class WPScan::DB::VulnApi
WPVulnDB API
Constants
- NON_ERROR_CODES
Attributes
token[RW]
Public Class Methods
default_request_params()
click to toggle source
@return [ Hash ] @note Those params can not be overriden by CLI options
# File lib/wpscan/db/vuln_api.rb, line 72 def self.default_request_params @default_request_params ||= Browser.instance.default_connect_request_params.merge( headers: { 'User-Agent' => Browser.instance.default_user_agent, 'Authorization' => "Token token=#{token}" } ) end
get(path, params = {})
click to toggle source
@param [ String ] path @param [ Hash ] params
@return [ Hash ]
# File lib/wpscan/db/vuln_api.rb, line 22 def self.get(path, params = {}) return {} unless token return {} if path.end_with?('/latest') # Remove this when api/v4 is up # Typhoeus.get is used rather than Browser.get to avoid merging irrelevant params from the CLI res = Typhoeus.get(uri.join(path), default_request_params.merge(params)) return {} if res.code == 404 || res.code == 429 return JSON.parse(res.body) if NON_ERROR_CODES.include?(res.code) raise Error::HTTP, res rescue Error::HTTP => e retries ||= 0 if (retries += 1) <= 3 @default_request_params[:headers]['X-Retry'] = retries sleep(1) retry end { 'http_error' => e } end
plugin_data(slug)
click to toggle source
@return [ Hash ]
# File lib/wpscan/db/vuln_api.rb, line 47 def self.plugin_data(slug) get("plugins/#{slug}")&.dig(slug) || {} end
status()
click to toggle source
@return [ Hash ]
# File lib/wpscan/db/vuln_api.rb, line 62 def self.status json = get('status', params: { version: WPScan::VERSION }, cache_ttl: 0) json['requests_remaining'] = 'Unlimited' if json['requests_remaining'] == -1 json end
theme_data(slug)
click to toggle source
@return [ Hash ]
# File lib/wpscan/db/vuln_api.rb, line 52 def self.theme_data(slug) get("themes/#{slug}")&.dig(slug) || {} end
uri()
click to toggle source
@return [ Addressable::URI ]
# File lib/wpscan/db/vuln_api.rb, line 14 def self.uri @uri ||= Addressable::URI.parse('https://wpscan.com/api/v3/') end
wordpress_data(version_number)
click to toggle source
@return [ Hash ]
# File lib/wpscan/db/vuln_api.rb, line 57 def self.wordpress_data(version_number) get("wordpresses/#{version_number.tr('.', '')}")&.dig(version_number) || {} end