Class: WPScan::Finders::Users::OembedApi
- Inherits:
-
CMSScanner::Finders::Finder
- Object
- CMSScanner::Finders::Finder
- WPScan::Finders::Users::OembedApi
- Defined in:
- app/finders/users/oembed_api.rb
Overview
Since WP 4.4, the oembed API can disclose a user github.com/wpscanteam/wpscan/issues/1049
Instance Method Summary collapse
- #aggressive(_opts = {}) ⇒ Array<User>
-
#api_url ⇒ String
The URL of the API listing the Users.
- #found_by_msg ⇒ Object
- #passive(_opts = {}) ⇒ Array<User>
- #user_details_from_oembed_data(oembed_data) ⇒ Object
Instance Method Details
#aggressive(_opts = {}) ⇒ Array<User>
20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'app/finders/users/oembed_api.rb', line 20 def aggressive(_opts = {}) = JSON.parse(Browser.get(api_url).body) details = () return [] unless details [Model::User.new(details[0], found_by: format(found_by_msg, details[1]), confidence: details[2], interesting_entries: [api_url])] rescue JSON::ParserError [] end |
#api_url ⇒ String
Returns The URL of the API listing the Users.
53 54 55 |
# File 'app/finders/users/oembed_api.rb', line 53 def api_url @api_url ||= target.url("wp-json/oembed/1.0/embed?url=#{target.url}&format=json") end |
#found_by_msg ⇒ Object
48 49 50 |
# File 'app/finders/users/oembed_api.rb', line 48 def found_by_msg 'Oembed API - %s (Aggressive Detection)' end |
#passive(_opts = {}) ⇒ Array<User>
12 13 14 15 |
# File 'app/finders/users/oembed_api.rb', line 12 def passive(_opts = {}) # TODO: get the api_url from the Homepage and query it if present, # then discard the aggressive check if same/similar URL end |
#user_details_from_oembed_data(oembed_data) ⇒ Object
34 35 36 37 38 39 40 41 42 43 44 45 46 |
# File 'app/finders/users/oembed_api.rb', line 34 def () return unless = .first if .is_a?(Array) if ['author_url'] =~ %r{/author/([^/]+)/?\z} details = [Regexp.last_match[1], 'Author URL', 90] elsif ['author_name'] && !['author_name'].empty? details = [['author_name'], 'Author Name', 70] end details end |