wpscan 3.5.4 → 3.5.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/password_attack.rb +20 -7
- data/app/controllers/wp_version.rb +1 -1
- data/app/finders/plugins/body_pattern.rb +1 -1
- data/app/finders/plugins/comment.rb +1 -1
- data/app/finders/plugins/config_parser.rb +1 -1
- data/app/finders/plugins/header_pattern.rb +1 -1
- data/app/finders/plugins/javascript_var.rb +1 -1
- data/app/finders/plugins/query_parameter.rb +1 -1
- data/app/finders/plugins/xpath.rb +1 -1
- data/app/finders/users/rss_generator.rb +1 -1
- data/app/finders/wp_version.rb +1 -1
- data/app/views/cli/enumeration/config_backups.erb +1 -1
- data/app/views/cli/enumeration/db_exports.erb +1 -1
- data/lib/wpscan/finders/dynamic_finder/version/body_pattern.rb +1 -1
- data/lib/wpscan/finders/dynamic_finder/version/comment.rb +1 -1
- data/lib/wpscan/finders/dynamic_finder/version/config_parser.rb +1 -1
- data/lib/wpscan/finders/dynamic_finder/version/header_pattern.rb +1 -1
- data/lib/wpscan/finders/dynamic_finder/version/javascript_var.rb +1 -1
- data/lib/wpscan/finders/dynamic_finder/version/query_parameter.rb +1 -1
- data/lib/wpscan/finders/dynamic_finder/version/xpath.rb +1 -1
- data/lib/wpscan/finders/dynamic_finder/wp_item_version.rb +7 -7
- data/lib/wpscan/finders/dynamic_finder/wp_version.rb +5 -5
- data/lib/wpscan/version.rb +1 -1
- metadata +8 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7598b5dd35df74f49ca06db60fc8c40b636c9539e8b1543d5d649052520a48d3
|
|
4
|
+
data.tar.gz: a50e8653b39a843f2e9b02cb9506d1249b2a34c5d469aaa25e4774b7133ce1a6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6ed1bdc24f4ab7147a0c558564f7ce9d32e0310dcd6d44590f9e2e2c936dd0c5c0932b9a0bd82b12460ce5027cdbe81aaa90e9069d904c534b76e78c771b09da
|
|
7
|
+
data.tar.gz: b0f0ca51823c56afbed135324657602dc137f7089f34555df5977aa3ec3b0406544cde065a5ee2d1c58a36a776acb134b7760f8f5f5304e39a2b187391d3c680
|
|
@@ -65,30 +65,43 @@ module WPScan
|
|
|
65
65
|
|
|
66
66
|
case ParsedCli.password_attack
|
|
67
67
|
when :wp_login
|
|
68
|
-
|
|
68
|
+
Finders::Passwords::WpLogin.new(target)
|
|
69
69
|
when :xmlrpc
|
|
70
70
|
raise Error::XMLRPCNotDetected unless xmlrpc
|
|
71
71
|
|
|
72
|
-
|
|
72
|
+
Finders::Passwords::XMLRPC.new(xmlrpc)
|
|
73
73
|
when :xmlrpc_multicall
|
|
74
74
|
raise Error::XMLRPCNotDetected unless xmlrpc
|
|
75
75
|
|
|
76
|
-
|
|
76
|
+
Finders::Passwords::XMLRPCMulticall.new(xmlrpc)
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
# @return [ Boolean ]
|
|
81
|
+
def xmlrpc_get_users_blogs_enabled?
|
|
82
|
+
if xmlrpc&.enabled? &&
|
|
83
|
+
xmlrpc.available_methods.include?('wp.getUsersBlogs') &&
|
|
84
|
+
xmlrpc.method_call('wp.getUsersBlogs', [SecureRandom.hex[0, 6], SecureRandom.hex[0, 4]])
|
|
85
|
+
.run.body !~ /XML\-RPC services are disabled/
|
|
86
|
+
|
|
87
|
+
true
|
|
88
|
+
else
|
|
89
|
+
false
|
|
77
90
|
end
|
|
78
91
|
end
|
|
79
92
|
|
|
80
93
|
# @return [ CMSScanner::Finders::Finder ]
|
|
81
94
|
def attacker_from_automatic_detection
|
|
82
|
-
if
|
|
95
|
+
if xmlrpc_get_users_blogs_enabled?
