Sha256: ea2216dd73957b3ff1c653d0c428e0fab1bf3290229d9224e2eb9c529e3f83a0
Contents?: true
Size: 932 Bytes
Versions: 15
Compression:
Stored size: 932 Bytes
Contents
module WPScan
module Finders
module InterestingFindings
# Multisite checker
class Multisite < CMSScanner::Finders::Finder
# @return [ InterestingFinding ]
def aggressive(_opts = {})
url = target.url('wp-signup.php')
res = Browser.get(url)
location = res.headers_hash['location']
return unless [200, 302].include?(res.code)
return if res.code == 302 && location =~ /wp-login\.php\?action=register/
return unless res.code == 200 || res.code == 302 && location =~ /wp-signup\.php/
target.multisite = true
WPScan::InterestingFinding.new(
url,
confidence: 100,
found_by: DIRECT_ACCESS,
to_s: 'This site seems to be a multisite',
references: { url: 'http://codex.wordpress.org/Glossary#Multisite' }
)
end
end
end
end
end
Version data entries
15 entries across 15 versions & 1 rubygems