RubygemsResearch

Sha256: e936a61f0d0d471d4364e5b3b1c50444e9d85e5b33e88e57b5f06c20b217d7d2

Contents?: true

Size: 1.12 KB

Versions: 8

Compression:

Stored size: 1.12 KB

module WPScan
  module Finders
    module Medias
      # Medias Finder, see https://github.com/wpscanteam/wpscan/issues/172
      class AttachmentBruteForcing < CMSScanner::Finders::Finder
        include CMSScanner::Finders::Finder::Enumerator

        # @param [ Hash ] opts
        # @option opts [ Range ] :range Mandatory
        #
        # @return [ Array<Media> ]
        def aggressive(opts = {})
          found = []

          enumerate(target_urls(opts), opts) do |res|
            next unless res.code == 200

            found << WPScan::Media.new(res.effective_url, opts.merge(found_by: found_by, confidence: 100))
          end

          found
        end

        # @param [ Hash ] opts
        # @option opts [ Range ] :range Mandatory
        #
        # @return [ Hash ]
        def target_urls(opts = {})
          urls = {}

          opts[:range].each do |id|
            urls[target.uri.join("?attachment_id=#{id}").to_s] = id
          end

          urls
        end

        def create_progress_bar(opts = {})
          super(opts.merge(title: ' Brute Forcing Attachment IDs -'))
        end
      end
    end
  end
end

Version data entries

8 entries across 8 versions & 1 rubygems

Version	Path
wpscan-3.4.5	app/finders/medias/attachment_brute_forcing.rb
wpscan-3.4.4	app/finders/medias/attachment_brute_forcing.rb
wpscan-3.4.3	app/finders/medias/attachment_brute_forcing.rb
wpscan-3.4.2	app/finders/medias/attachment_brute_forcing.rb
wpscan-3.4.1	app/finders/medias/attachment_brute_forcing.rb
wpscan-3.4.0	app/finders/medias/attachment_brute_forcing.rb
wpscan-3.3.3	app/finders/medias/attachment_brute_forcing.rb
wpscan-3.3.2	app/finders/medias/attachment_brute_forcing.rb