1
# frozen_string_literal: true
2

3
module WPScan
4
  module Finders
5
    module WpVersion
6
      # RDF Generator Version Finder
7
      class RDFGenerator < CMSScanner::Finders::Finder
8
        include Finder::WpVersion::SmartURLChecker
9

10
        def process_urls(urls, _opts = {})
11
          found = Findings.new
12

13
          urls.each do |url|
14
            res = Browser.get_and_follow_location(url)
15

16
            res.html.xpath('//generatoragent').each do |node|
17
              next unless node['rdf:resource'] =~ %r{\Ahttps?://wordpress\.(?:[a-z.]+)/\?v=(.*)\z}i
18

19
              found << create_version(
20
                Regexp.last_match[1],
21
                found_by: found_by,
22
                entries: ["#{res.effective_url}, #{node.to_s.strip}"]
23
              )
24
            end
25
          end
26

27
          found
28
        end
29

30
        def passive_urls_xpath
31
          '//a[contains(@href, "/rdf")]/@href'
32
        end
33

34
        def aggressive_urls(_opts = {})
35
          [target.url('feed/rdf/')]
36
        end
37
      end
38
    end
39
  end
40
end
41

42