RubyGems - wpscan - Versions diffs - 3.4.5 → 3.5.0 - Mend

wpscan 3.4.5 → 3.5.0

Files changed (140) hide show

checksums.yaml +5 -5
data/README.md +21 -14
data/app/app.rb +2 -0
data/app/controllers.rb +2 -0
data/app/controllers/aliases.rb +2 -0
data/app/controllers/core.rb +6 -4
data/app/controllers/custom_directories.rb +3 -1
data/app/controllers/enumeration.rb +6 -0
data/app/controllers/enumeration/cli_options.rb +2 -0
data/app/controllers/enumeration/enum_methods.rb +2 -0
data/app/controllers/main_theme.rb +2 -0
data/app/controllers/password_attack.rb +6 -4
data/app/controllers/wp_version.rb +2 -0
data/app/finders.rb +2 -0
data/app/finders/config_backups.rb +2 -0
data/app/finders/config_backups/known_filenames.rb +4 -3
data/app/finders/db_exports.rb +2 -0
data/app/finders/db_exports/known_locations.rb +15 -3
data/app/finders/interesting_findings.rb +2 -0
data/app/finders/interesting_findings/backup_db.rb +5 -4
data/app/finders/interesting_findings/debug_log.rb +3 -1
data/app/finders/interesting_findings/duplicator_installer_log.rb +6 -5
data/app/finders/interesting_findings/emergency_pwd_reset_script.rb +6 -4
data/app/finders/interesting_findings/full_path_disclosure.rb +3 -1
data/app/finders/interesting_findings/mu_plugins.rb +4 -2
data/app/finders/interesting_findings/multisite.rb +3 -1
data/app/finders/interesting_findings/readme.rb +8 -6
data/app/finders/interesting_findings/registration.rb +3 -1
data/app/finders/interesting_findings/tmm_db_migrate.rb +4 -2
data/app/finders/interesting_findings/upload_directory_listing.rb +3 -1
data/app/finders/interesting_findings/upload_sql_dump.rb +8 -10
data/app/finders/interesting_findings/wp_cron.rb +3 -1
data/app/finders/main_theme.rb +2 -0
data/app/finders/main_theme/css_style.rb +3 -1
data/app/finders/main_theme/urls_in_homepage.rb +3 -1
data/app/finders/main_theme/woo_framework_meta_generator.rb +3 -1
data/app/finders/medias.rb +2 -0
data/app/finders/medias/attachment_brute_forcing.rb +3 -1
data/app/finders/passwords.rb +2 -0
data/app/finders/passwords/wp_login.rb +4 -1
data/app/finders/passwords/xml_rpc.rb +2 -0
data/app/finders/passwords/xml_rpc_multicall.rb +4 -2
data/app/finders/plugin_version.rb +4 -2
data/app/finders/plugin_version/readme.rb +9 -5
data/app/finders/plugins.rb +2 -0
data/app/finders/plugins/body_pattern.rb +3 -1
data/app/finders/plugins/comment.rb +3 -1
data/app/finders/plugins/config_parser.rb +3 -1
data/app/finders/plugins/header_pattern.rb +3 -1
data/app/finders/plugins/javascript_var.rb +3 -1
data/app/finders/plugins/known_locations.rb +10 -8
data/app/finders/plugins/query_parameter.rb +2 -0
data/app/finders/plugins/urls_in_homepage.rb +3 -1
data/app/finders/plugins/xpath.rb +3 -1
data/app/finders/theme_version.rb +4 -2
data/app/finders/theme_version/style.rb +3 -1
data/app/finders/theme_version/woo_framework_meta_generator.rb +3 -1
data/app/finders/themes.rb +2 -0
data/app/finders/themes/known_locations.rb +12 -10
data/app/finders/themes/urls_in_homepage.rb +3 -1
data/app/finders/timthumb_version.rb +3 -1
data/app/finders/timthumb_version/bad_request.rb +3 -1
data/app/finders/timthumbs.rb +2 -0
data/app/finders/timthumbs/known_locations.rb +12 -3
data/app/finders/users.rb +2 -0
data/app/finders/users/author_id_brute_forcing.rb +3 -1
