wpscan 3.0.5 → 3.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/brute_force.rb +5 -13
  3. data/app/controllers/core.rb +0 -2
  4. data/app/controllers/enumeration.rb +1 -1
  5. data/app/controllers/enumeration/cli_options.rb +5 -6
  6. data/app/controllers/enumeration/enum_methods.rb +2 -2
  7. data/app/finders/users/login_error_messages.rb +1 -3
  8. data/app/finders/wp_version/unique_fingerprinting.rb +1 -35
  9. data/app/models/wp_item.rb +2 -2
  10. data/app/models/wp_version.rb +8 -2
  11. data/lib/wpscan.rb +1 -0
  12. data/lib/wpscan/db.rb +1 -19
  13. data/lib/wpscan/db/dynamic_finders.rb +2 -10
  14. data/lib/wpscan/db/fingerprints.rb +50 -0
  15. data/lib/wpscan/db/updater.rb +13 -1
  16. data/lib/wpscan/version.rb +1 -1
  17. metadata +7 -63
  18. data/lib/wpscan/db/schema.rb +0 -39
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d9fd4bc758b868aa36848d44911b54335efdaefc
4
- data.tar.gz: e02f0a0f89271384cd00a1d9ab760205c5bd1837
3
+ metadata.gz: 798d7f0db156c00bfee19eb7f540ffd6a1884ef1
4
+ data.tar.gz: 89eba229e55e42aa5629e76a8f6ca38e6e1a36a8
5
5
  SHA512:
6
- metadata.gz: 955e80f693240687635f34d3b7081a302c452511e6d4191624edae196b7395f08759206b9aefc56f95449eccd5bdb9b91e6e48b613d9a27c681e1370759ed6bd
7
- data.tar.gz: 9944fa88fba74980f74df6225dd47a2cf2d419eb02da52cf844f296ab729b58a3c7d747d623614bd950832a680352d5fbd9de0c3d0eb0e8dddae3bf46c17a57f
6
+ metadata.gz: 8af7943d9c8ed54283853d0c9a89d397847d66262f53888c820f177cbc3d86642b6eba9131955cc3fe4406632a38c4fd61b765ac25cee578ae239a637f70a4ea
7
+ data.tar.gz: 2d356dcfe246a074bc47fd24a4e8bb7b52e253d47a6a0c491b6ff7a6912d283fabb0db7a495c0a1ab03ca7011699c09031e4664b02e6a0811a50732f63b4702e
data/app/controllers/brute_force.rb CHANGED
@@ -10,11 +10,7 @@ module WPScan
10
10
  'If no --username/s option supplied, user enumeration will be run'],
11
11
  exists: true
12
12
  ),
13
- OptString.new(['--username USERNAME', '-u', 'The username to brute force']),
14
- OptFilePath.new(
15
- ['--usernames FILE-PATH', '-U', 'List of usernames to use during the brute forcing'],
16
- exists: true
17
- )
13
+ OptSmartList.new(['--usernames LIST', '-U', 'List of usernames to use during the brute forcing'])
18
14
  ]
19
15
  end
20
16
 
@@ -36,14 +32,10 @@ module WPScan
36
32
 
37
33
  # @return [ Array<Users> ] The users to brute force
38
34
  def users
39
- return target.users unless parsed_options[:usernames] || parsed_options[:username]
35
+ return target.users unless parsed_options[:usernames]
40
36
 
41
- if parsed_options[:username]
42
- [User.new(parsed_options[:username])]
43
- else
44
- File.open(parsed_options[:usernames]).reduce([]) do |acc, elem|
45
- acc << User.new(elem.chomp)
46
- end
37
+ parsed_options[:usernames].reduce([]) do |acc, elem|
38
+ acc << User.new(elem.chomp)
47
39
  end
48
40
  end
49
41
 
@@ -89,7 +81,7 @@ module WPScan
89
81
  def progress_bar(size, username)
90
82
  ProgressBar.create(
91
83
  format: '%t %a <%B> (%c / %C) %P%% %e',
92
- title: "Brute Forcing #{username}",
84
+ title: "Brute Forcing #{username} -",
93
85
  total: size
94
86
  )
95
87
  end
data/app/controllers/core.rb CHANGED
@@ -52,8 +52,6 @@ module WPScan
52
52
 
