Class: WPScan::Finders::DynamicFinder::Version::JavascriptVar
- Inherits:
-
Finder
- Object
- CMSScanner::Finders::Finder
- Finder
- Finder
- WPScan::Finders::DynamicFinder::Version::JavascriptVar
show all
- Defined in:
- lib/wpscan/finders/dynamic_finder/version/javascript_var.rb
Overview
Version finder using JavaScript Variable method
Class Method Summary
collapse
Instance Method Summary
collapse
Methods inherited from Finder
#aggressive, child_class_constant, create_child_class, #passive
Class Method Details
.child_class_constants ⇒ Hash
10
11
12
13
14
15
|
# File 'lib/wpscan/finders/dynamic_finder/version/javascript_var.rb', line 10
def self.child_class_constants
@child_class_constants ||= super().merge(
XPATH: '//script[not(@src)]', VERSION_KEY: nil,
PATTERN: nil, CONFIDENCE: 60
)
end
|
Instance Method Details
#find(response, _opts = {}) ⇒ Version
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
# File 'lib/wpscan/finders/dynamic_finder/version/javascript_var.rb', line 20
def find(response, _opts = {})
target.xpath_pattern_from_page(
self.class::XPATH, self.class::PATTERN, response
) do |match_data, _node|
next unless (version_number = version_number_from_match_data(match_data))
match = match_data.to_s
match = match[/.*?(.{,20}#{Regexp.escape(version_number)}.{,20}).*/, 1] if match.size > 50
return create_version(
version_number,
interesting_entries: ["#{response.effective_url}, Match: '#{match.strip}'"]
)
end
nil
end
|
#version_number_from_match_data(match_data) ⇒ String
41
42
43
44
45
46
47
48
49
50
51
52
53
|
# File 'lib/wpscan/finders/dynamic_finder/version/javascript_var.rb', line 41
def version_number_from_match_data(match_data)
if self.class::VERSION_KEY
begin
json = JSON.parse("{#{match_data[:json].strip.chomp(',').tr("'", '"')}}")
rescue JSON::ParserError
return
end
json.dig(*self.class::VERSION_KEY.split(':'))
else
match_data[:v]
end
end
|