metasploit-framework/modules/auxiliary/scanner/http/wordpress_scanner.rb

40 lines
1.1 KiB
Ruby

##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::HTTP::Wordpress
include Msf::Auxiliary::Scanner
include Msf::Auxiliary::Report
def initialize
super(
'Name' => 'Wordpress Scanner',
'Description' => 'Detects Wordpress installations and their version number',
'Author' => [ 'Christian Mehlmauer' ],
'License' => MSF_LICENSE
)
end
def run_host(target_host)
print_status("Trying ip #{target_host}")
if wordpress_and_online?
version = wordpress_version
version_string = version ? version : '(no version detected)'
print_good("#{target_host} running Wordpress #{version_string}")
report_note(
{
:host => target_host,
:proto => 'tcp',
:sname => (ssl ? 'https' : 'http'),
:port => rport,
:type => "Wordpress #{version_string}",
:data => target_uri
})
end
end
end