Class: WPScan::Finders::Plugins::KnownLocations

Inherits:

Finder

• Object
• Finder
• WPScan::Finders::Plugins::KnownLocations

Includes:

Finder::Enumerator

Defined in:

app/finders/plugins/known_locations.rb

Overview

Known Locations Plugins Finder

Constant Summary

Constants inherited from Finder

Finder::DIRECT_ACCESS

Instance Attribute Summary

Attributes inherited from Finder

#progress_bar, #target

Instance Method Summary

• #aggressive(opts = {}) ⇒ Array<Plugin>

  Items appended this call (empty when already streamed into opts to avoid double-appending).

• #create_progress_bar(opts = {}) ⇒ Object
• #target_urls(opts = {}) ⇒ Hash
• #valid_response_codes ⇒ Array<Integer>

Methods included from Finder::Enumerator

#enumerate, #full_request_params, #head_or_get_request_params, #maybe_get_full_response

Methods inherited from Finder

#browser, #found_by, #hydra, #initialize, #passive, #titleize

Constructor Details

This class inherits a constructor from WPScan::Finders::Finder

Instance Method Details

#aggressive(opts = {}) ⇒ Array<Plugin>

Returns Items appended this call (empty when already streamed into opts to avoid double-appending).

Parameters:

• opts (Hash) (defaults to: {})

Options Hash (opts):

• :list (String)
• :found (Findings) —

  Shared findings collection passed by BaseFinders#run_finder. We append directly into it as each plugin is detected so that Findings#on_append fires during the hydra run, enabling streaming output. Falls back to a local array when called outside the framework (e.g. directly from specs).

Returns:

• (Array<Plugin>) —

  Items appended this call (empty when already streamed into opts to avoid double-appending).

# File 'app/finders/plugins/known_locations.rb', line 25

def aggressive(opts = {})
  shared = opts[:found]
  local  = shared ? nil : []
  count  = 0

  enumerate(target_urls(opts), opts.merge(check_full_response: true)) do |res, slug|
    finding_opts = opts.merge(found_by: found_by,
                              confidence: 80,
                              interesting_entries: ["#{res.effective_url}, status: #{res.code}"])

    plugin = Model::Plugin.new(slug, target, finding_opts)
    (shared || local) << plugin
    count += 1

    raise Error::PluginsThresholdReached if opts[:threshold].positive? && count >= opts[:threshold]
  end

  local || []
end

#create_progress_bar(opts = {}) ⇒ Object

# File 'app/finders/plugins/known_locations.rb', line 60

def create_progress_bar(opts = {})
  super(opts.merge(title: ' Checking Known Locations -'))
end

#target_urls(opts = {}) ⇒ Hash

Parameters:

• opts (Hash) (defaults to: {})

Options Hash (opts):

• :list (String)

Returns:

• (Hash)

# File 'app/finders/plugins/known_locations.rb', line 49

def target_urls(opts = {})
  slugs       = opts[:list] || DB::Plugins.vulnerable_slugs
  urls        = {}

  slugs.each do |slug|
    urls[target.plugin_url(slug)] = slug
  end

  urls
end

#valid_response_codes ⇒ Array<Integer>

Returns:

• (Array<Integer>)

# File 'app/finders/plugins/known_locations.rb', line 11

def valid_response_codes
  @valid_response_codes ||= [200, 401, 403, 500].freeze
end