From fde68acc0e8d08a7db6866fdf4291f1ded9f5b68 Mon Sep 17 00:00:00 2001 From: james Date: Sat, 2 Sep 2017 22:26:04 -0500 Subject: [PATCH] Styling changes in wordpress helpers Changes based on rubocop output --- .../core/exploit/http/wordpress/helpers.rb | 44 +++++++++---------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/lib/msf/core/exploit/http/wordpress/helpers.rb b/lib/msf/core/exploit/http/wordpress/helpers.rb index d667ff0ebc..f938620420 100644 --- a/lib/msf/core/exploit/http/wordpress/helpers.rb +++ b/lib/msf/core/exploit/http/wordpress/helpers.rb @@ -10,12 +10,12 @@ module Msf::Exploit::Remote::HTTP::Wordpress::Helpers # @param pass [String] Password # @param redirect URL [String] to redirect after successful login # @return [Hash] The post data for vars_post Parameter - def wordpress_helper_login_post_data(user, pass, redirect=nil) + def wordpress_helper_login_post_data(user, pass, redirect = nil) post_data = { - 'log' => user.to_s, - 'pwd' => pass.to_s, - 'redirect_to' => redirect.to_s, - 'wp-submit' => 'Login' + 'log' => user.to_s, + 'pwd' => pass.to_s, + 'redirect_to' => redirect.to_s, + 'wp-submit' => 'Login' } post_data end @@ -31,23 +31,23 @@ module Msf::Exploit::Remote::HTTP::Wordpress::Helpers # @return [String,nil] The location of the new comment/post, nil on error def wordpress_helper_post_comment(comment, comment_post_id, login_cookie, author, email, url) vars_post = { - 'comment' => comment, - 'submit' => 'Post+Comment', - 'comment_post_ID' => comment_post_id.to_s, - 'comment_parent' => '0' + 'comment' => comment, + 'submit' => 'Post+Comment', + 'comment_post_ID' => comment_post_id.to_s, + 'comment_parent' => '0' } vars_post.merge!({ - 'author' => author, - 'email' => email, - 'url' => url, + 'author' => author, + 'email' => email, + 'url' => url }) unless login_cookie options = { - 'uri' => normalize_uri(target_uri.path, 'wp-comments-post.php'), - 'method' => 'POST' + 'uri' => normalize_uri(target_uri.path, 'wp-comments-post.php'), + 'method' => 'POST' } - options.merge!({'vars_post' => vars_post}) - options.merge!({'cookie' => login_cookie}) if login_cookie + options.merge!({ 'vars_post' => vars_post }) + options.merge!({ 'cookie' => login_cookie }) if login_cookie res = send_request_cgi(options) if res && res.redirect? && res.redirection return wordpress_helper_parse_location_header(res) @@ -65,7 +65,7 @@ module Msf::Exploit::Remote::HTTP::Wordpress::Helpers # @param comments_enabled [Boolean] If true try to find a post id with comments enabled, otherwise return the first found # @param login_cookie [String] A valid login cookie to perform the bruteforce as an authenticated user # @return [Integer,nil] The post id, nil when nothing found - def wordpress_helper_bruteforce_valid_post_id(range, comments_enabled=false, login_cookie=nil) + def wordpress_helper_bruteforce_valid_post_id(range, comments_enabled = false, login_cookie = nil) range.each { |id| vprint_status("Checking POST ID #{id}...") if (id % 100) == 0 body = wordpress_helper_check_post_id(wordpress_url_post(id), comments_enabled, login_cookie) @@ -81,15 +81,15 @@ module Msf::Exploit::Remote::HTTP::Wordpress::Helpers # @param comments_enabled [Boolean] Check if comments are enabled on this post # @param login_cookie [String] A valid login cookie to perform the check as an authenticated user # @return [String,nil] the HTTP response body of the post, nil otherwise - def wordpress_helper_check_post_id(uri, comments_enabled=false, login_cookie=nil) + def wordpress_helper_check_post_id(uri, comments_enabled = false, login_cookie = nil) options = { - 'method' => 'GET', - 'uri' => uri + 'method' => 'GET', + 'uri' => uri } - options.merge!({'cookie' => login_cookie}) if login_cookie + options.merge!({ 'cookie' => login_cookie }) if login_cookie res = send_request_cgi(options) # post exists - if res and res.code == 200 + if res && res.code == 200 # also check if comments are enabled if comments_enabled if res.body =~ /form.*action.*wp-comments-post\.php/