Class: WPScan::Finders::InterestingFindings::Multisite

Inherits:
Finder
  • Object
show all
Defined in:
app/finders/interesting_findings/multisite.rb

Overview

Multisite checker

Constant Summary

Constants inherited from Finder

Finder::DIRECT_ACCESS

Instance Attribute Summary

Attributes inherited from Finder

#progress_bar, #target

Instance Method Summary collapse

Methods inherited from Finder

#browser, #create_progress_bar, #found_by, #hydra, #initialize, #passive, #titleize

Constructor Details

This class inherits a constructor from WPScan::Finders::Finder

Instance Method Details

#aggressive(_opts = {}) ⇒ InterestingFinding

Returns:

  • (InterestingFinding) 


9
10
11
12
13
14
15
16
17
18
19
20
21
 
# File 'app/finders/interesting_findings/multisite.rb', line 9

def aggressive(_opts = {})
  url      = target.url('wp-signup.php')
  res      = Browser.get(url)
  location = res.headers_hash['location']

  return unless [200, 302].include?(res.code)
  return if res.code == 302 && location&.include?('wp-login.php?action=register')
  return unless res.code == 200 || (res.code == 302 && location&.include?('wp-signup.php'))

  target.multisite = true

  Model::Multisite.new(url, confidence: 100, found_by: DIRECT_ACCESS)
end