1
# frozen_string_literal: true
2

3
module WPScan
4
  module Finders
5
    module InterestingFindings
6
      # Registration Enabled checker
7
      class Registration < CMSScanner::Finders::Finder
8
        # @return [ InterestingFinding ]
9
        def passive(_opts = {})
10
          # Maybe check in the homepage if there is the registration url ?
11
        end
12

13
        # @return [ InterestingFinding ]
14
        def aggressive(_opts = {})
15
          res = Browser.get_and_follow_location(target.registration_url)
16

17
          return unless res.code == 200
18
          return if res.html.css('form#setupform').empty? &&
19
                    res.html.css('form#registerform').empty?
20

21
          target.registration_enabled = true
22

23
          Model::Registration.new(res.effective_url, confidence: 100, found_by: DIRECT_ACCESS)
24
        end
25
      end
26
    end
27
  end
28
end
29

30