Sha256: 90023878db683bc7913469128ea882a74ef638baa165402c99d5e74b36885c73
Contents?: true
Size: 1.73 KB
Versions: 10
Compression:
Stored size: 1.73 KB
Contents
module CMSScanner
module Finders
module InterestingFile
# XML RPC finder
class XMLRPC < Finder
# @return [ Array<String> ] The potential urls to the XMl RPC file
def potential_urls
@potential_urls ||= []
end
# @return [ Array<XMLRPC> ]
def passive(opts = {})
[passive_headers(opts), passive_body(opts)].compact
end
# @return [ XMLRPC ]
def passive_headers(_opts = {})
url = NS::Browser.get(target.url).headers['X-Pingback']
return unless target.in_scope?(url)
potential_urls << url
NS::XMLRPC.new(url, confidence: 30, found_by: 'Headers (passive detection)')
end
# @return [ XMLRPC ]
def passive_body(_opts = {})
NS::Browser.get(target.url).html.css('link[rel="pingback"]').each do |tag|
url = tag.attribute('href').to_s
next unless target.in_scope?(url)
potential_urls << url
return NS::XMLRPC.new(url, confidence: 30,
found_by: 'Link Tag (passive detection)')
end
nil
end
# @return [ XMLRPC ]
def aggressive(_opts = {})
potential_urls << target.url('xmlrpc.php')
potential_urls.uniq.each do |potential_url|
next unless target.in_scope?(potential_url)
res = NS::Browser.get(potential_url)
next unless res && res.body =~ /XML-RPC server accepts POST requests only/i
return NS::XMLRPC.new(potential_url,
confidence: 100,
found_by: DIRECT_ACCESS)
end
nil
end
end
end
end
end
Version data entries
10 entries across 10 versions & 1 rubygems