RubygemsResearch

Sha256: 7a2bde75566e4bd2d9c6a90f4e9102caae8193e642c9de6336b409103869872e

Contents?: true

Size: 1.04 KB

Versions: 7

Compression:

Stored size: 1.04 KB

module WPScan
  module Finders
    module Users
      # The YOAST SEO plugin has an author-sitemap.xml which can leak usernames
      # See https://github.com/wpscanteam/wpscan/issues/1228
      class YoastSeoAuthorSitemap < CMSScanner::Finders::Finder
        # @param [ Hash ] opts
        #
        # @return [ Array<User> ]
        def aggressive(_opts = {})
          found = []

          Browser.get(sitemap_url).html.xpath('//url/loc').each do |user_tag|
            username = user_tag.text.to_s[%r{/author/([^\/]+)/}, 1]

            next unless username && !username.strip.empty?

            found << CMSScanner::User.new(username,
                                          found_by: found_by,
                                          confidence: 100,
                                          interesting_entries: [sitemap_url])
          end

          found
        end

        # @return [ String ] The URL of the author-sitemap
        def sitemap_url
          @sitemap_url ||= target.url('author-sitemap.xml')
        end
      end
    end
  end
end

Version data entries

7 entries across 7 versions & 1 rubygems

Version	Path
wpscan-3.4.5	app/finders/users/yoast_seo_author_sitemap.rb
wpscan-3.4.4	app/finders/users/yoast_seo_author_sitemap.rb
wpscan-3.4.3	app/finders/users/yoast_seo_author_sitemap.rb
wpscan-3.4.2	app/finders/users/yoast_seo_author_sitemap.rb
wpscan-3.4.1	app/finders/users/yoast_seo_author_sitemap.rb
wpscan-3.4.0	app/finders/users/yoast_seo_author_sitemap.rb
wpscan-3.3.3	app/finders/users/yoast_seo_author_sitemap.rb