data/app/finders/users/author_posts.rb +3 -1
data/app/finders/users/login_error_messages.rb +3 -1
data/app/finders/users/oembed_api.rb +6 -4
data/app/finders/users/rss_generator.rb +7 -5
data/app/finders/users/wp_json_api.rb +16 -6
data/app/finders/users/yoast_seo_author_sitemap.rb +6 -4
data/app/finders/wp_items.rb +2 -0
data/app/finders/wp_items/urls_in_homepage.rb +2 -0
data/app/finders/wp_version.rb +2 -0
data/app/finders/wp_version/atom_generator.rb +2 -0
data/app/finders/wp_version/rdf_generator.rb +2 -0
data/app/finders/wp_version/readme.rb +4 -2
data/app/finders/wp_version/rss_generator.rb +2 -0
data/app/finders/wp_version/unique_fingerprinting.rb +3 -1
data/app/models.rb +8 -0
data/app/models/config_backup.rb +6 -2
data/app/models/db_export.rb +6 -2
data/app/models/interesting_finding.rb +36 -32
data/app/models/media.rb +6 -2
data/app/models/plugin.rb +25 -17
data/app/models/theme.rb +83 -75
data/app/models/timthumb.rb +58 -54
data/app/models/wp_item.rb +140 -128
data/app/models/wp_version.rb +47 -44
data/app/models/xml_rpc.rb +18 -14
data/app/views/cli/wp_item.erb +0 -3
data/app/views/json/wp_item.erb +0 -1
data/bin/wpscan +1 -0
data/lib/wpscan.rb +2 -0
data/lib/wpscan/browser.rb +2 -0
data/lib/wpscan/controller.rb +2 -0
data/lib/wpscan/controllers.rb +2 -0
data/lib/wpscan/db.rb +2 -0
data/lib/wpscan/db/dynamic_finders/base.rb +2 -0
data/lib/wpscan/db/dynamic_finders/plugin.rb +4 -5
data/lib/wpscan/db/dynamic_finders/theme.rb +2 -0
data/lib/wpscan/db/dynamic_finders/wordpress.rb +2 -0
data/lib/wpscan/db/fingerprints.rb +2 -0
data/lib/wpscan/db/plugin.rb +2 -0
data/lib/wpscan/db/plugins.rb +2 -0
data/lib/wpscan/db/theme.rb +2 -0
data/lib/wpscan/db/themes.rb +2 -0
data/lib/wpscan/db/updater.rb +4 -2
data/lib/wpscan/db/wp_item.rb +2 -0
data/lib/wpscan/db/wp_items.rb +2 -0
data/lib/wpscan/db/wp_version.rb +2 -0
data/lib/wpscan/errors.rb +7 -1
data/lib/wpscan/errors/http.rb +27 -23
data/lib/wpscan/errors/update.rb +8 -4
data/lib/wpscan/errors/wordpress.rb +24 -14
data/lib/wpscan/errors/xmlrpc.rb +8 -4
data/lib/wpscan/finders.rb +2 -0
data/lib/wpscan/finders/dynamic_finder/finder.rb +2 -0
data/lib/wpscan/finders/dynamic_finder/version/body_pattern.rb +2 -0
data/lib/wpscan/finders/dynamic_finder/version/comment.rb +2 -0
data/lib/wpscan/finders/dynamic_finder/version/config_parser.rb +2 -0
data/lib/wpscan/finders/dynamic_finder/version/finder.rb +4 -2
data/lib/wpscan/finders/dynamic_finder/version/header_pattern.rb +2 -0
data/lib/wpscan/finders/dynamic_finder/version/javascript_var.rb +2 -0
data/lib/wpscan/finders/dynamic_finder/version/query_parameter.rb +2 -0
data/lib/wpscan/finders/dynamic_finder/version/xpath.rb +2 -0
data/lib/wpscan/finders/dynamic_finder/wp_item_version.rb +2 -0
data/lib/wpscan/finders/dynamic_finder/wp_items/finder.rb +4 -2
data/lib/wpscan/finders/dynamic_finder/wp_version.rb +4 -2
data/lib/wpscan/finders/finder/wp_version/smart_url_checker.rb +4 -2
data/lib/wpscan/helper.rb +2 -0
data/lib/wpscan/references.rb +2 -0
data/lib/wpscan/target.rb +12 -1
data/lib/wpscan/target/platform/wordpress.rb +15 -1
data/lib/wpscan/target/platform/wordpress/custom_directories.rb +23 -3
data/lib/wpscan/version.rb +3 -1
data/lib/wpscan/vulnerability.rb +2 -0
data/lib/wpscan/vulnerable.rb +2 -0
metadata +35 -8

