40 lines
1.1 KiB
Ruby
40 lines
1.1 KiB
Ruby
##
|
|
# This module requires Metasploit: http://metasploit.com/download
|
|
# Current source: https://github.com/rapid7/metasploit-framework
|
|
##
|
|
|
|
require 'msf/core'
|
|
|
|
class MetasploitModule < Msf::Auxiliary
|
|
include Msf::Exploit::Remote::HTTP::Wordpress
|
|
include Msf::Auxiliary::Scanner
|
|
include Msf::Auxiliary::Report
|
|
|
|
def initialize
|
|
super(
|
|
'Name' => 'Wordpress Scanner',
|
|
'Description' => 'Detects Wordpress installations and their version number',
|
|
'Author' => [ 'Christian Mehlmauer' ],
|
|
'License' => MSF_LICENSE
|
|
)
|
|
end
|
|
|
|
def run_host(target_host)
|
|
print_status("Trying ip #{target_host}")
|
|
if wordpress_and_online?
|
|
version = wordpress_version
|
|
version_string = version ? version : '(no version detected)'
|
|
print_good("#{target_host} running Wordpress #{version_string}")
|
|
report_note(
|
|
{
|
|
:host => target_host,
|
|
:proto => 'tcp',
|
|
:sname => (ssl ? 'https' : 'http'),
|
|
:port => rport,
|
|
:type => "Wordpress #{version_string}",
|
|
:data => target_uri
|
|
})
|
|
end
|
|
end
|
|
end
|