Sha256: 951419256166f35bd8ce2189a7d06936b75a4b0dcd70fcc7859cb87ab793c6a9
Contents?: true
Size: 1.21 KB
Versions: 3
Compression:
Stored size: 1.21 KB
Contents
module WPScan
module Finders
module WpVersion
# RSS Generator Version Finder
class RSSGenerator < CMSScanner::Finders::Finder
include Finder::WpVersion::SmartURLChecker
def process_urls(urls, _opts = {})
found = Findings.new
urls.each do |url|
res = Browser.get_and_follow_location(url)
res.html.xpath('//comment()[contains(., "wordpress")] | //generator').each do |node|
node_text = node.text.to_s.strip
next unless node_text =~ %r{\Ahttps?://wordpress\.(?:[a-z]+)/\?v=(.*)\z}i ||
node_text =~ %r{\Agenerator="wordpress/([^"]+)"\z}i
found << create_version(
Regexp.last_match[1],
found_by: found_by,
entries: ["#{res.effective_url}, #{node}"]
)
end
end
found
end
def passive_urls_xpath
'//link[@rel="alternate" and @type="application/rss+xml"]'
end
def aggressive_urls(_opts = {})
%w(feed/ comments/feed/ feed/rss/ feed/rss2/).reduce([]) do |a, uri|
a << target.url(uri)
end
end
end
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| wpscan-3.0.2 | app/finders/wp_version/rss_generator.rb |
| wpscan-3.0.1 | app/finders/wp_version/rss_generator.rb |
| wpscan-3.0 | app/finders/wp_version/rss_generator.rb |