data/app/views/json/wp_item.erb CHANGED Viewed

@@ -4,6 +4,5 @@
 "last_updated": <%= @wp_item.last_updated.to_json %>,
 "outdated": <%= @wp_item.outdated?.to_json %>,
 "readme_url": <%= @wp_item.readme_url.to_json %>,
-"changelog_url": <%= @wp_item.changelog_url.to_json %>,
 "directory_listing": <%= @wp_item.directory_listing?.to_json %>,
 "error_log_url": <% if @wp_item.error_log? %><%= @wp_item.url('error_log').to_json %><% else %>null<% end %>

data/bin/wpscan CHANGED Viewed

@@ -1,4 +1,5 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 require 'wpscan'

data/lib/wpscan.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 # Gems
 # Believe it or not, active_support MUST be the first one,
 # otherwise encoding issues can happen when using JSON format.

data/lib/wpscan/browser.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   # Custom Browser
   class Browser < CMSScanner::Browser

data/lib/wpscan/controller.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   # Needed to load at least the Core controller
   # Otherwise, the following error will be raised:

data/lib/wpscan/controllers.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   # Override to set the OptParser's summary width to 45 (instead of 40 from the CMSScanner)
   class Controllers < CMSScanner::Controllers

data/lib/wpscan/db.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require_relative 'db/wp_item'
 require_relative 'db/updater'
 require_relative 'db/wp_items'

data/lib/wpscan/db/dynamic_finders/base.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     module DynamicFinders

data/lib/wpscan/db/dynamic_finders/plugin.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     module DynamicFinders
@@ -60,7 +62,7 @@ module WPScan
         # @param [ String ] slug
         # @return [ Constant ]
-        def self.maybe_create_modudle(slug)
+        def self.maybe_create_module(slug)
           # What about slugs such as js_composer which will be done as JsComposer, just like js-composer
           constant_name = classify_slug(slug)
@@ -73,10 +75,7 @@ module WPScan
         def self.create_versions_finders
           versions_finders_configs.each do |slug, finders|
-            # Kind of an issue here, module is created even if there is no valid classes
-            # Could put the #maybe_ directly in the #send() BUT it would be checked everytime,
-            # which is kind of a waste
-            mod = maybe_create_modudle(slug)
+            mod = maybe_create_module(slug)
             finders.each do |finder_class, config|
               klass = config['class'] || finder_class

data/lib/wpscan/db/dynamic_finders/theme.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     module DynamicFinders

data/lib/wpscan/db/dynamic_finders/wordpress.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     module DynamicFinders

data/lib/wpscan/db/fingerprints.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     # Fingerprints class

data/lib/wpscan/db/plugin.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     # Plugin DB

data/lib/wpscan/db/plugins.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     # WP Plugins

data/lib/wpscan/db/theme.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     # Theme DB

data/lib/wpscan/db/themes.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     # WP Themes

data/lib/wpscan/db/updater.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     # Class used to perform DB updates
@@ -80,7 +82,7 @@ module WPScan
         url = "#{remote_file_url(filename)}.sha512"
         res = Browser.get(url, request_params)
-        raise DownloadError, res if res.timed_out? || res.code != 200
+        raise Error::Download, res if res.timed_out? || res.code != 200
         res.body.chomp
       end
@@ -121,7 +123,7 @@ module WPScan
         file_url  = remote_file_url(filename)
         res = Browser.get(file_url, request_params)
-        raise DownloadError, res if res.timed_out? || res.code != 200
+        raise Error::Download, res if res.timed_out? || res.code != 200
         File.open(file_path, 'wb') { |f| f.write(res.body) }

data/lib/wpscan/db/wp_item.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     # WpItem - super DB class for Plugin, Theme and Version

data/lib/wpscan/db/wp_items.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     # WP Items

data/lib/wpscan/db/wp_version.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module DB
     # WP Version

data/lib/wpscan/errors.rb CHANGED Viewed

@@ -1,5 +1,11 @@
+# frozen_string_literal: true
 module WPScan
-  class Error < StandardError
+  module Error
+    include CMSScanner::Error
+    class Standard < StandardError
+    end
   end
 end

data/lib/wpscan/errors/http.rb CHANGED Viewed

@@ -1,34 +1,38 @@
+# frozen_string_literal: true
 module WPScan
-  # HTTP Error
-  class HTTPError < Error
-    attr_reader :response
+  module Error
+    # HTTP Error
+    class HTTP < Standard
+      attr_reader :response
-    # @param [ Typhoeus::Response ] res
-    def initialize(response)
-      @response = response
-    end
+      # @param [ Typhoeus::Response ] res
+      def initialize(response)
+        @response = response
+      end
-    def failure_details
-      msg = response.effective_url
+      def failure_details
+        msg = response.effective_url
-      msg += if response.code.zero? || response.timed_out?
-               " (#{response.return_message})"
-             else
-               " (status: #{response.code})"
-             end
+        msg += if response.code.zero? || response.timed_out?
+                 " (#{response.return_message})"
+               else
+                 " (status: #{response.code})"
+               end
-      msg
-    end
+        msg
+      end
-    def to_s
-      "HTTP Error: #{failure_details}"
+      def to_s
+        "HTTP Error: #{failure_details}"
+      end
     end
-  end
-  # Used in the Updater
-  class DownloadError < HTTPError
-    def to_s
-      "Unable to get #{failure_details}"
+    # Used in the Updater
+    class Download < HTTP
+      def to_s
+        "Unable to get #{failure_details}"
+      end
     end
   end
 end

