CoCalc -- known_filenames.rb

GitHub Repository: wpscanteam/wpscan
Path: blob/master/app/finders/config_backups/known_filenames.rb
⁴⁸⁵ views

1
# frozen_string_literal: true
2

3
module WPScan
4
  module Finders
5
    module ConfigBackups
6
      # Config Backup finder
7
      class KnownFilenames < CMSScanner::Finders::Finder
8
        include CMSScanner::Finders::Finder::Enumerator
9

10
        # @param [ Hash ] opts
11
        # @option opts [ String ] :list
12
        # @option opts [ Boolean ] :show_progression
13
        #
14
        # @return [ Array<ConfigBackup> ]
15
        def aggressive(opts = {})
16
          found = []
17

18
          enumerate(potential_urls(opts), opts.merge(check_full_response: 200)) do |res|
19
            next unless res.body =~ /define/i && res.body !~ /<\s?html/i
20

21
            found << Model::ConfigBackup.new(res.request.url, found_by: DIRECT_ACCESS, confidence: 100)
22
          end
23

24
          found
25
        end
26

27
        # @param [ Hash ] opts
28
        # @option opts [ String ] :list Mandatory
29
        #
30
        # @return [ Hash ]
31
        def potential_urls(opts = {})
32
          urls = {}
33

34
          File.open(opts[:list]).each_with_index do |file, index|
35
            urls[target.url(file.chomp)] = index
36
          end
37

38
          urls
39
        end
40

41
        def create_progress_bar(opts = {})
42
          super(opts.merge(title: ' Checking Config Backups -'))
43
        end
44
      end
45
    end
46
  end
47
end
48

49

Product

Resources

Company