2013-08-22 15:33:35 +00:00
|
|
|
# -*- coding: binary -*-
|
|
|
|
|
|
|
|
|
|
# This module provides a way of interacting with wordpress installations
|
|
|
|
|
module Msf
|
2013-09-05 19:11:03 +00:00
|
|
|
module HTTP
|
|
|
|
|
module Wordpress
|
|
|
|
|
require 'msf/http/wordpress/base'
|
|
|
|
|
require 'msf/http/wordpress/helpers'
|
|
|
|
|
require 'msf/http/wordpress/login'
|
|
|
|
|
require 'msf/http/wordpress/posts'
|
|
|
|
|
require 'msf/http/wordpress/uris'
|
|
|
|
|
require 'msf/http/wordpress/users'
|
2013-09-24 06:59:56 +00:00
|
|
|
require 'msf/http/wordpress/version'
|
2013-08-22 15:33:35 +00:00
|
|
|
|
2013-09-05 19:11:03 +00:00
|
|
|
include Msf::Exploit::Remote::HttpClient
|
|
|
|
|
include Msf::HTTP::Wordpress::Base
|
|
|
|
|
include Msf::HTTP::Wordpress::Helpers
|
|
|
|
|
include Msf::HTTP::Wordpress::Login
|
|
|
|
|
include Msf::HTTP::Wordpress::Posts
|
|
|
|
|
include Msf::HTTP::Wordpress::URIs
|
|
|
|
|
include Msf::HTTP::Wordpress::Users
|
2013-09-24 06:59:56 +00:00
|
|
|
include Msf::HTTP::Wordpress::Version
|
2013-08-22 15:33:35 +00:00
|
|
|
|
2013-09-05 19:11:03 +00:00
|
|
|
def initialize(info = {})
|
|
|
|
|
super
|
2013-08-22 15:33:35 +00:00
|
|
|
|
2013-09-05 19:11:03 +00:00
|
|
|
register_options(
|
2014-07-22 15:02:35 +00:00
|
|
|
[
|
|
|
|
|
Msf::OptString.new('TARGETURI', [true, 'The base path to the wordpress application', '/'])
|
|
|
|
|
], HTTP::Wordpress
|
2013-09-05 19:11:03 +00:00
|
|
|
)
|
2014-07-22 15:02:35 +00:00
|
|
|
|
|
|
|
|
register_advanced_options(
|
|
|
|
|
[
|
|
|
|
|
Msf::OptString.new('WPCONTENTDIR', [true, 'The name of the wp-content directory', 'wp-content'])
|
|
|
|
|
], HTTP::Wordpress
|
|
|
|
|
)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def wp_content_dir
|
|
|
|
|
datastore['WPCONTENTDIR']
|
2013-09-05 19:11:03 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2013-08-22 15:33:35 +00:00
|
|
|
end
|
