RubyGems - wpscan - Versions diffs - 3.6.1 → 3.6.2 - Mend

wpscan 3.6.1 → 3.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

checksums.yaml +4 -4
data/app/finders/db_exports/known_locations.rb +2 -2
data/app/finders/interesting_findings/duplicator_installer_log.rb +1 -1
data/app/finders/interesting_findings/mu_plugins.rb +1 -1
data/app/finders/interesting_findings/upload_sql_dump.rb +1 -1
data/app/finders/plugin_version/readme.rb +1 -1
data/app/finders/plugins/body_pattern.rb +1 -1
data/app/finders/plugins/comment.rb +1 -1
data/app/finders/timthumbs/known_locations.rb +1 -1
data/app/finders/users/login_error_messages.rb +1 -1
data/lib/wpscan/db/updater.rb +1 -1
data/lib/wpscan/helper.rb +1 -1
data/lib/wpscan/target/platform/wordpress.rb +1 -1
data/lib/wpscan/version.rb +1 -1
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 459148fa0c668df5a304b762d29083116206143351b769300d518500a9a87e3b
-  data.tar.gz: 4a641fb29db8caf1a5dd33b48112bc167683b5d508416f5843e7d40a2a729884
+  metadata.gz: eba446cae860a55c001b36f276acfb9ecc8ae167ff15de5d28320ce6a2dc232f
+  data.tar.gz: ced188b66638904c0af191268dc2285e8ceac4872d866623844d1359a38c42da
 SHA512:
-  metadata.gz: 96783cf55c79ff8221d20a8c55f8a29ccd1032e8ca83d55a16aebeae2fd791bd6c02e695a6ddbc03afe80a143dfe0b3bc213f93c8345bf39396a43d1baef6b12
-  data.tar.gz: 0f6dfee9fc37092b97fdc5976d170bb6126683ee640a3ae3ab244a7b8c6d3767d61f5338427c489f72592e317c844cb1bdfcf6ff23599274332ca878bf205f23
+  metadata.gz: ee4e0c44dcdd7d48b45dde56df7e4696a1171c426f5bc12002095fd073e6180753e3d7c4da60f62c97bb2f058bb6dc7f40567e53badb300945878c344ec9c7c5
+  data.tar.gz: 16ffdb8cfcdb41ed530a10f5488e6c68a0f4116ba44fd537c6ffd3419ee0727ea36689f7fa9c612f9cfebd96861358123510d65b9cec4de5d6cedecca733a016

data/app/finders/db_exports/known_locations.rb CHANGED Viewed

@@ -20,9 +20,9 @@ module WPScan
           enumerate(potential_urls(opts), opts.merge(check_full_response: 200)) do |res|
             if res.effective_url.end_with?('.zip')
-              next unless res.headers['Content-Type'] =~ %r{\Aapplication/zip}i
+              next unless %r{\Aapplication/zip}i.match?(res.headers['Content-Type'])
             else
-              next unless res.body =~ SQL_PATTERN
+              next unless SQL_PATTERN.match?(res.body)
             end
             found << Model::DbExport.new(res.request.url, found_by: DIRECT_ACCESS, confidence: 100)

data/app/finders/interesting_findings/duplicator_installer_log.rb CHANGED Viewed

@@ -9,7 +9,7 @@ module WPScan
         def aggressive(_opts = {})
           path = 'installer-log.txt'
-          return unless target.head_and_get(path).body =~ /DUPLICATOR INSTALL-LOG/
+          return unless /DUPLICATOR INSTALL-LOG/.match?(target.head_and_get(path).body)
           Model::DuplicatorInstallerLog.new(
             target.url(path),

data/app/finders/interesting_findings/mu_plugins.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module WPScan
           pattern = %r{#{target.content_dir}/mu\-plugins/}i
           target.in_scope_uris(target.homepage_res) do |uri|
-            next unless uri.path =~ pattern
+            next unless uri.path&.match?(pattern)
             url = target.url('wp-content/mu-plugins/')

