WpLoginProtection

Constants

LOGIN_PROTECTION_METHOD_PATTERN

Public Instance Methods

has_login_protection?() click to toggle source

# File lib/wpscan/modules/wp_login_protection.rb, line 8
def has_login_protection?
  !login_protection_plugin().nil?
end

login_protection_plugin() click to toggle source

Checks if a login protection plugin is enabled code.google.com/p/wpscan/issues/detail?id=111 return a WpPlugin object or nil if no one is found

# File lib/wpscan/modules/wp_login_protection.rb, line 15
def login_protection_plugin
  unless @login_protection_plugin
    protected_methods.grep(LOGIN_PROTECTION_METHOD_PATTERN).each do |symbol_to_call|

      if send(symbol_to_call)
        plugin_name = symbol_to_call[LOGIN_PROTECTION_METHOD_PATTERN, 1].gsub('_', '-')

        return @login_protection_plugin = WpPlugin.new(
          @uri,
          name:           plugin_name,
          wp_content_dir: wp_content_dir,
          wp_plugins_dir: wp_plugins_dir
        )
      end
    end
    @login_protection_plugin = nil
  end
  @login_protection_plugin
end

Protected Instance Methods

better_wp_security_url() click to toggle source

# File lib/wpscan/modules/wp_login_protection.rb, line 61
def better_wp_security_url
  plugin_url('better-wp-security/')
end

bluetrait_event_viewer_url() click to toggle source

# File lib/wpscan/modules/wp_login_protection.rb, line 97
def bluetrait_event_viewer_url
  plugin_url('bluetrait-event-viewer')
end

has_better_wp_security_protection?() click to toggle source

wordpress.org/extend/plugins/better-wp-security/

# File lib/wpscan/modules/wp_login_protection.rb, line 48
def has_better_wp_security_protection?
  Browser.instance.get(better_wp_security_url).code != 404
end

has_bluetrait_event_viewer_protection?() click to toggle source

wordpress.org/extend/plugins/bluetrait-event-viewer/

# File lib/wpscan/modules/wp_login_protection.rb, line 93
def has_bluetrait_event_viewer_protection?
  Browser.instance.get(bluetrait_event_viewer_url).code != 404
end

has_limit_login_attempts_protection?() click to toggle source

wordpress.org/extend/plugins/limit-login-attempts/

# File lib/wpscan/modules/wp_login_protection.rb, line 84
def has_limit_login_attempts_protection?
  Browser.instance.get(limit_login_attempts_url).code != 404
end

has_login_lock_protection?() click to toggle source

wordpress.org/extend/plugins/login-lock/

# File lib/wpscan/modules/wp_login_protection.rb, line 43
def has_login_lock_protection?
  Browser.instance.get(login_url).body =~ %{LOGIN LOCK} ? true : false
end

has_login_lockdown_protection?() click to toggle source

Thanks to Alip Aswalid for providing this method. wordpress.org/extend/plugins/login-lockdown/

# File lib/wpscan/modules/wp_login_protection.rb, line 38
def has_login_lockdown_protection?
  Browser.instance.get(login_url).body =~ %{Login LockDown} ? true : false
end

has_login_security_solution_protection?() click to toggle source

wordpress.org/extend/plugins/login-security-solution/

# File lib/wpscan/modules/wp_login_protection.rb, line 75
def has_login_security_solution_protection?
  Browser.instance.get(login_security_solution_url()).code != 404
end

has_simple_login_lockdown_protection?() click to toggle source

wordpress.org/extend/plugins/simple-login-lockdown/

# File lib/wpscan/modules/wp_login_protection.rb, line 66
def has_simple_login_lockdown_protection?
  Browser.instance.get(simple_login_lockdown_url).code != 404
end

limit_login_attempts_url() click to toggle source

# File lib/wpscan/modules/wp_login_protection.rb, line 88
def limit_login_attempts_url
  plugin_url('limit-login-attempts')
end

login_security_solution_url() click to toggle source

# File lib/wpscan/modules/wp_login_protection.rb, line 79
def login_security_solution_url
  plugin_url('login-security-solution')
end

plugin_url(plugin_name) click to toggle source

# File lib/wpscan/modules/wp_login_protection.rb, line 52
def plugin_url(plugin_name)
  WpPlugin.new(
    @uri,
    name:           plugin_name,
    wp_content_dir: wp_content_dir,
    wp_plugins_dir: wp_plugins_dir
  ).url
end

simple_login_lockdown_url() click to toggle source

# File lib/wpscan/modules/wp_login_protection.rb, line 70
def simple_login_lockdown_url
  plugin_url('simple-login-lockdown/')
end

Home Classes Methods

In Files

Methods

Files

Class/Module Index

WpLoginProtection

Constants

Public Instance Methods

Protected Instance Methods