|
|
83
96
|
wp_version = target.wp_version
|
|
84
97
|
|
|
85
98
|
if wp_version && wp_version < '4.4'
|
|
86
|
-
|
|
99
|
+
Finders::Passwords::XMLRPCMulticall.new(xmlrpc)
|
|
87
100
|
else
|
|
88
|
-
|
|
101
|
+
Finders::Passwords::XMLRPC.new(xmlrpc)
|
|
89
102
|
end
|
|
90
103
|
else
|
|
91
|
-
|
|
104
|
+
Finders::Passwords::WpLogin.new(target)
|
|
92
105
|
end
|
|
93
106
|
end
|
|
94
107
|
|
|
@@ -4,7 +4,7 @@ module WPScan
|
|
|
4
4
|
module Finders
|
|
5
5
|
module Plugins
|
|
6
6
|
# Plugins finder from Dynamic Finder 'BodyPattern'
|
|
7
|
-
class BodyPattern <
|
|
7
|
+
class BodyPattern < Finders::DynamicFinder::WpItems::Finder
|
|
8
8
|
DEFAULT_CONFIDENCE = 30
|
|
9
9
|
|
|
10
10
|
# @param [ Hash ] opts The options from the #passive, #aggressive methods
|
|
@@ -4,7 +4,7 @@ module WPScan
|
|
|
4
4
|
module Finders
|
|
5
5
|
module Plugins
|
|
6
6
|
# Plugins finder from the Dynamic Finder 'Comment'
|
|
7
|
-
class Comment <
|
|
7
|
+
class Comment < Finders::DynamicFinder::WpItems::Finder
|
|
8
8
|
DEFAULT_CONFIDENCE = 30
|
|
9
9
|
|
|
10
10
|
# @param [ Hash ] opts The options from the #passive, #aggressive methods
|
|
@@ -4,7 +4,7 @@ module WPScan
|
|
|
4
4
|
module Finders
|
|
5
5
|
module Plugins
|
|
6
6
|
# Plugins finder from Dynamic Finder 'ConfigParser'
|
|
7
|
-
class ConfigParser <
|
|
7
|
+
class ConfigParser < Finders::DynamicFinder::WpItems::Finder
|
|
8
8
|
DEFAULT_CONFIDENCE = 40
|
|
9
9
|
|
|
10
10
|
# @param [ Hash ] opts The options from the #passive, #aggressive methods
|
|
@@ -4,7 +4,7 @@ module WPScan
|
|
|
4
4
|
module Finders
|
|
5
5
|
module Plugins
|
|
6
6
|
# Plugins finder from Dynamic Finder 'HeaderPattern'
|
|
7
|
-
class HeaderPattern <
|
|
7
|
+
class HeaderPattern < Finders::DynamicFinder::WpItems::Finder
|
|
8
8
|
DEFAULT_CONFIDENCE = 30
|
|
9
9
|
|
|
10
10
|
# @param [ Hash ] opts
|
|
@@ -4,7 +4,7 @@ module WPScan
|
|
|
4
4
|
module Finders
|
|
5
5
|
module Plugins
|
|
6
6
|
# Plugins finder from the Dynamic Finder 'JavascriptVar'
|
|
7
|
-
class JavascriptVar <
|
|
7
|
+
class JavascriptVar < Finders::DynamicFinder::WpItems::Finder
|
|
8
8
|
DEFAULT_CONFIDENCE = 60
|
|
9
9
|
|
|
10
10
|
# @param [ Hash ] opts The options from the #passive, #aggressive methods
|
|
@@ -4,7 +4,7 @@ module WPScan
|
|
|
4
4
|
module Finders
|
|
5
5
|
module Plugins
|
|
6
6
|
# Plugins finder from Dynamic Finder 'QueryParameter'
|
|
7
|
-
class QueryParameter <
|
|
7
|
+
class QueryParameter < Finders::DynamicFinder::WpItems::Finder
|
|
8
8
|
DEFAULT_CONFIDENCE = 10
|
|
9
9
|
|
|
10
10
|
def passive(_opts = {})
|
|
@@ -4,7 +4,7 @@ module WPScan
|
|
|
4
4
|
module Finders
|
|
5
5
|
module Plugins
|
|
6
6
|
# Plugins finder from the Dynamic Finder 'Xpath'
|
|
7
|
-
class Xpath <
|
|
7
|
+
class Xpath < Finders::DynamicFinder::WpItems::Finder
|
|
8
8
|
DEFAULT_CONFIDENCE = 40
|
|
9
9
|
|
|
10
10
|
# @param [ Hash ] opts The options from the #passive, #aggressive methods
|
|
@@ -6,7 +6,7 @@ module WPScan
|
|
|
6
6
|
# Users disclosed from the dc:creator field in the RSS
|
|
7
7
|
# The names disclosed are display names, however depending on the configuration of the blog,
|
|
8
8
|
# they can be the same than usernames
|
|
9
|
-
class RSSGenerator <
|
|
9
|
+
class RSSGenerator < Finders::WpVersion::RSSGenerator
|
|
10
10
|
def process_urls(urls, _opts = {})
|
|
11
11
|
found = []
|
|
12
12
|
|
data/app/finders/wp_version.rb
CHANGED
|
@@ -28,7 +28,7 @@ module WPScan
|
|
