url)
found = {}
pattern = /\bver=([0-9\.]+)/i
target.in_scope_urls(Browser.get(url), '//link|//script') do |stylesheet_url, _tag|
uri = Addressable::URI.parse(stylesheet_url)
next unless uri.query&.match(pattern)
version = Regexp.last_match[1].to_s
found[version] ||= []
found[version] << stylesheet_url
end
found
end
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| wpscan-3.0.8 | app/finders/wp_version/homepage_stylesheet_numbers.rb |
| wpscan-3.0.7 | app/finders/wp_version/homepage_stylesheet_numbers.rb |