1
# frozen_string_literal: true
2

3
module WPScan
4
  module Model
5
    # Custom class to include the WPScan::References module
6
    class InterestingFinding < CMSScanner::Model::InterestingFinding
7
      include References
8
    end
9

10
    class BackupDB < InterestingFinding
11
      def to_s
12
        @to_s ||= "A backup directory has been found: #{url}"
13
      end
14

15
      # @return [ Hash ]
16
      def references
17
        @references ||= { url: ['https://github.com/wpscanteam/wpscan/issues/422'] }
18
      end
19
    end
20

21
    class DebugLog < InterestingFinding
22
      def to_s
23
        @to_s ||= "Debug Log found: #{url}"
24
      end
25

26
      # @ return [ Hash ]
27
      def references
28
        @references ||= { url: ['https://codex.wordpress.org/Debugging_in_WordPress'] }
29
      end
30
    end
31

32
    class DuplicatorInstallerLog < InterestingFinding
33
      # @return [ Hash ]
34
      def references
35
        @references ||= { url: ['https://www.exploit-db.com/ghdb/3981/'] }
36
      end
37
    end
38

39
    class EmergencyPwdResetScript < InterestingFinding
40
      def references
41
        @references ||= {
42
          url: ['https://codex.wordpress.org/Resetting_Your_Password#Using_the_Emergency_Password_Reset_Script']
43
        }
44
      end
45
    end
46

47
    class FullPathDisclosure < InterestingFinding
48
      def to_s
49
        @to_s ||= "Full Path Disclosure found: #{url}"
50
      end
51

52
      # @return [ Hash ]
53
      def references
54
        @references ||= { url: ['https://www.owasp.org/index.php/Full_Path_Disclosure'] }
55
      end
56
    end
57

58
    class MuPlugins < InterestingFinding
59
      # @return [ String ]
60
      def to_s
61
        @to_s ||= "This site has 'Must Use Plugins': #{url}"
62
      end
63

64
      # @return [ Hash ]
65
      def references
66
        @references ||= { url: ['http://codex.wordpress.org/Must_Use_Plugins'] }
67
      end
68
    end
69

70
    class Multisite < InterestingFinding
71
      # @return [ String ]
72
      def to_s
73
        @to_s ||= 'This site seems to be a multisite'
74
      end
75

76
      # @return [ Hash ]
77
      def references
78
        @references ||= { url: ['http://codex.wordpress.org/Glossary#Multisite'] }
79
      end
80
    end
81

82
    class Readme < InterestingFinding
83
      def to_s
84
        @to_s ||= "WordPress readme found: #{url}"
85
      end
86
    end
87

88
    class Registration < InterestingFinding
89
      # @return [ String ]
90
      def to_s
91
        @to_s ||= "Registration is enabled: #{url}"
92
      end
93
    end
94

95
    class TmmDbMigrate < InterestingFinding
96
      def to_s
97
        @to_s ||= "ThemeMakers migration file found: #{url}"
98
      end
99

100
      # @return [ Hash ]
101
      def references
102
        @references ||= { packetstorm: [131_957] }
103
      end
104
    end
105

106
    class UploadDirectoryListing < InterestingFinding
107
      # @return [ String ]
108
      def to_s
109
        @to_s ||= "Upload directory has listing enabled: #{url}"
110
      end
111
    end
112

113
    class UploadSQLDump < InterestingFinding
114
      def to_s
115
        @to_s ||= "SQL Dump found: #{url}"
116
      end
117
    end
118

119
    class WPCron < InterestingFinding
120
      # @return [ String ]
121
      def to_s
122
        @to_s ||= "The external WP-Cron seems to be enabled: #{url}"
123
      end
124

125
      # @return [ Hash ]
126
      def references
127
        @references ||= {
128
          url: [
129
            'https://www.iplocation.net/defend-wordpress-from-ddos',
130
            'https://github.com/wpscanteam/wpscan/issues/1299'
131
          ]
132
        }
133
      end
134
    end
135

136
    class PHPDisabled < InterestingFinding
137
      # @return [ String ]
138
      def to_s
139
        @to_s ||= 'PHP seems to be disabled'
140
      end
141

142
      # @return [ Hash ]
143
      def references
144
        @references ||= {
145
          url: ['https://github.com/wpscanteam/wpscan/issues/1593']
146
        }
147
      end
148
    end
149
  end
150
end
151

152