53
53
  super(false) # disable banner output
54
54
 
55
- DB.init_db
56
-
57
55
  load_server_module
58
56
 
59
57
  check_wordpress_state
data/app/controllers/enumeration.rb CHANGED
@@ -31,7 +31,7 @@ module WPScan
31
31
  def create_plugins_comments_finders(mod, config)
32
32
  mod.const_set(
33
33
  :Comments, Class.new(Finders::Finder::PluginVersion::Comments) do
34
- const_set(:PATTERN, Regexp.new(config['pattern'], Regexp::IGNORECASE))
34
+ const_set(:PATTERN, config['pattern'])
35
35
  end
36
36
  )
37
37
  end
data/app/controllers/enumeration/cli_options.rb CHANGED
@@ -42,7 +42,7 @@ module WPScan
42
42
  # @return [ Array<OptParseValidator::OptBase> ]
43
43
  def cli_plugins_opts
44
44
  [
45
- OptFilePath.new(['--plugins-list FILE-PATH', 'List of plugins\' location to use'], exists: true),
45
+ OptSmartList.new(['--plugins-list LIST', 'List of plugins to enumerate']),
46
46
  OptChoice.new(
47
47
  ['--plugins-detection MODE',
48
48
  'Use the supplied mode to enumerate Plugins, instead of the global (--detection-mode) mode.'],
@@ -65,7 +65,7 @@ module WPScan
65
65
  # @return [ Array<OptParseValidator::OptBase> ]
66
66
  def cli_themes_opts
67
67
  [
68
- OptFilePath.new(['--themes-list FILE-PATH', 'List of themes\' location to use'], exists: true),
68
+ OptSmartList.new(['--themes-list LIST', 'List of themes to enumerate']),
69
69
  OptChoice.new(
70
70
  ['--themes-detection MODE',
71
71
  'Use the supplied mode to enumerate Themes, instead of the global (--detection-mode) mode.'],
@@ -129,10 +129,9 @@ module WPScan
129
129
  # @return [ Array<OptParseValidator::OptBase> ]
130
130
  def cli_users_opts
131
131
  [
132
- OptFilePath.new(
133
- ['--users-list FILE-PATH',
134
- 'List of users to check during the users enumeration from the Login Error Messages'],
135
- exists: true
132
+ OptSmartList.new(
133
+ ['--users-list LIST',
134
+ 'List of users to check during the users enumeration from the Login Error Messages']
136
135
  ),
137
136
  OptChoice.new(
138
137
  ['--users-detection MODE',
data/app/controllers/enumeration/enum_methods.rb CHANGED
@@ -63,7 +63,7 @@ module WPScan
63
63
  # @return [ Array<String> ] The plugins list associated to the cli options
64
64
  def plugins_list_from_opts(opts)
65
65
  # List file provided by the user via the cli
66
- return File.open(opts[:plugins_list]).map(&:chomp) if opts[:plugins_list]
66
+ return opts[:plugins_list] if opts[:plugins_list]
67
67
 
68
68
  if opts[:enumerate][:all_plugins]
69
69
  DB::Plugins.all_slugs
@@ -101,7 +101,7 @@ module WPScan
101
101
  # @return [ Array<String> ] The themes list associated to the cli options
102
102
  def themes_list_from_opts(opts)
103
103
  # List file provided by the user via the cli
104
- return File.open(opts[:themes_list]).map(&:chomp) if opts[:themes_list]
104
+ return opts[:themes_list] if opts[:themes_list]
105
105
 
106
106
  if opts[:enumerate][:all_themes]
107
107
  DB::Themes.all_slugs
data/app/finders/users/login_error_messages.rb CHANGED
@@ -38,9 +38,7 @@ module WPScan
38
38
  # usernames from the potential Users found
39
39
  unames = opts[:found].map(&:username)
40
40
 
41
- if opts[:list]
42
- File.open(opts[:list]).each { |uname| unames << uname.chomp }
43
- end
41
+ [*opts[:list]].each { |uname| unames << uname.chomp }
44
42
 
45
43
  unames.uniq
46
44
  end
data/app/finders/wp_version/unique_fingerprinting.rb CHANGED
@@ -5,19 +5,9 @@ module WPScan
5
5
  class UniqueFingerprinting < CMSScanner::Finders::Finder
6
6
  include CMSScanner::Finders::Finder::Fingerprinter
7
7
 
8
- QUERY = 'SELECT md5_hash, path_id, version_id, ' \
9
- 'versions.number AS version,' \
10
- 'paths.value AS path ' \
11
- 'FROM fingerprints ' \
12
- 'LEFT JOIN versions ON version_id = versions.id ' \
13
- 'LEFT JOIN paths on path_id = paths.id ' \
14
- 'WHERE md5_hash IN ' \
15
- '(SELECT md5_hash FROM fingerprints GROUP BY md5_hash HAVING COUNT(*) = 1) ' \
16
- 'ORDER BY version DESC'.freeze
17
-
18
8
  # @return [ WpVersion ]
19
9
  def aggressive(opts = {})
20
- fingerprint(unique_fingerprints, opts) do |version_number, url, md5sum|
10
+ fingerprint(DB::Fingerprints.wp_unique_fingerprints, opts) do |version_number, url, md5sum|
21
11
  hydra.abort
22
12
  progress_bar.finish
23
13
 
