Ref #150 Backupbuddy plugin vulns

data/plugin_vulns.xml

@@ -4113,4 +4113,12 @@
     </vulnerability>
   </plugin>
 
+  <plugin name="backupbuddy">
+    <vulnerability>
+      <title>Backupbuddy - sensitive data exposure in importbuddy.php</title>
+      <reference>http://seclists.org/fulldisclosure/2013/Mar/206</reference>
+      <type>UNKNOWN</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>

lib/wpscan/wp_target.rb

@@ -155,16 +155,6 @@ class WpTarget < WebSite
     resp.code == 200 && resp.body[%r{by interconnect}i]
   end
 
-  # FIXME: a plugin which does not follow the wordpress plugin system
-  def backupbuddy_url
-    @uri.merge('importbuddy.php').to_s
-  end
-
-  def has_backupbuddy?
-    response = Browser.instance.get(backupbuddy_url)
-    response.code == 200 && response.body[%r{BackupBuddy}i]
-  end
-
   # Should check wp-login.php if registration is enabled or not
   def registration_enabled?
     resp = Browser.instance.get(registration_url)

main.rb

@@ -170,14 +170,6 @@ def main
       puts red("[!] searchreplacedb2.php has been found '#{wp_target.search_replace_db_2_url}'")
     end
 
-    if wp_target.has_backupbuddy?
-      puts red("[!] BackupBuddy has been found")
-      puts ' |'
-      puts " | Location: #{wp_target.backupbuddy_url}"
-      puts ' | ' + red('* Reference: http://seclists.org/fulldisclosure/2013/Mar/206')
-      puts
-    end
-
     if wp_target.is_multisite?
       puts green('[+]') + ' This site seems to be a multisite (http://codex.wordpress.org/Glossary#Multisite)'
     end

wpscan.rb

@@ -24,4 +24,4 @@ $: << '.'
 require File.dirname(__FILE__) + '/lib/wpscan/wpscan_helper'
 require File.dirname(__FILE__) + '/main'
 
-main()
+main()