2013-08-21 22:45:22 +00:00
|
|
|
# -*- coding: binary -*-
|
2013-08-22 15:33:35 +00:00
|
|
|
module Msf::HTTP::Wordpress::Posts
|
2013-08-21 22:45:22 +00:00
|
|
|
|
|
|
|
|
# Posts a comment as an authenticated user
|
|
|
|
|
#
|
2013-08-23 19:59:36 +00:00
|
|
|
# @param comment [String] The comment
|
|
|
|
|
# @param comment_post_id [Integer] The Post ID to post the comment to
|
|
|
|
|
# @param login_cookie [String] The valid login_cookie
|
2013-08-24 16:42:22 +00:00
|
|
|
# @return [String,nil] The location of the new comment/post, nil on error
|
2013-08-21 22:45:22 +00:00
|
|
|
def wordpress_post_comment_auth(comment, comment_post_id, login_cookie)
|
|
|
|
|
wordpress_helper_post_comment(comment, comment_post_id, login_cookie, nil, nil, nil)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Posts a comment as an unauthenticated user
|
|
|
|
|
#
|
2013-08-23 19:59:36 +00:00
|
|
|
# @param comment [String] The comment
|
|
|
|
|
# @param comment_post_id [Integer] The Post ID to post the comment to
|
|
|
|
|
# @param author [String] The author name
|
|
|
|
|
# @param email [String] The author email
|
|
|
|
|
# @param url [String] The author url
|
2013-08-24 16:42:22 +00:00
|
|
|
# @return [String,nil] The location of the new comment/post, nil on error
|
2013-08-21 22:45:22 +00:00
|
|
|
def wordpress_post_comment_no_auth(comment, comment_post_id, author, email, url)
|
|
|
|
|
wordpress_helper_post_comment(comment, comment_post_id, nil, author, email, url)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Tries to bruteforce a valid post_id
|
|
|
|
|
#
|
2013-08-23 19:59:36 +00:00
|
|
|
# @param min_post_id [Integer] The first post_id to bruteforce
|
|
|
|
|
# @param max_post_id [Integer] The last post_id to bruteforce
|
|
|
|
|
# @param login_cookie [String] If set perform the bruteforce as an authenticated user
|
2013-08-24 16:42:22 +00:00
|
|
|
# @return [Integer,nil] The post id, nil when nothing found
|
2013-08-24 16:51:07 +00:00
|
|
|
def wordpress_bruteforce_valid_post_id(min_post_id, max_post_id, login_cookie=nil)
|
2013-08-23 19:59:36 +00:00
|
|
|
return nil if min_post_id > max_post_id
|
|
|
|
|
range = Range.new(min_post_id, max_post_id)
|
2013-08-24 16:51:07 +00:00
|
|
|
wordpress_helper_bruteforce_valid_post_id(range, false, login_cookie)
|
2013-08-21 22:45:22 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Tries to bruteforce a valid post_id with comments enabled
|
|
|
|
|
#
|
2013-08-23 19:59:36 +00:00
|
|
|
# @param min_post_id [Integer] The first post_id to bruteforce
|
|
|
|
|
# @param max_post_id [Integer] The last post_id to bruteforce
|
|
|
|
|
# @param login_cookie [String] If set perform the bruteforce as an authenticated user
|
2013-08-24 16:42:22 +00:00
|
|
|
# @return [Integer,nil] The post id, nil when nothing found
|
2013-08-24 16:51:07 +00:00
|
|
|
def wordpress_bruteforce_valid_post_id_with_comments_enabled(min_post_id, max_post_id, login_cookie=nil)
|
2013-08-23 19:59:36 +00:00
|
|
|
return nil if min_post_id > max_post_id
|
|
|
|
|
range = Range.new(min_post_id, max_post_id)
|
2013-08-24 16:51:07 +00:00
|
|
|
wordpress_helper_bruteforce_valid_post_id(range, true, login_cookie)
|
2013-08-21 22:45:22 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Checks if the provided post has comments enabled
|
|
|
|
|
#
|
2013-08-23 19:59:36 +00:00
|
|
|
# @param post_id [Integer] The post ID to check
|
|
|
|
|
# @param login_cookie [String] If set perform the check as an authenticated user
|
2013-08-24 16:42:22 +00:00
|
|
|
# @return [String,nil] the HTTP response body of the post, nil otherwise
|
2013-08-21 22:45:22 +00:00
|
|
|
def wordpress_post_comments_enabled?(post_id, login_cookie=nil)
|
|
|
|
|
wordpress_helper_check_post_id(wordpress_url_post(post_id), true, login_cookie)
|
|
|
|
|
end
|
|
|
|
|
|
2013-08-24 16:42:22 +00:00
|
|
|
# Tries to get some Blog Posts via the RSS feed
|
|
|
|
|
#
|
|
|
|
|
# @return [Array<String>,nil] String Array with valid blog posts, nil on error
|
2013-08-24 16:58:00 +00:00
|
|
|
def wordpress_get_all_blog_posts_via_feed
|
2013-08-24 16:42:22 +00:00
|
|
|
vprint_status("#{peer} - Enumerating Blog posts...")
|
|
|
|
|
blog_posts = []
|
|
|
|
|
|
|
|
|
|
begin
|
|
|
|
|
vprint_status("#{peer} - Locating wordpress feed...")
|
|
|
|
|
res = send_request_cgi({
|
|
|
|
|
'uri' => wordpress_url_rss,
|
|
|
|
|
'method' => 'GET'
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
count = datastore['NUM_REDIRECTS']
|
|
|
|
|
|
|
|
|
|
# Follow redirects
|
|
|
|
|
while (res.code == 301 || res.code == 302) and res.headers['Location'] and count != 0
|
|
|
|
|
path = wordpress_helper_parse_location_header(res)
|
|
|
|
|
return nil unless path
|
|
|
|
|
|
|
|
|
|
vprint_status("#{peer} - Web server returned a #{res.code}...following to #{path}")
|
|
|
|
|
res = send_request_cgi({
|
|
|
|
|
'uri' => path,
|
|
|
|
|
'method' => 'GET'
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
if res.code == 200
|
|
|
|
|
vprint_status("#{peer} - Feed located at #{path}")
|
|
|
|
|
else
|
|
|
|
|
vprint_status("#{peer} - Returned a #{res.code}...")
|
|
|
|
|
end
|
|
|
|
|
count = count - 1
|
|
|
|
|
end
|
|
|
|
|
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
|
|
|
|
|
print_error("#{peer} - Unable to connect")
|
|
|
|
|
return nil
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
if res.nil? or res.code != 200
|
|
|
|
|
vprint_status("#{peer} - Did not recieve HTTP response for RSS feed")
|
|
|
|
|
return blog_posts
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# parse out links and place in array
|
|
|
|
|
links = res.body.scan(/<link>([^<]+)<\/link>/i)
|
|
|
|
|
|
|
|
|
|
if links.nil? or links.empty?
|
|
|
|
|
vprint_status("#{peer} - Feed did not have any links present")
|
|
|
|
|
return blog_posts
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
links.each do |link|
|
|
|
|
|
blog_posts << link[0]
|
|
|
|
|
end
|
|
|
|
|
return blog_posts
|
|
|
|
|
end
|
|
|
|
|
|
2013-08-21 22:45:22 +00:00
|
|
|
end
|
