WpLoginProtection

Public Instance Methods

has_login_protection?() click to toggle source 
# File lib/wpscan/modules/wp_login_protection.rb, line 25
def has_login_protection?
  !login_protection_plugin().nil?
end
login_protection_plugin() click to toggle source

Checks if a login protection plugin is enabled code.google.com/p/wpscan/issues/detail?id=111 return a WpPlugin object or nil if no one is found

# File lib/wpscan/modules/wp_login_protection.rb, line 32
def login_protection_plugin
  unless @login_protection_plugin
    protected_methods.grep(LOGIN_PROTECTION_METHOD_PATTERN).each do |symbol_to_call|

      if send(symbol_to_call)
        plugin_name = symbol_to_call[LOGIN_PROTECTION_METHOD_PATTERN, 1].gsub('_', '-')

        return @login_protection_plugin = WpPlugin.new(
            :name           => plugin_name,
            :base_url       => @uri,
            :path           => "/plugins/#{plugin_name}/",
            :wp_content_dir => @wp_content_dir
        )
      end
    end
    @login_protection_plugin = nil
  end
  @login_protection_plugin
end

Protected Instance Methods

better_wp_security_url() click to toggle source 
# File lib/wpscan/modules/wp_login_protection.rb, line 69
def better_wp_security_url
  WpPlugin.new(:wp_content_dir  => @wp_content_dir,
               :base_url        => @uri,
               :path            => "/plugins/better-wp-security/",
               :name            => "better-wp-security"
  ).get_url_without_filename
end
bluetrait_event_viewer_url() click to toggle source 
# File lib/wpscan/modules/wp_login_protection.rb, line 121
def bluetrait_event_viewer_url
  WpPlugin.new(:wp_content_dir  => @wp_content_dir,
               :base_url        => @uri,
               :path            => "/plugins/bluetrait-event-viewer/",
               :name            => "bluetrait-event-viewer"
  ).get_url_without_filename
end
has_better_wp_security_protection?() click to toggle source

wordpress.org/extend/plugins/better-wp-security/

# File lib/wpscan/modules/wp_login_protection.rb, line 65
def has_better_wp_security_protection?
  Browser.instance.get(better_wp_security_url()).code != 404
end
has_bluetrait_event_viewer_protection?() click to toggle source

wordpress.org/extend/plugins/bluetrait-event-viewer/

# File lib/wpscan/modules/wp_login_protection.rb, line 117
def has_bluetrait_event_viewer_protection?
  Browser.instance.get(bluetrait_event_viewer_url()).code != 404
end
has_limit_login_attempts_protection?() click to toggle source

wordpress.org/extend/plugins/limit-login-attempts/

# File lib/wpscan/modules/wp_login_protection.rb, line 104
def has_limit_login_attempts_protection?
  Browser.instance.get(limit_login_attempts_url()).code != 404
end
has_login_lock_protection?() click to toggle source

wordpress.org/extend/plugins/login-lock/

# File lib/wpscan/modules/wp_login_protection.rb, line 60
def has_login_lock_protection?
  Browser.instance.get(login_url()).body =~ %{LOGIN LOCK} ? true : false
end
has_login_lockdown_protection?() click to toggle source

Thanks to Alip Aswalid for providing this method. wordpress.org/extend/plugins/login-lockdown/

# File lib/wpscan/modules/wp_login_protection.rb, line 55
def has_login_lockdown_protection?
  Browser.instance.get(login_url()).body =~ %{Login LockDown} ? true : false
end
has_login_security_solution_protection?() click to toggle source

wordpress.org/extend/plugins/login-security-solution/

# File lib/wpscan/modules/wp_login_protection.rb, line 91
def has_login_security_solution_protection?
  Browser.instance.get(login_security_solution_url()).code != 404
end
has_simple_login_lockdown_protection?() click to toggle source

wordpress.org/extend/plugins/simple-login-lockdown/

# File lib/wpscan/modules/wp_login_protection.rb, line 78
def has_simple_login_lockdown_protection?
  Browser.instance.get(simple_login_lockdown_url()).code != 404
end
limit_login_attempts_url() click to toggle source 
# File lib/wpscan/modules/wp_login_protection.rb, line 108
def limit_login_attempts_url
  WpPlugin.new(:wp_content_dir  => @wp_content_dir,
               :base_url        => @uri,
               :path            => "/plugins/limit-login-attempts/",
               :name            => "limit-login-attempts"
  ).get_url_without_filename
end
login_security_solution_url() click to toggle source 
# File lib/wpscan/modules/wp_login_protection.rb, line 95
def login_security_solution_url
  WpPlugin.new(:wp_content_dir  => @wp_content_dir,
               :base_url        => @uri,
               :path            => "/plugins/login-security-solution/",
               :name            => "login-security-solution"
  ).get_url_without_filename
end
simple_login_lockdown_url() click to toggle source 
# File lib/wpscan/modules/wp_login_protection.rb, line 82
def simple_login_lockdown_url
  WpPlugin.new(:wp_content_dir  => @wp_content_dir,
               :base_url        => @uri,
               :path            => "/plugins/simple-login-lockdown/",
               :name            => "simple-login-lockdown"
  ).get_url_without_filename
end

[Validate]

Generated with the Darkfish Rdoc Generator 2.