data/app/finders/interesting_findings/upload_sql_dump.rb CHANGED Viewed

@@ -12,7 +12,7 @@ module WPScan
           path = 'wp-content/uploads/dump.sql'
           res  = target.head_and_get(path, [200], get: { headers: { 'Range' => 'bytes=0-3000' } })
-          return unless res.body =~ SQL_PATTERN
+          return unless SQL_PATTERN.match?(res.body)
           Model::UploadSQLDump.new(
             target.url(path),

data/app/finders/plugin_version/readme.rb CHANGED Viewed

@@ -52,7 +52,7 @@ module WPScan
           number = Regexp.last_match[1]
-          number if number =~ /[0-9]+/
+          number if /[0-9]+/.match?(number)
         end
         # @param [ String ] body

data/app/finders/plugins/body_pattern.rb CHANGED Viewed

@@ -15,7 +15,7 @@ module WPScan
         #
         # @return [ Plugin ] The detected plugin in the response, related to the config
         def process_response(opts, response, slug, klass, config)
-          return unless response.body =~ config['pattern']
+          return unless response.body&.match?(config['pattern'])
           Model::Plugin.new(
             slug,

data/app/finders/plugins/comment.rb CHANGED Viewed

@@ -18,7 +18,7 @@ module WPScan
           response.html.xpath(config['xpath'] || '//comment()').each do |node|
             comment = node.text.to_s.strip
-            next unless comment =~ config['pattern']
+            next unless comment&.match?(config['pattern'])
             return Model::Plugin.new(
               slug,

data/app/finders/timthumbs/known_locations.rb CHANGED Viewed

@@ -22,7 +22,7 @@ module WPScan
           found = []
           enumerate(target_urls(opts), opts.merge(check_full_response: 400)) do |res|
-            next unless res.body =~ /no image specified/i
+            next unless /no image specified/i.match?(res.body)
             found << Model::Timthumb.new(res.request.url, opts.merge(found_by: found_by, confidence: 100))
           end

data/app/finders/users/login_error_messages.rb CHANGED Viewed

@@ -24,7 +24,7 @@ module WPScan
             return found if error.empty? # Protection plugin / error disabled
-            next unless error =~ /The password you entered for the username|Incorrect Password/i
+            next unless /The password you entered for the username|Incorrect Password/i.match?(error)
             found << Model::User.new(username, found_by: found_by, confidence: 100)
           end

data/lib/wpscan/db/updater.rb CHANGED Viewed

@@ -69,7 +69,7 @@ module WPScan
           connecttimeout: 300,
           accept_encoding: 'gzip, deflate',
           cache_ttl: 0,
-          headers: { 'User-Agent' => Browser.instance.default_user_agent }
+          headers: { 'User-Agent' => Browser.instance.default_user_agent, 'Referer' => nil }
         }
       end

data/lib/wpscan/helper.rb CHANGED Viewed

@@ -14,7 +14,7 @@ end
 # @return [ Symbol ]
 def classify_slug(slug)
   classified = slug.to_s.gsub(/[^a-z\d\-]/i, '-').gsub(/\-{1,}/, '_').camelize.to_s
-  classified = "D_#{classified}" if classified[0] =~ /\d/
+  classified = "D_#{classified}" if /\d/.match?(classified[0])
   classified.to_sym
 end

data/lib/wpscan/target/platform/wordpress.rb CHANGED Viewed

@@ -29,7 +29,7 @@ module WPScan
           end
           homepage_res.html.css('meta[name="generator"]').each do |node|
-            return true if node['content'] =~ /wordpress/i
+            return true if /wordpress/i.match?(node['content'])
           end
           return true unless comments_from_page(/wordpress/i, homepage_res).empty?

data/lib/wpscan/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # Version
 module WPScan
-  VERSION = '3.6.1'
+  VERSION = '3.6.2'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wpscan
 version: !ruby/object:Gem::Version
-  version: 3.6.1
+  version: 3.6.2
 platform: ruby
 authors:
 - WPScanTeam
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-07-23 00:00:00.000000000 Z
+date: 2019-07-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cms_scanner
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.5.4
+        version: 0.5.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.5.4
+        version: 0.5.5
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement