Sha256: 843d95c90275ca8e24b17f458d71c0c330f7fcefbba816ee03c4c46cdaf4a8c1

Contents?: true

Size: 783 Bytes

Versions: 9

Compression:

Stored size: 783 Bytes

Contents

# frozen_string_literal: true

module WPScan
  module Finders
    module InterestingFindings
      # Multisite checker
      class Multisite < CMSScanner::Finders::Finder
        # @return [ InterestingFinding ]
        def aggressive(_opts = {})
          url      = target.url('wp-signup.php')
          res      = Browser.get(url)
          location = res.headers_hash['location']

          return unless [200, 302].include?(res.code)
          return if res.code == 302 && location&.include?('wp-login.php?action=register')
          return unless res.code == 200 || (res.code == 302 && location&.include?('wp-signup.php'))

          target.multisite = true

          Model::Multisite.new(url, confidence: 100, found_by: DIRECT_ACCESS)
        end
      end
    end
  end
end

Version data entries

9 entries across 9 versions & 1 rubygems

Version Path
wpscan-3.8.28 app/finders/interesting_findings/multisite.rb
wpscan-3.8.27 app/finders/interesting_findings/multisite.rb
wpscan-3.8.26 app/finders/interesting_findings/multisite.rb
wpscan-3.8.25 app/finders/interesting_findings/multisite.rb
wpscan-3.8.24 app/finders/interesting_findings/multisite.rb
wpscan-3.8.22 app/finders/interesting_findings/multisite.rb
wpscan-3.8.21 app/finders/interesting_findings/multisite.rb
wpscan-3.8.20 app/finders/interesting_findings/multisite.rb
wpscan-3.8.19 app/finders/interesting_findings/multisite.rb