module Wpxf::WordPress::ReflectedXss
Provides reusable functionality for reflected XSS modules.
Public Class Methods
new()
click to toggle source
Initialize a new instance of {ReflectedXss}.
Calls superclass method
Wpxf::WordPress::Xss::new
# File lib/wpxf/wordpress/reflected_xss.rb, line 8 def initialize super @success = false _update_info_without_validation( desc: %( This module prepares a payload and link that can be sent to an admin user which when visited with a valid session will create a new admin user which will be used to upload and execute the selected payload in the context of the web server. ) ) end
Public Instance Methods
run()
click to toggle source
Run the module. @return [Boolean] true if successful.
Calls superclass method
# File lib/wpxf/wordpress/reflected_xss.rb, line 24 def run unless respond_to? 'url_with_xss' raise 'Required method "url_with_xss" has not been implemented' end return false unless super return true if aux_module? emit_info 'Provide the URL below to the victim to begin the payload upload' puts puts url_with_xss puts start_http_server @success end