garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixes #1522

Browse Source
This commit is contained in:
erwanlr
2020-07-20 13:15:54 +02:00
parent cba6e74b13
commit 4320d2436f
2 changed files with 41 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/password_attack.rb
View File

@@ -88,8 +88,8 @@ module WPScan
def xmlrpc_get_users_blogs_enabled? def xmlrpc_get_users_blogs_enabled?
if xmlrpc&.enabled? && if xmlrpc&.enabled? &&
xmlrpc.available_methods.include?('wp.getUsersBlogs') && xmlrpc.available_methods.include?('wp.getUsersBlogs') &&
xmlrpc.method_call('wp.getUsersBlogs', [SecureRandom.hex[0, 6], SecureRandom.hex[0, 4]]) !xmlrpc.method_call('wp.getUsersBlogs', [SecureRandom.hex[0, 6], SecureRandom.hex[0, 4]])
.run.body !~ /XML-RPC services are disabled/ .run.body.match?(/>\s*405\s*</)
true true
else else

45
spec/app/controllers/password_attack_spec.rb
View File

@@ -1,5 +1,24 @@
# frozen_string_literal: true # frozen_string_literal: true
XMLRPC_FAILED_BODY = '
<?xml version="1.0" encoding="UTF-8"?>
<methodResponse>
<fault>
<value>
<struct>
<member>
<name>faultCode</name>
<value><int>405</int></value>
</member>
<member>
<name>faultString</name>
<value><string>%s</string></value>
</member>
</struct>
</value>
</fault>
</methodResponse>'
describe WPScan::Controller::PasswordAttack do describe WPScan::Controller::PasswordAttack do
subject(:controller) { described_class.new } subject(:controller) { described_class.new }
let(:target_url) { 'http://ex.lo/' } let(:target_url) { 'http://ex.lo/' }
@@ -81,20 +100,34 @@ describe WPScan::Controller::PasswordAttack do
end end
context 'when wp.getUsersBlogs method listed' do context 'when wp.getUsersBlogs method listed' do
before { expect(xmlrpc).to receive(:available_methods).and_return(%w[wp.getUsersBlogs m2]) } before do
expect(xmlrpc).to receive(:available_methods).and_return(%w[wp.getUsersBlogs m2])
stub_request(:post, xmlrpc.url).to_return(body: body)
end
context 'when wp.getUsersBlogs method disabled' do context 'when wp.getUsersBlogs method disabled' do
it 'returns false' do context 'when blog is in EN' do
stub_request(:post, xmlrpc.url).to_return(body: 'XML-RPC services are disabled on this site.') let(:body) { format(XMLRPC_FAILED_BODY, 'XML-RPC services are disabled on this site.') }
expect(controller.xmlrpc_get_users_blogs_enabled?).to be false it 'returns false' do
expect(controller.xmlrpc_get_users_blogs_enabled?).to be false
end
end
context 'when blog is in FR' do
let(:body) { format(XMLRPC_FAILED_BODY, 'Les services XML-RPC sont désactivés sur ce site.') }
it 'returns false' do
expect(controller.xmlrpc_get_users_blogs_enabled?).to be false
end
end end
end end
context 'when wp.getUsersBlogs method enabled' do context 'when wp.getUsersBlogs method enabled' do
it 'returns true' do let(:body) { 'Incorrect username or password.' }
stub_request(:post, xmlrpc.url).to_return(body: 'Incorrect username or password.')
it 'returns true' do
expect(controller.xmlrpc_get_users_blogs_enabled?).to be true expect(controller.xmlrpc_get_users_blogs_enabled?).to be true
end end
end end