garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updates finders to use new methods

Browse Source
This commit is contained in:
erwanlr
2019-03-26 21:10:14 +00:00
parent cfab2a9cd7
commit 743ba0541b
11 changed files with 169 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
app/finders/interesting_findings/upload_sql_dump.rb
View File

@@ -9,22 +9,17 @@ module WPScan
# @return [ InterestingFinding ]
def aggressive(_opts = {})
head_res = browser.forge_request(dump_url, target.head_or_get_request_params).run
path = 'wp-content/uploads/dump.sql'
res = target.head_and_get(path, [200], get: { headers: { 'Range' => 'bytes=0-3000' } })
return unless head_res.code == 200
return unless Browser.get(dump_url, headers: { 'Range' => 'bytes=0-3000' }).body =~ SQL_PATTERN
return unless res.body =~ SQL_PATTERN
Model::UploadSQLDump.new(
dump_url,
target.url(path),
confidence: 100,
found_by: DIRECT_ACCESS
)
end
def dump_url
@dump_url ||= target.url('wp-content/uploads/dump.sql')
end
end
end
end