@@ -31,30 +21,6 @@ module WPScan
31
21
  nil
32
22
  end
33
23
 
34
- # @return [ Hash ] The unique fingerprints across all versions in the DB
35
- #
36
- # Format returned:
37
- # {
38
- # file_path_1: {
39
- # md5_hash_1: version_1,
40
- # md5_hash_2: version_2
41
- # },
42
- # file_path_2: {
43
- # md5_hash_3: version_1,
44
- # md5_hash_4: version_3
45
- # }
46
- # }
47
- def unique_fingerprints
48
- fingerprints = {}
49
-
50
- repository(:default).adapter.select(QUERY).each do |f|
51
- fingerprints[f.path] ||= {}
52
- fingerprints[f.path][f.md5_hash] = f.version
53
- end
54
-
55
- fingerprints
56
- end
57
-
58
24
  def create_progress_bar(opts = {})
59
25
  super(opts.merge(title: 'Fingerprinting the version -'))
60
26
  end
data/app/models/wp_item.rb CHANGED
@@ -6,8 +6,8 @@ module WPScan
6
6
  include CMSScanner::Target::Platform::PHP
7
7
  include CMSScanner::Target::Server::Generic
8
8
 
9
- READMES = %w[readme.txt README.txt Readme.txt ReadMe.txt README.TXT readme.TXT].freeze
10
- CHANGELOGS = %w[changelog.txt Changelog.txt ChangeLog.txt CHANGELOG.txt].freeze
9
+ READMES = %w[readme.txt README.txt README.md readme.md Readme.txt].freeze
10
+ CHANGELOGS = %w[changelog.txt CHANGELOG.md changelog.md].freeze
11
11
 
12
12
  attr_reader :uri, :name, :detection_opts, :version_detection_opts, :target, :db_data
13
13
 
data/app/models/wp_version.rb CHANGED
@@ -22,9 +22,15 @@ module WPScan
22
22
 
23
23
  @all_numbers = []
24
24
 
25
- DB::Version.all.each { |v| @all_numbers << v.number }
25
+ DB::Fingerprints.wp_fingerprints.each_value do |fp|
26
+ fp.each_value do |versions|
27
+ versions.each do |version|
28
+ @all_numbers << version unless @all_numbers.include?(version)
29
+ end
30
+ end
31
+ end
26
32
 
27
- @all_numbers
33
+ @all_numbers.sort! { |a, b| Gem::Version.new(b) <=> Gem::Version.new(a) }
28
34
  end
29
35
 
30
36
  # @return [ JSON ]
data/lib/wpscan.rb CHANGED
@@ -11,6 +11,7 @@ require 'uri'
11
11
  require 'time'
12
12
  require 'readline'
13
13
  require 'securerandom'
14
+
14
15
  # Custom Libs
15
16
  require 'wpscan/helper'
16
17
  require 'wpscan/db'
data/lib/wpscan/db.rb CHANGED
@@ -1,10 +1,4 @@
1
- require 'dm-core'
2
- require 'dm-migrations'
3
- require 'dm-constraints'
4
- require 'dm-sqlite-adapter'
5
-
6
1
  require 'wpscan/db/wp_item'
7
- require 'wpscan/db/schema'
8
2
  require 'wpscan/db/updater'
9
3
  require 'wpscan/db/wp_items'
10
4
  require 'wpscan/db/plugins'
@@ -12,17 +6,5 @@ require 'wpscan/db/themes'
12
6
  require 'wpscan/db/plugin'
13
7
  require 'wpscan/db/theme'
14
8
  require 'wpscan/db/wp_version'
9
+ require 'wpscan/db/fingerprints'
15
10
  require 'wpscan/db/dynamic_finders'
16
-
17
- module WPScan
18
- # DB
19
- module DB
20
- def self.init_db
21
- db_file ||= File.join(DB_DIR, 'wordpress.db')
22
-
23
- # DataMapper::Logger.new($stdout, :debug)
24
- DataMapper.setup(:default, "sqlite://#{db_file}")
25
- DataMapper.auto_upgrade!
26
- end
27
- end
28
- end
data/lib/wpscan/db/dynamic_finders.rb CHANGED
@@ -4,7 +4,7 @@ module WPScan
4
4
  class DynamicFinders
5
5
  # @return [ String ]
6
6
  def self.db_file
7
- @db_file ||= File.join(DB_DIR, 'dynamic_finders.yml')
7
+ @db_file ||= File.join(DB_DIR, 'dynamic_finders_01.yml')
8
8
  end
9
9
 
