wpxf 2.0.0a → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/wpxf/cli/module_cache.rb +1 -0
- data/lib/wpxf/modules.rb +31 -7
- data/lib/wpxf/modules/auxiliary/file_download/wp_hide_security_enhancer_file_download.rb +4 -1
- data/lib/wpxf/modules/auxiliary/file_download/wp_marketplace_v2.4_file_download.rb +5 -4
- data/wpxf.gemspec +3 -4
- metadata +6 -20
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2e6dc34b56da0fd68db342c296a60346337584ccccf3c1c03b54122e9f5bb164
|
4
|
+
data.tar.gz: 494ef8fd8cdae9d0e7989124005647cfe48c6fe431510d2a0c5e402ff4bd155e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d35e6556e102cdea7ac5d43b35b17dec338e2390f81b7977caf4a78de088a112e67f0be0295915f68004026c79d0e89067b4c422b705d17d4bd1256add2e699b
|
7
|
+
data.tar.gz: 5a10159e78df9016a51771f5eb9a123dd1abd5d6698d02d0923488949c445114aed24064e27710583600f08e661b4ddbcec5a30504d92525694a2d9efd5918e4
|
data/lib/wpxf/modules.rb
CHANGED
@@ -1,19 +1,36 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module Wpxf
|
4
|
-
def self.
|
4
|
+
def self.modules_path
|
5
|
+
File.join(Wpxf.app_path, 'lib', 'wpxf', 'modules')
|
6
|
+
end
|
7
|
+
|
8
|
+
def self.custom_modules_path
|
9
|
+
File.join(Wpxf.home_directory, 'modules')
|
10
|
+
end
|
11
|
+
|
12
|
+
def self.payloads_path
|
13
|
+
File.join(Wpxf.app_path, 'lib', 'wpxf', 'payloads')
|
14
|
+
end
|
15
|
+
|
16
|
+
def self.build_module_list(namespace, source_folders = [])
|
5
17
|
modules = namespace.constants.select do |c|
|
6
18
|
namespace.const_get(c).is_a? Class
|
7
19
|
end
|
8
20
|
|
9
|
-
modules_directory = File.join(Wpxf.app_path, 'lib', 'wpxf', folder_name)
|
10
|
-
|
11
21
|
modules.map do |m|
|
12
22
|
klass = namespace.const_get(m)
|
13
23
|
filename = klass.new.method(:initialize).source_location[0]
|
24
|
+
|
25
|
+
# Remove any source folders from the path and store the
|
26
|
+
# relative path that will be used in the CLI.
|
27
|
+
source_folders.each do |source_folder|
|
28
|
+
filename = filename.sub(source_folder, '')
|
29
|
+
end
|
30
|
+
|
14
31
|
{
|
15
32
|
class: klass,
|
16
|
-
name: filename.sub(
|
33
|
+
name: filename.sub(/^\//, '').sub(/\.rb$/, '')
|
17
34
|
}
|
18
35
|
end
|
19
36
|
end
|
@@ -24,15 +41,20 @@ module Wpxf
|
|
24
41
|
Object.const_get(mod.class_name).new
|
25
42
|
end
|
26
43
|
|
44
|
+
def self.load_custom_modules
|
45
|
+
custom_modules_path = File.join(Wpxf.home_directory, 'modules', '**', '*.rb')
|
46
|
+
Dir.glob(custom_modules_path).each { |p| load p }
|
47
|
+
end
|
48
|
+
|
27
49
|
module Auxiliary
|
28
50
|
def self.module_list
|
29
|
-
Wpxf.build_module_list(Wpxf::Auxiliary,
|
51
|
+
Wpxf.build_module_list(Wpxf::Auxiliary, [Wpxf.modules_path, Wpxf.custom_modules_path])
|
30
52
|
end
|
31
53
|
end
|
32
54
|
|
33
55
|
module Exploit
|
34
56
|
def self.module_list
|
35
|
-
Wpxf.build_module_list(Wpxf::Exploit,
|
57
|
+
Wpxf.build_module_list(Wpxf::Exploit, [Wpxf.modules_path, Wpxf.custom_modules_path])
|
36
58
|
end
|
37
59
|
end
|
38
60
|
|
@@ -46,7 +68,7 @@ module Wpxf
|
|
46
68
|
end
|
47
69
|
|
48
70
|
def self.payload_list
|
49
|
-
@@payloads ||= Wpxf.build_module_list(Wpxf::Payloads,
|
71
|
+
@@payloads ||= Wpxf.build_module_list(Wpxf::Payloads, [Wpxf.payloads_path])
|
50
72
|
end
|
51
73
|
|
52
74
|
def self.load_payload(name)
|
@@ -60,3 +82,5 @@ end
|
|
60
82
|
require_rel 'modules/auxiliary'
|
61
83
|
require_rel 'modules/exploit'
|
62
84
|
require_rel 'payloads'
|
85
|
+
|
86
|
+
Wpxf.load_custom_modules
|
@@ -37,7 +37,10 @@ class Wpxf::Auxiliary::WpHideSecurityEnhancerFileDownload < Wpxf::Module
|
|
37
37
|
end
|
38
38
|
|
39
39
|
def download_request_params
|
40
|
-
{
|
40
|
+
{
|
41
|
+
'action' => 'style-clean',
|
42
|
+
'file_path' => "/#{remote_file}"
|
43
|
+
}
|
41
44
|
end
|
42
45
|
|
43
46
|
def validate_content(content)
|
