Contents

module WPScan
  module Finders
    module TimthumbVersion
      # Timthumb Version Finder from the body of a bad request
      # See https://code.google.com/p/timthumb/source/browse/trunk/timthumb.php#435
      class BadRequest < CMSScanner::Finders::Finder
        # @return [ Version ]
        def aggressive(_opts = {})
          return unless Browser.get(target.url).body =~ /(TimThumb version\s*: ([^<]+))/

          WPScan::Version.new(
            Regexp.last_match[2],
            found_by: 'Bad Request (Aggressive Detection)',
            confidence: 90,
            interesting_entries: ["#{target.url}, Match: '#{Regexp.last_match[1]}'"]
          )
        end
      end
    end
  end
end

Version data entries

22 entries across 22 versions & 1 rubygems

Version	Path
wpscan-3.4.5	app/finders/timthumb_version/bad_request.rb
wpscan-3.4.4	app/finders/timthumb_version/bad_request.rb
wpscan-3.4.3	app/finders/timthumb_version/bad_request.rb
wpscan-3.4.2	app/finders/timthumb_version/bad_request.rb
wpscan-3.4.1	app/finders/timthumb_version/bad_request.rb
wpscan-3.4.0	app/finders/timthumb_version/bad_request.rb
wpscan-3.3.3	app/finders/timthumb_version/bad_request.rb
wpscan-3.3.2	app/finders/timthumb_version/bad_request.rb
wpscan-3.3.1	app/finders/timthumb_version/bad_request.rb
wpscan-3.3.0	app/finders/timthumb_version/bad_request.rb
wpscan-3.2.1	app/finders/timthumb_version/bad_request.rb
wpscan-3.2.0	app/finders/timthumb_version/bad_request.rb
wpscan-3.1.0	app/finders/timthumb_version/bad_request.rb
wpscan-3.0.8	app/finders/timthumb_version/bad_request.rb
wpscan-3.0.7	app/finders/timthumb_version/bad_request.rb
wpscan-3.0.6	app/finders/timthumb_version/bad_request.rb
wpscan-3.0.5	app/finders/timthumb_version/bad_request.rb
wpscan-3.0.4	app/finders/timthumb_version/bad_request.rb
wpscan-3.0.3	app/finders/timthumb_version/bad_request.rb
wpscan-3.0.2	app/finders/timthumb_version/bad_request.rb