Sha256: 6e604f22c6d74ec3e607e2b5b20e7141e88cf7de5f618745501a3fdd1a1dc235

Contents?: true

Size: 722 Bytes

Versions: 5

Compression:

Stored size: 722 Bytes

Contents

module WPScan
  module Finders
    module InterestingFindings
      # Full Path Disclosure finder
      class FullPathDisclosure < CMSScanner::Finders::Finder
        # @return [ InterestingFinding ]
        def aggressive(_opts = {})
          path        = 'wp-includes/rss-functions.php'
          fpd_entries = target.full_path_disclosure_entries(path)

          return if fpd_entries.empty?

          WPScan::FullPathDisclosure.new(
            target.url(path),
            confidence: 100,
            found_by: DIRECT_ACCESS,
            interesting_entries: fpd_entries,
            references: { url: 'https://www.owasp.org/index.php/Full_Path_Disclosure' }
          )
        end
      end
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
wpscan-3.4.5 app/finders/interesting_findings/full_path_disclosure.rb
wpscan-3.4.4 app/finders/interesting_findings/full_path_disclosure.rb
wpscan-3.4.3 app/finders/interesting_findings/full_path_disclosure.rb
wpscan-3.4.2 app/finders/interesting_findings/full_path_disclosure.rb
wpscan-3.4.1 app/finders/interesting_findings/full_path_disclosure.rb