more feedback implemented

lib/msf/http/wordpress/helpers.rb

@@ -6,12 +6,14 @@ module Msf::HTTP::Wordpress::Helpers
 	# @param user [String] Username
 	# @param pass [String] Password
 	# @param redirect URL [String] to redirect after successful login
-	# @return [String] The post data
+	# @return [Hash] The post data for vars_post Parameter
 	def wordpress_helper_login_post_data(user, pass, redirect=nil)
-		post_data = "log=#{Rex::Text.uri_encode(user.to_s)}"
-		post_data << "&pwd=#{Rex::Text.uri_encode(pass.to_s)}"
-		post_data << "&redirect_to=#{Rex::Text.uri_encode(redirect.to_s)}"
-		post_data << '&wp-submit=Login'
+		post_data = {
+				'log' => user.to_s,
+				'pwd' => pass.to_s,
+				'redirect_to' => redirect.to_s,
+				'wp-submit' => 'Login'
+		}
 		post_data
 	end
 

lib/msf/http/wordpress/login.rb

@@ -11,15 +11,13 @@ module Msf::HTTP::Wordpress::Login
 		res = send_request_cgi({
 				'method' => 'POST',
 				'uri' => wordpress_uri_login,
-				'data' => wordpress_helper_login_post_data(user, pass, redirect),
+				'vars_post' => wordpress_helper_login_post_data(user, pass, redirect)
 		})
 
-		if res and res.code == 302 and res.headers['Location'] == redirect
+		if res and (res.code == 301 or res.code == 302) and res.headers['Location'] == redirect
 			match = res.get_cookies.match(/(wordpress(?:_sec)?_logged_in_[^=]+=[^;]+);/i)
-			if match
-				# return wordpress login cookie
-				return match[0]
-			end
+			# return wordpress login cookie
+			return match[0] if match
 		end
 		return nil
 	end

lib/msf/http/wordpress/users.rb

@@ -9,19 +9,14 @@ module Msf::HTTP::Wordpress::Users
 		res = send_request_cgi({
 				'method' => 'POST',
 				'uri' => wordpress_uri_login,
-				'data' => wordpress_helper_login_post_data(user, 'x'),
+				'vars_post' => wordpress_helper_login_post_data(user, rand_text_alpha(6))
 		})
 
-		exists = false
-		if res and res.code == 200
-			if res.body.to_s =~ /Incorrect password/ or
-					res.body.to_s =~ /document\.getElementById\('user_pass'\)/
-				exists = true
-			else
-				exists = false
-			end
-		end
-		return exists
+		return true if res and res.code == 200 and
+				(res.body.to_s =~ /Incorrect password/ or
+						res.body.to_s =~ /document\.getElementById\('user_pass'\)/)
+
+		return false
 	end
 
 	# Checks if the given userid exists
@@ -36,7 +31,8 @@ module Msf::HTTP::Wordpress::Users
 		})
 
 		if res and res.code == 301
-			uri = URI(res.headers['Location'])
+			uri = wordpress_helper_parse_location_header(res)
+			return nil unless uri
 			# try to extract username from location
 			if uri.to_s =~ /\/author\/([^\/\b]+)\/?/i
 				return $1
@@ -50,12 +46,12 @@ module Msf::HTTP::Wordpress::Users
 
 		if res.nil?
 			print_error("#{target_uri} - Error getting response.")
+			return nil
 		elsif res.code == 200 and
 				(res.body =~ /href="http[s]*:\/\/.*\/\?*author.+title="([[:print:]]+)" /i or
 						res.body =~ /<body class="archive author author-(?:[^\s]+) author-(?:\d+)/i)
 			return $1
 		end
-		return nil
 	end
 
 end