class WPScan::DB::DynamicFinders::Plugin
Public Class Methods
create_versions_finders(slug)
click to toggle source
Create the dynamic finders related to the given slug, and return the created classes
@param [ String ] slug
@return [ Array<Class> ] The created classes
# File lib/wpscan/db/dynamic_finders/plugin.rb, line 81 def self.create_versions_finders(slug) created = [] mod = maybe_create_module(slug) versions_finders_configs[slug]&.each do |finder_class, config| klass = config['class'] || finder_class # Instead of raising exceptions, skip unallowed/already defined finders # So that, when new DF configs are put in the .yml # users with old version of WPScan will still be able to scan blogs # when updating the DB but not the tool next unless allowed_classes.include?(klass.to_sym) created << if mod.constants.include?(finder_class.to_sym) mod.const_get(finder_class.to_sym) else version_finder_super_class(klass).create_child_class(mod, finder_class.to_sym, config) end end created end
df_data()
click to toggle source
@return [ Hash ]
# File lib/wpscan/db/dynamic_finders/plugin.rb, line 8 def self.df_data @df_data ||= all_df_data['plugins'] || {} end
finder_configs(finder_class, aggressive: false)
click to toggle source
@param [ Symbol ] finder_class @param [ Boolean ] aggressive @return [ Hash ]
# File lib/wpscan/db/dynamic_finders/plugin.rb, line 19 def self.finder_configs(finder_class, aggressive: false) configs = {} return configs unless allowed_classes.include?(finder_class) df_data.each do |slug, finders| # Quite sure better can be done with some kind of logic statement in the select fs = if aggressive finders.reject { |_f, c| c['path'].nil? } else finders.select { |_f, c| c['path'].nil? } end fs.each do |finder_name, config| klass = config['class'] || finder_name next unless klass.to_sym == finder_class configs[slug] ||= {} configs[slug][finder_name] = config end end configs end
maybe_create_module(slug)
click to toggle source
@param [ String ] slug @return [ Constant ]
# File lib/wpscan/db/dynamic_finders/plugin.rb, line 65 def self.maybe_create_module(slug) # What about slugs such as js_composer which will be done as JsComposer, just like js-composer constant_name = classify_slug(slug) unless version_finder_module.constants.include?(constant_name) version_finder_module.const_set(constant_name, Module.new) end version_finder_module.const_get(constant_name) end
version_finder_module()
click to toggle source
# File lib/wpscan/db/dynamic_finders/plugin.rb, line 12 def self.version_finder_module Finders::PluginVersion end
version_finder_super_class(klass)
click to toggle source
The idea here would be to check if the class exist in the Finders::DynamicFinders::Plugins/Themes::klass or WpItemVersion::klass and return the related constant when one has been found.
So far, the Finders::DynamicFinders::WPItemVersion is enought as nothing else is used
@param [ String, Symbol ] klass @return [ Constant ]
# File lib/wpscan/db/dynamic_finders/plugin.rb, line 114 def self.version_finder_super_class(klass) "WPScan::Finders::DynamicFinder::WpItemVersion::#{klass}".constantize end
versions_finders_configs()
click to toggle source
@return [ Hash ]
# File lib/wpscan/db/dynamic_finders/plugin.rb, line 46 def self.versions_finders_configs return @versions_finders_configs if @versions_finders_configs @versions_finders_configs = {} df_data.each do |slug, finders| finders.each do |finder_name, config| next unless config.key?('version') @versions_finders_configs[slug] ||= {} @versions_finders_configs[slug][finder_name] = config end end @versions_finders_configs end