10
10
  # @return [ Hash ]
@@ -35,15 +35,7 @@ module WPScan
35
35
 
36
36
  # @return [ Hash ]
37
37
  def self.comments
38
- unless @comments
39
- @comments = finder_configs('Comments')
40
-
41
- @comments.each do |slug, config|
42
- @comments[slug]['pattern'] = Regexp.new(config['pattern'], Regexp::IGNORECASE)
43
- end
44
- end
45
-
46
- @comments
38
+ @comments ||= finder_configs('Comments')
47
39
  end
48
40
 
49
41
  # @return [ Hash ]
data/lib/wpscan/db/fingerprints.rb ADDED
@@ -0,0 +1,50 @@
1
+ module WPScan
2
+ module DB
3
+ # Fingerprints class
4
+ class Fingerprints
5
+ # @param [ Hash ] data
6
+ #
7
+ # @return [ Hash ] the unique fingerprints in the data argument given
8
+ # Format returned:
9
+ # {
10
+ # file_path_1: {
11
+ # md5_hash_1: version_1,
12
+ # md5_hash_2: version_2
13
+ # },
14
+ # file_path_2: {
15
+ # md5_hash_3: version_1,
16
+ # md5_hash_4: version_3
17
+ # }
18
+ # }
19
+ def self.unique_fingerprints(data)
20
+ unique_fingerprints = {}
21
+
22
+ data.each do |file_path, fingerprints|
23
+ fingerprints.each do |md5sum, versions|
24
+ next unless versions.size == 1
25
+
26
+ unique_fingerprints[file_path] ||= {}
27
+ unique_fingerprints[file_path][md5sum] = versions.first
28
+ end
29
+ end
30
+
31
+ unique_fingerprints
32
+ end
33
+
34
+ # @return [ String ]
35
+ def self.wp_fingerprints_path
36
+ @wp_unique_fingerprints_path ||= File.join(DB_DIR, 'wp_fingerprints.json')
37
+ end
38
+
39
+ # @return [ Hash ]
40
+ def self.wp_fingerprints
41
+ @wp_fingerprints ||= read_json_file(wp_fingerprints_path)
42
+ end
43
+
44
+ # @return [ Hash ]
45
+ def self.wp_unique_fingerprints
46
+ @wp_unique_fingerprints ||= unique_fingerprints(wp_fingerprints)
47
+ end
48
+ end
49
+ end
50
+ end
data/lib/wpscan/db/updater.rb CHANGED
@@ -7,9 +7,11 @@ module WPScan
7
7
  FILES = %w[
8
8
  plugins.json themes.json wordpresses.json
9
9
  timthumbs-v3.txt user-agents.txt config_backups.txt
10
- dynamic_finders.yml wordpress.db LICENSE
10
+ dynamic_finders_01.yml wp_fingerprints.json LICENSE
11
11
  ].freeze
12
12
 
13
+ OLD_FILES = %w[wordpress.db dynamic_finders.yml].freeze
14
+
13
15
  attr_reader :repo_directory
14
16
 
15
17
  def initialize(repo_directory)
@@ -18,6 +20,16 @@ module WPScan
18
20
  FileUtils.mkdir_p(repo_directory) unless Dir.exist?(repo_directory)
19
21
 
20
22
  raise "#{repo_directory} is not writable" unless Pathname.new(repo_directory).writable?
23
+
24
+ delete_old_files
25
+ end
26
+
27
+ # Removes DB files which are no longer used
28
+ # this doesn't raise errors if they don't exist
29
+ def delete_old_files
30
+ OLD_FILES.each do |old_file|
31
+ FileUtils.remove_file(local_file_path(old_file), true)
32
+ end
21
33
  end
22
34
 
