Checks if the wp-login.php is available before attacking it - Fixes #1519

2020-07-16 10:22:45 +02:00
parent 97c995b64c
commit ff574b046c
5 changed files with 75 additions and 19 deletions
--- a/lib/wpscan/errors/wordpress.rb
+++ b/lib/wpscan/errors/wordpress.rb
@@ -29,5 +29,11 @@ module WPScan
        ' use the --scope option or make sure the --url value given is the correct one'
      end
    end
+
+    class NoLoginInterfaceDetected < Standard
+      def to_s
+        'Could not find a login interface to perform the password attack against'
+      end
+    end
  end
 end
--- a/lib/wpscan/target/platform/wordpress.rb
+++ b/lib/wpscan/target/platform/wordpress.rb
@@ -139,15 +139,16 @@ module WPScan
        # the first time the method is called, and the effective_url is then used
        # if suitable, otherwise the default wp-login will be.
        #
-        # @return [ String ] The URL to the login page
+        # @return [ String, false ] The URL to the login page or false if not detected
        def login_url
-          return @login_url if @login_url
+          return @login_url unless @login_url.nil?

-          @login_url = url('wp-login.php')
+          @login_url = url('wp-login.php') # TODO: url(ParsedCli.login_uri)

          res = Browser.get_and_follow_location(@login_url)

          @login_url = res.effective_url if res.effective_url =~ /wp-login\.php\z/i && in_scope?(res.effective_url)
+          @login_url = false if res.code == 404

          @login_url
        end