From 0ca299e92b0fcf632265a80361c273a38b416d1c Mon Sep 17 00:00:00 2001
From: sandeep <8293321+bauthard@users.noreply.github.com>
Date: Wed, 17 Feb 2021 17:33:03 +0530
Subject: [PATCH] adding wp template and workflow

---
 .../wordpress-xmlrpc-listmethods.yaml         | 26 +++++++++++++++++++
 workflows/wordpress-workflow.yaml             |  1 +
 2 files changed, 27 insertions(+)
 create mode 100644 vulnerabilities/wordpress/wordpress-xmlrpc-listmethods.yaml

diff --git a/vulnerabilities/wordpress/wordpress-xmlrpc-listmethods.yaml b/vulnerabilities/wordpress/wordpress-xmlrpc-listmethods.yaml
new file mode 100644
index 0000000000..ecaeeafa4f
--- /dev/null
+++ b/vulnerabilities/wordpress/wordpress-xmlrpc-listmethods.yaml
@@ -0,0 +1,26 @@
+id: wordpress-xmlrpc-listmethods
+info:
+  name: Wordpress XML-RPC List System Methods
+  author: 0ut0fb4nd
+  severity: info
+  tags: wordpress
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/xmlrpc.php"
+
+    body: "<?xml version=\"1.0\" encoding=\"utf-8\"?><methodCall><methodName>system.listMethods</methodName><params></params></methodCall>"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "system.multicall"
+          - "system.listMethods"
+          - "demo.sayHello"
+        condition: and
+        part: body
\ No newline at end of file
diff --git a/workflows/wordpress-workflow.yaml b/workflows/wordpress-workflow.yaml
index 1057c2d63c..48cfb809a5 100644
--- a/workflows/wordpress-workflow.yaml
+++ b/workflows/wordpress-workflow.yaml
@@ -35,4 +35,5 @@ workflows:
           - template: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml
           - template: vulnerabilities/wordpress/wp-enabled-registration.yaml
           - template: vulnerabilities/wordpress/wp-xmlrpc.yaml
+          - template: vulnerabilities/wordpress/wordpress-xmlrpc-listmethods.yaml
           - template: vulnerabilities/wordpress-zebra-form-xss.yaml
\ No newline at end of file