Class: WPScan::Finders::InterestingFindings::EmergencyPwdResetScript

Inherits:

CMSScanner::Finders::Finder

• Object
• CMSScanner::Finders::Finder
• WPScan::Finders::InterestingFindings::EmergencyPwdResetScript

Defined in:

app/finders/interesting_findings/emergency_pwd_reset_script.rb

Overview

Emergency Password Reset Script finder

Instance Method Summary

• #aggressive(_opts = {}) ⇒ InterestingFinding

Instance Method Details

#aggressive(_opts = {}) ⇒ InterestingFinding

Returns:

• (InterestingFinding)

# File 'app/finders/interesting_findings/emergency_pwd_reset_script.rb', line 7

def aggressive(_opts = {})
  url  = target.url('/emergency.php')
  res  = Browser.get(url)

  return unless res.code == 200 && !target.homepage_or_404?(res)

  WPScan::InterestingFinding.new(
    url,
    confidence: res.body =~ /password/i ? 100 : 40,
    found_by: DIRECT_ACCESS,
    references: {
      url: 'https://codex.wordpress.org/Resetting_Your_Password#Using_the_Emergency_Password_Reset_Script'
    }
  )
end