CoCalc -- known_locations.rb

GitHub Repository: wpscanteam/wpscan
Path: blob/master/app/finders/plugins/known_locations.rb
⁴⁸⁵ views
1
# frozen_string_literal: true
2

3
module WPScan
4
  module Finders
5
    module Plugins
6
      # Known Locations Plugins Finder
7
      class KnownLocations < CMSScanner::Finders::Finder
8
        include CMSScanner::Finders::Finder::Enumerator
9

10
        # @return [ Array<Integer> ]
11
        def valid_response_codes
12
          @valid_response_codes ||= [200, 401, 403, 500].freeze
13
        end
14

15
        # @param [ Hash ] opts
16
        # @option opts [ String ] :list
17
        #
18
        # @return [ Array<Plugin> ]
19
        def aggressive(opts = {})
20
          found = []
21

22
          enumerate(target_urls(opts), opts.merge(check_full_response: true)) do |res, slug|
23
            finding_opts = opts.merge(found_by: found_by,
24
                                      confidence: 80,
25
                                      interesting_entries: ["#{res.effective_url}, status: #{res.code}"])
26

27
            found << Model::Plugin.new(slug, target, finding_opts)
28

29
            raise Error::PluginsThresholdReached if opts[:threshold].positive? && found.size >= opts[:threshold]
30
          end
31

32
          found
33
        end
34

35
        # @param [ Hash ] opts
36
        # @option opts [ String ] :list
37
        #
38
        # @return [ Hash ]
39
        def target_urls(opts = {})
40
          slugs       = opts[:list] || DB::Plugins.vulnerable_slugs
41
          urls        = {}
42

43
          slugs.each do |slug|
44
            urls[target.plugin_url(slug)] = slug
45
          end
46

47
          urls
48
        end
49

50
        def create_progress_bar(opts = {})
51
          super(opts.merge(title: ' Checking Known Locations -'))
52
        end
53
      end
54
    end
55
  end
56
end
57

58
Product

Resources

Company
