class WPScan::Finders::DynamicFinder::Version::QueryParameter
Version
finder using QueryParameter
method
Public Class Methods
child_class_constants()
click to toggle source
@return [ Hash ]
Calls superclass method
WPScan::Finders::DynamicFinder::Finder::child_class_constants
# File lib/wpscan/finders/dynamic_finder/version/query_parameter.rb, line 10 def self.child_class_constants @child_class_constants ||= super().merge( XPATH: nil, FILES: nil, PATTERN: /(?:v|ver|version)=(?<v>\d+\.[.\d]+)/i, CONFIDENCE_PER_OCCURENCE: 10 ) end
Public Instance Methods
find(response, _opts = {})
click to toggle source
@param [ Typhoeus::Response
] response @param [ Hash ] opts @return [ Array<Version>, nil ]
# File lib/wpscan/finders/dynamic_finder/version/query_parameter.rb, line 19 def find(response, _opts = {}) found = [] scan_response(response).each do |version_number, occurences| found << create_version( version_number, confidence: self.class::CONFIDENCE_PER_OCCURENCE * occurences.size, interesting_entries: occurences ) end found.compact end
path_pattern()
click to toggle source
@return [ Regexp ]
# File lib/wpscan/finders/dynamic_finder/version/query_parameter.rb, line 56 def path_pattern @path_pattern ||= %r{/(?:#{self.class::FILES.join('|')})\z}i end
scan_response(response)
click to toggle source
@param [ Typhoeus::Response
] response @return [ Hash ]
# File lib/wpscan/finders/dynamic_finder/version/query_parameter.rb, line 35 def scan_response(response) found = {} target.in_scope_uris(response, xpath) do |uri| next unless uri.path =~ path_pattern && uri.query&.match(self.class::PATTERN) version = Regexp.last_match[:v].to_s found[version] ||= [] found[version] << uri.to_s end found end
xpath()
click to toggle source
@return [ String ]
# File lib/wpscan/finders/dynamic_finder/version/query_parameter.rb, line 51 def xpath @xpath ||= self.class::XPATH || '//link[@href]/@href|//script[@src]/@src' end