Sha256: f29ad45acb17b053850f132f2323d6fcbbde4ce961741396e82df22dcbc7dbbc
Contents?: true
Size: 1.51 KB
Versions: 7
Compression:
Stored size: 1.51 KB
Contents
module WPScan module Finders module InterestingFindings # Must Use Plugins Directory checker class MuPlugins < CMSScanner::Finders::Finder # @return [ InterestingFinding ] def passive(_opts = {}) pattern = %r{#{target.content_dir}/mu\-plugins/}i target.in_scope_urls(target.homepage_res) do |url| next unless Addressable::URI.parse(url).path =~ pattern url = target.url('wp-content/mu-plugins/') return WPScan::MuPlugins.new( url, confidence: 70, found_by: 'URLs In Homepage (Passive Detection)', to_s: "This site has 'Must Use Plugins': #{url}", references: { url: 'http://codex.wordpress.org/Must_Use_Plugins' } ) end nil end # @return [ InterestingFinding ] def aggressive(_opts = {}) url = target.url('wp-content/mu-plugins/') res = Browser.get_and_follow_location(url) return unless [200, 401, 403].include?(res.code) return if target.homepage_or_404?(res) # TODO: add the check for --exclude-content once implemented ? target.mu_plugins = true WPScan::MuPlugins.new( url, confidence: 80, found_by: DIRECT_ACCESS, to_s: "This site has 'Must Use Plugins': #{url}", references: { url: 'http://codex.wordpress.org/Must_Use_Plugins' } ) end end end end end
Version data entries
7 entries across 7 versions & 1 rubygems