|
28
28
|
# @param [ WPScan::Target ] target
|
|
29
29
|
def initialize(target)
|
|
30
30
|
(%w[RSSGenerator AtomGenerator RDFGenerator] +
|
|
31
|
-
|
|
31
|
+
DB::DynamicFinders::Wordpress.versions_finders_configs.keys +
|
|
32
32
|
%w[Readme UniqueFingerprinting]
|
|
33
33
|
).each do |finder_name|
|
|
34
34
|
finders << WpVersion.const_get(finder_name.to_sym).new(target)
|
|
@@ -6,7 +6,7 @@ module WPScan
|
|
|
6
6
|
module Version
|
|
7
7
|
# Version finder using Body Pattern method. Tipically used when the response is not
|
|
8
8
|
# an HTML doc and Xpath can't be used
|
|
9
|
-
class BodyPattern <
|
|
9
|
+
class BodyPattern < Finders::DynamicFinder::Version::Finder
|
|
10
10
|
# @return [ Hash ]
|
|
11
11
|
def self.child_class_constants
|
|
12
12
|
@child_class_constants ||= super().merge(PATTERN: nil, CONFIDENCE: 60)
|
|
@@ -6,7 +6,7 @@ module WPScan
|
|
|
6
6
|
module Version
|
|
7
7
|
# Version finder in Comment, which is basically an Xpath one with a default
|
|
8
8
|
# Xpath of //comment()
|
|
9
|
-
class Comment <
|
|
9
|
+
class Comment < Finders::DynamicFinder::Version::Xpath
|
|
10
10
|
# @return [ Hash ]
|
|
11
11
|
def self.child_class_constants
|
|
12
12
|
@child_class_constants ||= super().merge(PATTERN: nil, XPATH: '//comment()')
|
|
@@ -6,7 +6,7 @@ module WPScan
|
|
|
6
6
|
module Version
|
|
7
7
|
# Version finder using by parsing config files, such as composer.json
|
|
8
8
|
# and so on
|
|
9
|
-
class ConfigParser <
|
|
9
|
+
class ConfigParser < Finders::DynamicFinder::Version::Finder
|
|
10
10
|
ALLOWED_PARSERS = [JSON, YAML].freeze
|
|
11
11
|
|
|
12
12
|
def self.child_class_constants
|
|
@@ -5,7 +5,7 @@ module WPScan
|
|
|
5
5
|
module DynamicFinder
|
|
6
6
|
module Version
|
|
7
7
|
# Version finder using Header Pattern method
|
|
8
|
-
class HeaderPattern <
|
|
8
|
+
class HeaderPattern < Finders::DynamicFinder::Version::Finder
|
|
9
9
|
# @return [ Hash ]
|
|
10
10
|
def self.child_class_constants
|
|
11
11
|
@child_class_constants ||= super().merge(HEADER: nil, PATTERN: nil, CONFIDENCE: 60)
|
|
@@ -5,7 +5,7 @@ module WPScan
|
|
|
5
5
|
module DynamicFinder
|
|
6
6
|
module Version
|
|
7
7
|
# Version finder using JavaScript Variable method
|
|
8
|
-
class JavascriptVar <
|
|
8
|
+
class JavascriptVar < Finders::DynamicFinder::Version::Finder
|
|
9
9
|
# @return [ Hash ]
|
|
10
10
|
def self.child_class_constants
|
|
11
11
|
@child_class_constants ||= super().merge(
|
|
@@ -5,7 +5,7 @@ module WPScan
|
|
|
5
5
|
module DynamicFinder
|
|
6
6
|
module Version
|
|
7
7
|
# Version finder using QueryParameter method
|
|
8
|
-
class QueryParameter <
|
|
8
|
+
class QueryParameter < Finders::DynamicFinder::Version::Finder
|
|
9
9
|
# @return [ Hash ]
|
|
10
10
|
def self.child_class_constants
|
|
11
11
|
@child_class_constants ||= super().merge(
|
|
@@ -5,7 +5,7 @@ module WPScan
|
|
|
5
5
|
module DynamicFinder
|
|
6
6
|
module Version
|
|
7
7
|
# Version finder using Xpath method
|
|
8
|
-
class Xpath <
|
|
8
|
+
class Xpath < Finders::DynamicFinder::Version::Finder
|
|
9
9
|
# @return [ Hash ]
|
|
10
10
|
def self.child_class_constants
|
|
11
11
|
@child_class_constants ||= super().merge(
|
|
@@ -4,22 +4,22 @@ module WPScan
|
|
|
4
4
|
module Finders
|
|
5
5
|
module DynamicFinder
|
|
6
6
|
module WpItemVersion
|
|
7
|
-
class BodyPattern <
|
|
7
|
+
class BodyPattern < Finders::DynamicFinder::Version::BodyPattern
|
|
8
8
|
end
|
|
9
9
|
|
|
10
|
-
class Comment <
