# File lib/wpscan/modules/wp_login_protection.rb, line 25 def has_login_protection? !login_protection_plugin().nil? end
Checks if a login protection plugin is enabled code.google.com/p/wpscan/issues/detail?id=111 return a WpPlugin object or nil if no one is found
# File lib/wpscan/modules/wp_login_protection.rb, line 32 def login_protection_plugin unless @login_protection_plugin protected_methods.grep(LOGIN_PROTECTION_METHOD_PATTERN).each do |symbol_to_call| if send(symbol_to_call) plugin_name = symbol_to_call[LOGIN_PROTECTION_METHOD_PATTERN, 1].gsub('_', '-') return @login_protection_plugin = WpPlugin.new( :name => plugin_name, :base_url => @uri, :path => "/plugins/#{plugin_name}/", :wp_content_dir => @wp_content_dir ) end end @login_protection_plugin = nil end @login_protection_plugin end
# File lib/wpscan/modules/wp_login_protection.rb, line 69 def better_wp_security_url WpPlugin.new(:wp_content_dir => @wp_content_dir, :base_url => @uri, :path => "/plugins/better-wp-security/", :name => "better-wp-security" ).get_url_without_filename end
# File lib/wpscan/modules/wp_login_protection.rb, line 121 def bluetrait_event_viewer_url WpPlugin.new(:wp_content_dir => @wp_content_dir, :base_url => @uri, :path => "/plugins/bluetrait-event-viewer/", :name => "bluetrait-event-viewer" ).get_url_without_filename end
wordpress.org/extend/plugins/better-wp-security/
# File lib/wpscan/modules/wp_login_protection.rb, line 65 def has_better_wp_security_protection? Browser.instance.get(better_wp_security_url()).code != 404 end
wordpress.org/extend/plugins/bluetrait-event-viewer/
# File lib/wpscan/modules/wp_login_protection.rb, line 117 def has_bluetrait_event_viewer_protection? Browser.instance.get(bluetrait_event_viewer_url()).code != 404 end
wordpress.org/extend/plugins/limit-login-attempts/
# File lib/wpscan/modules/wp_login_protection.rb, line 104 def has_limit_login_attempts_protection? Browser.instance.get(limit_login_attempts_url()).code != 404 end
wordpress.org/extend/plugins/login-lock/
# File lib/wpscan/modules/wp_login_protection.rb, line 60 def has_login_lock_protection? Browser.instance.get(login_url()).body =~ %r{LOGIN LOCK} ? true : false end
Thanks to Alip Aswalid for providing this method. wordpress.org/extend/plugins/login-lockdown/
# File lib/wpscan/modules/wp_login_protection.rb, line 55 def has_login_lockdown_protection? Browser.instance.get(login_url()).body =~ %r{Login LockDown} ? true : false end
wordpress.org/extend/plugins/login-security-solution/
# File lib/wpscan/modules/wp_login_protection.rb, line 91 def has_login_security_solution_protection? Browser.instance.get(login_security_solution_url()).code != 404 end
wordpress.org/extend/plugins/simple-login-lockdown/
# File lib/wpscan/modules/wp_login_protection.rb, line 78 def has_simple_login_lockdown_protection? Browser.instance.get(simple_login_lockdown_url()).code != 404 end
# File lib/wpscan/modules/wp_login_protection.rb, line 108 def limit_login_attempts_url WpPlugin.new(:wp_content_dir => @wp_content_dir, :base_url => @uri, :path => "/plugins/limit-login-attempts/", :name => "limit-login-attempts" ).get_url_without_filename end
# File lib/wpscan/modules/wp_login_protection.rb, line 95 def login_security_solution_url WpPlugin.new(:wp_content_dir => @wp_content_dir, :base_url => @uri, :path => "/plugins/login-security-solution/", :name => "login-security-solution" ).get_url_without_filename end
# File lib/wpscan/modules/wp_login_protection.rb, line 82 def simple_login_lockdown_url WpPlugin.new(:wp_content_dir => @wp_content_dir, :base_url => @uri, :path => "/plugins/simple-login-lockdown/", :name => "simple-login-lockdown" ).get_url_without_filename end