data/lib/wpscan/errors/update.rb CHANGED Viewed

@@ -1,8 +1,12 @@
+# frozen_string_literal: true
 module WPScan
-  # Error raised when there is a missing  DB file and --no-update supplied
-  class MissingDatabaseFile < Error
-    def to_s
-      'Update required, you can not run a scan if a database file is missing.'
+  module Error
+    # Error raised when there is a missing  DB file and --no-update supplied
+    class MissingDatabaseFile < Standard
+      def to_s
+        'Update required, you can not run a scan if a database file is missing.'
+      end
     end
   end
 end

data/lib/wpscan/errors/wordpress.rb CHANGED Viewed

@@ -1,22 +1,32 @@
+# frozen_string_literal: true
 module WPScan
-  # WordPress hosted (*.wordpress.com)
-  class WordPressHostedError < Error
-    def to_s
-      'Scanning *.wordpress.com hosted blogs is not supported.'
+  module Error
+    # WordPress hosted (*.wordpress.com)
+    class WordPressHosted < Standard
+      def to_s
+        'Scanning *.wordpress.com hosted blogs is not supported.'
+      end
     end
-  end
-  # Not WordPress Error
-  class NotWordPressError < Error
-    def to_s
-      'The remote website is up, but does not seem to be running WordPress.'
+    # Not WordPress Error
+    class NotWordPress < Standard
+      def to_s
+        'The remote website is up, but does not seem to be running WordPress.'
+      end
+    end
+    # Invalid Wp Version (used in the WpVersion#new)
+    class InvalidWordPressVersion < Standard
+      def to_s
+        'The WordPress version is invalid'
+      end
     end
-  end
-  # Invalid Wp Version (used in the WpVersion#new)
-  class InvalidWordPressVersion < Error
-    def to_s
-      'The WordPress version is invalid'
+    class WpContentDirNotDetected < Standard
+      def to_s
+        'Unable to identify the wp-content dir, please supply it with --wp-content-dir'
+      end
     end
   end
 end

data/lib/wpscan/errors/xmlrpc.rb CHANGED Viewed

@@ -1,8 +1,12 @@
+# frozen_string_literal: true
 module WPScan
-  # XML-RPC Not Detected
-  class XMLRPCNotDetected < Error
-    def to_s
-      'The XML-RPC Interface was not detected.'
+  module Error
+    # XML-RPC Not Detected
+    class XMLRPCNotDetected < Standard
+      def to_s
+        'The XML-RPC Interface was not detected.'
+      end
     end
   end
 end

data/lib/wpscan/finders.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'wpscan/finders/finder/wp_version/smart_url_checker'
 require 'wpscan/finders/dynamic_finder/finder'

data/lib/wpscan/finders/dynamic_finder/finder.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder

data/lib/wpscan/finders/dynamic_finder/version/body_pattern.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder

data/lib/wpscan/finders/dynamic_finder/version/comment.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder

data/lib/wpscan/finders/dynamic_finder/version/config_parser.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder

data/lib/wpscan/finders/dynamic_finder/version/finder.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder
@@ -9,9 +11,9 @@ module WPScan
           # @param [ String ] number
           # @param [ Hash ] finding_opts
-          # @return [ WPScan::Version ]
+          # @return [ Model::Version ]
           def create_version(number, finding_opts)
-            WPScan::Version.new(number, version_finding_opts(finding_opts))
+            Model::Version.new(number, version_finding_opts(finding_opts))
           end
           # @param [ Hash ] opts

data/lib/wpscan/finders/dynamic_finder/version/header_pattern.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder

data/lib/wpscan/finders/dynamic_finder/version/javascript_var.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder

data/lib/wpscan/finders/dynamic_finder/version/query_parameter.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder

data/lib/wpscan/finders/dynamic_finder/version/xpath.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder

data/lib/wpscan/finders/dynamic_finder/wp_item_version.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder

data/lib/wpscan/finders/dynamic_finder/wp_items/finder.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module WPScan
   module Finders
     module DynamicFinder
@@ -31,7 +33,7 @@ module WPScan
               configs.each do |klass, config|
                 item = process_response(opts, target.homepage_res, slug, klass, config)
-                found << item if item.is_a?(WpItem)
+                found << item if item.is_a?(Model::WpItem)
               end
             end
@@ -70,7 +72,7 @@ module WPScan
                 item = process_response(opts, response, slug, klass, config)
-                found << item if item.is_a?(WpItem)
+                found << item if item.is_a?(Model::WpItem)
               end
             end