From fcaef7621594f9316271f937e52cdf12af62d85d Mon Sep 17 00:00:00 2001
From: wchen-r7 <wei_chen@rapid7.com>
Date: Wed, 20 Jan 2016 17:14:44 -0600
Subject: [PATCH] Do a version check

This attack is not suitable for newer versions due to the
mitigation in place.
---
 modules/auxiliary/scanner/http/wordpress_xmlrpc_login.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/auxiliary/scanner/http/wordpress_xmlrpc_login.rb b/modules/auxiliary/scanner/http/wordpress_xmlrpc_login.rb
index 442d43509b..4cbcb2652d 100644
--- a/modules/auxiliary/scanner/http/wordpress_xmlrpc_login.rb
+++ b/modules/auxiliary/scanner/http/wordpress_xmlrpc_login.rb
@@ -61,6 +61,8 @@ class Metasploit3 < Msf::Auxiliary
 
   def check_setup
     vprint_status("Checking #{peer} status!")
+    version = wordpress_version
+    vprint_status("Found Wordpress version: #{version}")
 
     if !wordpress_and_online?
       print_error("#{peer}:#{rport}#{target_uri} does not appear to be running Wordpress or you got blocked! (Do Manual Check)")
@@ -68,6 +70,8 @@ class Metasploit3 < Msf::Auxiliary
     elsif !wordpress_xmlrpc_enabled?
       print_error("#{peer}:#{rport}#{wordpress_url_xmlrpc} does not enable XMLRPC")
       false
+    elsif Gem::Version.new(version) >= Gem::Version.new('4.4.1')
+      false
     else
       print_status("Target #{peer} is running Wordpress")
       true