class WPScan::Finders::DynamicFinder::Version::ConfigParser
Version
finder using by parsing config files, such as composer.json and so on
Constants
- ALLOWED_PARSERS
Public Class Methods
child_class_constants()
click to toggle source
Calls superclass method
WPScan::Finders::DynamicFinder::Finder::child_class_constants
# File lib/wpscan/finders/dynamic_finder/version/config_parser.rb, line 12 def self.child_class_constants @child_class_constants ||= super.merge( PARSER: nil, KEY: nil, PATTERN: /(?<v>\d+\.[.\d]+)/, CONFIDENCE: 70 ) end
Public Instance Methods
find(response, _opts = {})
click to toggle source
@param [ Typhoeus::Response
] response @param [ Hash ] opts @return [ Version
]
# File lib/wpscan/finders/dynamic_finder/version/config_parser.rb, line 40 def find(response, _opts = {}) parsed_body = parse(response.body) # Create indexes for the #dig, digits are converted to integers indexes = self.class::KEY.split(':').map { |e| e == e.to_i.to_s ? e.to_i : e } return unless (data = parsed_body&.dig(*indexes)) && data =~ self.class::PATTERN create_version( Regexp.last_match[:v], interesting_entries: ["#{response.effective_url}, Match: '#{Regexp.last_match}'"] ) end
parse(body)
click to toggle source
@param [ String ] body @return [ Hash, nil ] The parsed body, with an available parser, if possible
# File lib/wpscan/finders/dynamic_finder/version/config_parser.rb, line 20 def parse(body) parsers = ALLOWED_PARSERS.include?(self.class::PARSER) ? [self.class::PARSER] : ALLOWED_PARSERS parsers.each do |parser| parsed = parser.respond_to?(:safe_load) ? parser.safe_load(body) : parser.load(body) return parsed if parsed.is_a?(Hash) || parsed.is_a?(Array) rescue StandardError next end nil # Make sure nil is returned in case none of the parsers managed to parse the body correctly end
passive(opts = {})
click to toggle source
No Passive way
# File lib/wpscan/finders/dynamic_finder/version/config_parser.rb, line 35 def passive(opts = {}); end