|
|
10
|
+
class Comment < Finders::DynamicFinder::Version::Comment
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
class ConfigParser <
|
|
13
|
+
class ConfigParser < Finders::DynamicFinder::Version::ConfigParser
|
|
14
14
|
end
|
|
15
15
|
|
|
16
|
-
class HeaderPattern <
|
|
16
|
+
class HeaderPattern < Finders::DynamicFinder::Version::HeaderPattern
|
|
17
17
|
end
|
|
18
18
|
|
|
19
|
-
class JavascriptVar <
|
|
19
|
+
class JavascriptVar < Finders::DynamicFinder::Version::JavascriptVar
|
|
20
20
|
end
|
|
21
21
|
|
|
22
|
-
class QueryParameter <
|
|
22
|
+
class QueryParameter < Finders::DynamicFinder::Version::QueryParameter
|
|
23
23
|
# @return [ Regexp ]
|
|
24
24
|
def path_pattern
|
|
25
25
|
# TODO: consider the target.blog.themes_dir if the target is a Theme (maybe implement a WpItem#item_dir ?)
|
|
@@ -37,7 +37,7 @@ module WPScan
|
|
|
37
37
|
end
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
-
class Xpath <
|
|
40
|
+
class Xpath < Finders::DynamicFinder::Version::Xpath
|
|
41
41
|
end
|
|
42
42
|
end
|
|
43
43
|
end
|
|
@@ -12,23 +12,23 @@ module WPScan
|
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
|
|
15
|
-
class BodyPattern <
|
|
15
|
+
class BodyPattern < Finders::DynamicFinder::Version::BodyPattern
|
|
16
16
|
include Finder
|
|
17
17
|
end
|
|
18
18
|
|
|
19
|
-
class Comment <
|
|
19
|
+
class Comment < Finders::DynamicFinder::Version::Comment
|
|
20
20
|
include Finder
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
-
class HeaderPattern <
|
|
23
|
+
class HeaderPattern < Finders::DynamicFinder::Version::HeaderPattern
|
|
24
24
|
include Finder
|
|
25
25
|
end
|
|
26
26
|
|
|
27
|
-
class JavascriptVar <
|
|
27
|
+
class JavascriptVar < Finders::DynamicFinder::Version::JavascriptVar
|
|
28
28
|
include Finder
|
|
29
29
|
end
|
|
30
30
|
|
|
31
|
-
class QueryParameter <
|
|
31
|
+
class QueryParameter < Finders::DynamicFinder::Version::QueryParameter
|
|
32
32
|
include Finder
|
|
33
33
|
|
|
34
34
|
# @return [ Hash ]
|
data/lib/wpscan/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: wpscan
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.5.
|
|
4
|
+
version: 3.5.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- WPScanTeam
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-07-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: cms_scanner
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.5.
|
|
19
|
+
version: 0.5.3
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.5.
|
|
26
|
+
version: 0.5.3
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: bundler
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -114,28 +114,28 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 0.
|
|
117
|
+
version: 0.72.0
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 0.
|
|
124
|
+
version: 0.72.0
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: rubocop-performance
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements:
|
|
129
129
|
- - "~>"
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: 1.
|
|
131
|
+
version: 1.4.0
|
|
132
132
|
type: :development
|
|
133
133
|
prerelease: false
|
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
135
135
|
requirements:
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
|
-
version: 1.
|
|
138
|
+
version: 1.4.0
|
|
139
139
|
- !ruby/object:Gem::Dependency
|
|
140
140
|
name: simplecov
|
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|