@@ -80,8 +80,7 @@ class Wpxf::Auxiliary::WpMarketplaceV24FileDownload < Wpxf::Module
|
|
80
80
|
cookie: session_cookie
|
81
81
|
)
|
82
82
|
|
83
|
-
|
84
|
-
nonce = res.body[/name="__product_wpmp" value="([^"]+)"/i, 1]
|
83
|
+
nonce = res.body[/name="__product_wpmp" value="([^"]+)"/i, 1] if res&.code == 200
|
85
84
|
|
86
85
|
unless nonce
|
87
86
|
emit_error 'Failed to acquire a download nonce'
|
@@ -122,7 +121,7 @@ class Wpxf::Auxiliary::WpMarketplaceV24FileDownload < Wpxf::Module
|
|
122
121
|
return false unless @nonce
|
123
122
|
|
124
123
|
emit_info "Acquired nonce \"#{@nonce}\"", true
|
125
|
-
|
124
|
+
self.download_id = "1#{Utility::Text.rand_numeric(5)}"
|
126
125
|
|
127
126
|
create_product
|
128
127
|
end
|
@@ -136,6 +135,8 @@ class Wpxf::Auxiliary::WpMarketplaceV24FileDownload < Wpxf::Module
|
|
136
135
|
end
|
137
136
|
|
138
137
|
def download_request_params
|
139
|
-
{ 'wpmpfile' =>
|
138
|
+
{ 'wpmpfile' => download_id }
|
140
139
|
end
|
140
|
+
|
141
|
+
attr_accessor :download_id
|
141
142
|
end
|
data/wpxf.gemspec
CHANGED
@@ -2,8 +2,8 @@
|
|
2
2
|
|
3
3
|
Gem::Specification.new do |s|
|
4
4
|
s.name = 'wpxf'
|
5
|
-
s.version = '2.0.
|
6
|
-
s.date = '2018-07-
|
5
|
+
s.version = '2.0.0'
|
6
|
+
s.date = '2018-07-14'
|
7
7
|
s.summary = 'WordPress Exploit Framework'
|
8
8
|
s.description = 'A Ruby framework designed to aid in the penetration testing of WordPress systems'
|
9
9
|
s.authors = ['rastating']
|
@@ -17,10 +17,9 @@ Gem::Specification.new do |s|
|
|
17
17
|
s.add_dependency 'colorize', '~> 0.8'
|
18
18
|
s.add_dependency 'mime-types', '~> 3.1'
|
19
19
|
s.add_dependency 'nokogiri', '~> 1.8'
|
20
|
-
s.add_dependency 'rake', '~> 12.3'
|
21
20
|
s.add_dependency 'require_all', '~> 2.0'
|
22
21
|
s.add_dependency 'rubyzip', '~> 1.2'
|
23
|
-
s.add_dependency 'sequel', '~> 5.
|
22
|
+
s.add_dependency 'sequel', '~> 5.11'
|
24
23
|
s.add_dependency 'slop', '~> 4.6'
|
25
24
|
s.add_dependency 'sqlite3', '~> 1.3'
|
26
25
|
s.add_dependency 'typhoeus', '~> 1.3'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: wpxf
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- rastating
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-07-
|
11
|
+
date: 2018-07-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: colorize
|
@@ -52,20 +52,6 @@ dependencies:
|
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: '1.8'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: rake
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
58
|
-
requirements:
|
59
|
-
- - "~>"
|
60
|
-
- !ruby/object:Gem::Version
|
61
|
-
version: '12.3'
|
62
|
-
type: :runtime
|
63
|
-
prerelease: false
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
65
|
-
requirements:
|
66
|
-
- - "~>"
|
67
|
-
- !ruby/object:Gem::Version
|
68
|
-
version: '12.3'
|
69
55
|
- !ruby/object:Gem::Dependency
|
70
56
|
name: require_all
|
71
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -100,14 +86,14 @@ dependencies:
|
|
100
86
|
requirements:
|
101
87
|
- - "~>"
|
102
88
|
- !ruby/object:Gem::Version
|
103
|
-
version: '5.
|
89
|
+
version: '5.11'
|
104
90
|
type: :runtime
|
105
91
|
prerelease: false
|
106
92
|
version_requirements: !ruby/object:Gem::Requirement
|
107
93
|
requirements:
|
108
94
|
- - "~>"
|
109
95
|
- !ruby/object:Gem::Version
|
110
|
-
version: '5.
|
96
|
+
version: '5.11'
|
111
97
|
- !ruby/object:Gem::Dependency
|
112
98
|
name: slop
|
113
99
|
requirement: !ruby/object:Gem::Requirement
|
@@ -696,9 +682,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
696
682
|
version: 2.4.4
|
697
683
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
698
684
|
requirements:
|
699
|
-
- - "
|
685
|
+
- - ">="
|
700
686
|
- !ruby/object:Gem::Version
|
701
|
-
version:
|
687
|
+
version: '0'
|
702
688
|
requirements: []
|
703
689
|
rubyforge_project:
|
704
690
|
rubygems_version: 2.7.6
|