Module: Msf::Exploit::Remote::HTTP::Wordpress::URIs

Included in:
Msf::Exploit::Remote::HTTP::Wordpress
Defined in:
lib/msf/core/exploit/remote/http/wordpress/uris.rb

Instance Method Summary collapse

Instance Method Details

#wordpress_url_admin_ajaxString

Returns the Wordpress Admin Ajax URL

Returns:

  • (String)

    Wordpress Admin Ajax URL



79
80
81
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 79

def wordpress_url_admin_ajax
  normalize_uri(wordpress_url_backend, 'admin-ajax.php')
end

#wordpress_url_admin_plugin_editorString

Returns the Wordpress Admin Plugin Editor URL

Returns:

  • (String)

    Wordpress Admin Plugin Editor URL



100
101
102
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 100

def wordpress_url_admin_plugin_editor
  normalize_uri(wordpress_url_backend, 'plugin-editor.php')
end

#wordpress_url_admin_postString

Returns the Wordpress Admin Posts URL

Returns:

  • (String)

    Wordpress Admin Post URL



86
87
88
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 86

def wordpress_url_admin_post
  normalize_uri(wordpress_url_backend, 'admin-post.php')
end

#wordpress_url_admin_updateString

Returns the Wordpress Admin Update URL

Returns:

  • (String)

    Wordpress Admin Update URL



93
94
95
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 93

def wordpress_url_admin_update
  normalize_uri(wordpress_url_backend, 'update.php')
end

#wordpress_url_atomString

Returns the Wordpress ATOM feed URL

Returns:

  • (String)

    Wordpress ATOM URL



44
45
46
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 44

def wordpress_url_atom
  normalize_uri(target_uri.path, 'feed/atom/')
end

#wordpress_url_author(author_id) ⇒ String

Returns the Wordpress Author URL

Parameters:

  • author_id (Integer)

    Author ID

Returns:

  • (String)

    Wordpress Author URL



23
24
25
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 23

def wordpress_url_author(author_id)
  normalize_uri(target_uri.path, "?author=#{author_id}")
end

#wordpress_url_backendString

Returns the Wordpress Backend URL

Returns:

  • (String)

    Wordpress Backend URL



72
73
74
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 72

def wordpress_url_backend
  normalize_uri(target_uri.path, 'wp-admin/')
end

#wordpress_url_loginString

Returns the Wordpress Login URL

Returns:

  • (String)

    Wordpress Login URL



7
8
9
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 7

def 
  normalize_uri(target_uri.path, 'wp-login.php')
end

#wordpress_url_opmlString

Returns the Wordpress OPML URL

Returns:

  • (String)

    Wordpress OPML URL



65
66
67
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 65

def wordpress_url_opml
  normalize_uri(target_uri.path, 'wp-links-opml.php')
end

#wordpress_url_pluginsString

Returns the Wordpress plugins dir URL

Returns:

  • (String)

    Wordpress plugins dir URL



114
115
116
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 114

def wordpress_url_plugins
  normalize_uri(wordpress_url_wp_content, 'plugins')
end

#wordpress_url_post(post_id) ⇒ String

Returns the Wordpress Post URL

Parameters:

  • post_id (Integer)

    Post ID

Returns:

  • (String)

    Wordpress Post URL



15
16
17
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 15

def wordpress_url_post(post_id)
  normalize_uri(target_uri.path, "?p=#{post_id}")
end

#wordpress_url_rdfString

Returns the Wordpress RDF feed URL

Returns:

  • (String)

    Wordpress RDF URL



37
38
39
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 37

def wordpress_url_rdf
  normalize_uri(target_uri.path, 'feed/rdf/')
end

#wordpress_url_readmeString

Returns the Wordpress Readme file URL

Returns:

  • (String)

    Wordpress Readme file URL



51
52
53
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 51

def wordpress_url_readme
  normalize_uri(target_uri.path, 'readme.html')
end

#wordpress_url_rest_apiString

Returns the Wordpress REST API URL

Returns:

  • (String)

    Wordpress REST API URL



142
143
144
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 142

def wordpress_url_rest_api
  normalize_uri(target_uri.path, 'wp-json/wp/v2')
end

#wordpress_url_rssString

Returns the Wordpress RSS feed URL

Returns:

  • (String)

    Wordpress RSS URL



30
31
32
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 30

def wordpress_url_rss
  normalize_uri(target_uri.path, '?feed=rss2')
end

#wordpress_url_sitemapString

Returns the Wordpress Sitemap URL

Returns:

  • (String)

    Wordpress Sitemap URL



58
59
60
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 58

def wordpress_url_sitemap
  normalize_uri(target_uri.path, 'sitemap.xml')
end

#wordpress_url_themesString

Returns the Wordpress themes dir URL

Returns:

  • (String)

    Wordpress themes dir URL



121
122
123
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 121

def wordpress_url_themes
  normalize_uri(wordpress_url_wp_content, 'themes')
end

#wordpress_url_uploadsString

Returns the Wordpress uploads dir URL

Returns:

  • (String)

    Wordpress uploads dir URL



128
129
130
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 128

def wordpress_url_uploads
  normalize_uri(wordpress_url_wp_content, 'uploads')
end

#wordpress_url_wp_contentString

Returns the Wordpress wp-content dir URL

Returns:

  • (String)

    Wordpress wp-content dir URL



107
108
109
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 107

def wordpress_url_wp_content
  normalize_uri(target_uri.path, wp_content_dir)
end

#wordpress_url_xmlrpcString

Returns the Wordpress XMLRPC URL

Returns:

  • (String)

    Wordpress XMLRPC URL



135
136
137
 
# File 'lib/msf/core/exploit/remote/http/wordpress/uris.rb', line 135

def wordpress_url_xmlrpc
  normalize_uri(target_uri.path, 'xmlrpc.php')
end