23
35
  # @return [ Time, nil ]
data/lib/wpscan/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  # Version
2
2
  module WPScan
3
- VERSION = '3.0.5'.freeze
3
+ VERSION = '3.0.6'.freeze
4
4
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: wpscan
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.5
4
+ version: 3.0.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-10-06 00:00:00.000000000 Z
11
+ date: 2017-10-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: cms_scanner
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 0.0.37.11
19
+ version: 0.0.37.12
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 0.0.37.11
26
+ version: 0.0.37.12
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: yajl-ruby
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -52,62 +52,6 @@ dependencies:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
54
  version: '5.1'
55
- - !ruby/object:Gem::Dependency
56
- name: dm-core
57
- requirement: !ruby/object:Gem::Requirement
58
- requirements:
59
- - - "~>"
60
- - !ruby/object:Gem::Version
61
- version: 1.2.0
62
- type: :runtime
63
- prerelease: false
64
- version_requirements: !ruby/object:Gem::Requirement
65
- requirements:
66
- - - "~>"
67
- - !ruby/object:Gem::Version
68
- version: 1.2.0
69
- - !ruby/object:Gem::Dependency
70
- name: dm-migrations
71
- requirement: !ruby/object:Gem::Requirement
72
- requirements:
73
- - - "~>"
74
- - !ruby/object:Gem::Version
75
- version: 1.2.0
76
- type: :runtime
77
- prerelease: false
78
- version_requirements: !ruby/object:Gem::Requirement
79
- requirements:
80
- - - "~>"
81
- - !ruby/object:Gem::Version
82
- version: 1.2.0
83
- - !ruby/object:Gem::Dependency
84
- name: dm-constraints
85
- requirement: !ruby/object:Gem::Requirement
86
- requirements:
87
- - - "~>"
88
- - !ruby/object:Gem::Version
89
- version: 1.2.0
90
- type: :runtime
91
- prerelease: false
92
- version_requirements: !ruby/object:Gem::Requirement
93
- requirements:
94
- - - "~>"
95
- - !ruby/object:Gem::Version
96
- version: 1.2.0
97
- - !ruby/object:Gem::Dependency
98
- name: dm-sqlite-adapter
99
- requirement: !ruby/object:Gem::Requirement
100
- requirements:
101
- - - "~>"
102
- - !ruby/object:Gem::Version
103
- version: 1.2.0
104
- type: :runtime
105
- prerelease: false
106
- version_requirements: !ruby/object:Gem::Requirement
107
- requirements:
108
- - - "~>"
109
- - !ruby/object:Gem::Version
110
- version: 1.2.0
111
55
  - !ruby/object:Gem::Dependency
112
56
  name: rake
113
57
  requirement: !ruby/object:Gem::Requirement
@@ -128,14 +72,14 @@ dependencies:
128
72
  requirements:
129
73
  - - "~>"
130
74
  - !ruby/object:Gem::Version
131
- version: 3.6.0
75
+ version: 3.7.0
132
76
  type: :development
133
77
  prerelease: false
134
78
  version_requirements: !ruby/object:Gem::Requirement
135
79
  requirements:
136
80
  - - "~>"
137
81
  - !ruby/object:Gem::Version
138
- version: 3.6.0
82
+ version: 3.7.0
139
83
  - !ruby/object:Gem::Dependency
140
84
  name: rspec-its
141
85
  requirement: !ruby/object:Gem::Requirement
@@ -361,9 +305,9 @@ files:
361
305
  - lib/wpscan/controllers.rb
362
306
  - lib/wpscan/db.rb
363
307
  - lib/wpscan/db/dynamic_finders.rb
308
+ - lib/wpscan/db/fingerprints.rb
364
309
  - lib/wpscan/db/plugin.rb
365
310
  - lib/wpscan/db/plugins.rb
366
- - lib/wpscan/db/schema.rb
367
311
  - lib/wpscan/db/theme.rb
368
312
  - lib/wpscan/db/themes.rb
369
313
  - lib/wpscan/db/updater.rb
data/lib/wpscan/db/schema.rb DELETED
@@ -1,39 +0,0 @@
1
- module WPScan
2
- module DB
3
- # WP Version
4
- class Version < WpItem
5
- include DataMapper::Resource
6
-
7
- storage_names[:default] = 'versions'
8
-
9
- has n, :fingerprints, constraint: :destroy
10
-
11
- property :id, Serial
12
- property :number, String, required: true, unique: true
13
- end
14
-
15
- # Path
16
- class Path
17
- include DataMapper::Resource
18
-
19
- storage_names[:default] = 'paths'
20
-
21
- has n, :fingerprints, constraint: :destroy
22
-
23
- property :id, Serial
24
- property :value, String, required: true, unique: true
25
- end
26
-
27
- # Fingerprint
28
- class Fingerprint
29
- include DataMapper::Resource
30
-
31
- storage_names[:default] = 'fingerprints'
32
-
33
- belongs_to :version, key: true
34
- belongs_to :path, key: true
35
-
36
- property :md5_hash, String, required: true, length: 32
37
- end
38
- end
39
- end