Module: Wpxf::WordPress::ReflectedXss

Includes:
Xss
Included in:
Auxiliary::Wp472CsrfDos, Exploit::AffiliateWPReflectedXssShellUpload, Exploit::AjaxRandomPostReflectedXssShellUpload, Exploit::AllInOneMigrationReflectedXssShellUpload, Exploit::AllInOneSchemaRichSnippetsReflectedXssShellUpload, Exploit::AntiPlagiarismReflectedXssShellUpload, Exploit::BackupGuardReflectedXssShellUpload, Exploit::BraftonContentImporterReflectedXssShellUpload, Exploit::BwsPanelReflectedXssShellUpload, Exploit::CalderaFormsV154XssShellUpload, Exploit::CodeSnippetsReflectedXssShellUpload, Exploit::ConcoursReflectedXssShellUpload, Exploit::ConnectionsReflectedXssShellUpload, Exploit::CsvImportExportReflectedXssShellUpload, Exploit::CustomMapReflectedXssShellUpload, Exploit::CustomMetasReflectedXssShellUpload, Exploit::CustomPermalinksReflectedXssShellUpload, Exploit::DefaOnlineImageProtectorReflectedXssShellUpload, Exploit::DownloadManagerReflectedXssShellUpload, Exploit::EasyContactFormBuilderReflectedXssShellUpload, Exploit::EmagMarketplaceConnectorXssShellUpload, Exploit::EnhancedTooltipGlossaryReflectedXssShellUpload, Exploit::FormbuilderReflectedXssShellUpload, Exploit::GdRatingSystemReflectedXssShellUpload, Exploit::GoogleMapsReflectedXssShellUpload, Exploit::GravityFormsV191511ReflectedXssShellUpload, Exploit::HdwTubeReflectedXssShellUpload, Exploit::HeroMapsProReflectedXssShellUpload, Exploit::IndexistoReflectedXssShellUpload, Exploit::InfusionsoftReflectedXssShellUpload, Exploit::InstalinkerReflectedXssShellUpload, Exploit::LinkLibraryReflectedXssShellUpload, Exploit::MagicFieldsReflectedXssShellUpload, Exploit::MailchimpForWpReflectedXssShellUpload, Exploit::MailpoetNewslettersV272ReflectedXssShellUpload, Exploit::MinimaxPageLayoutBuilderReflectedXssShellUpload, Exploit::MsmcRedirectAfterCommentReflectedXssShellUpload, Exploit::NewYearFireworkReflectedXssShellUpload, Exploit::NinjaFormsReflectedXssShellUpload, Exploit::NoExternalLinksReflectedXssShellUpload, Exploit::OcimMp3ReflectedXssShellUpload, Exploit::PhotoGalleryReflectedXssShellUpload, Exploit::PondolFormToMailReflectedXssShellUpload, Exploit::PootleButtonReflectedXssShellUpload, Exploit::PopcashIntegrationXssShellUpload, Exploit::PopupMakerReflectedXssShellUpload, Exploit::RegistrationMagicReflectedXssShellUpload, Exploit::ResponsiveLightboxReflectedXssShellUpload, Exploit::SimpelReserverenReflectedXssShellUpload, Exploit::SimpleSlideshowManagerReflectedXssShellUpload, Exploit::SlideshowGalleryReflectedXssShellUpload, Exploit::SocialPugReflectedXssShellUpload, Exploit::SpiffyCalendarReflectedXssShellUpload, Exploit::SplashingImagesReflectedXssShellUpload, Exploit::TidioGalleryReflectedXssShellUpload, Exploit::TrackingCodeManagerReflectedXssShellUpload, Exploit::TribulantNewsletterReflectedXssShellUpload, Exploit::TribulantSlideshowGalleryReflectedXssShellUpload, Exploit::TwoKbAmazonAffiliatesStoreReflectedXssShellUpload, Exploit::UltimateFormBuilderLiteReflectedXssShellUpload, Exploit::UserAccessManagerReflectedXssShellUpload, Exploit::UserLoginHistoryReflectedXssShellUpload, Exploit::W3TotalCacheReflectedXssShellUpload, Exploit::WangGuardReflectedXssShellUpload, Exploit::WhizzReflectedXssShellUpload, Exploit::WpLiveChatSupportReflectedXssShellUpload, Exploit::WpMailsterReflectedXssShellUpload, Exploit::WpMembersReflectedXssShellUpload, Exploit::WpRetina2xReflectedXssShellUpload, Exploit::WpStatistics1209ReflectedXssShellUpload, Exploit::WpStatisticsReflectedXssShellUpload, Exploit::WpWhoisDomainReflectedXssShellUpload, Exploit::WpsolrReflectedXssShellUpload, Exploit::YoastSeoXssShellUpload, Exploit::ZurlPreviewReflectedXssShellUpload, StagedReflectedXss
Defined in:
lib/wpxf/wordpress/reflected_xss.rb

Overview

Provides reusable functionality for reflected XSS modules.

Instance Method Summary collapse

Methods included from Xss

#on_http_request, #upload_shell, #wordpress_js_create_user, #xss_ascii_encoded_include_script, #xss_host, #xss_include_script, #xss_path, #xss_shell_success, #xss_url, #xss_url_and_ascii_encoded_include_script

Methods included from Plugin

#fetch_plugin_upload_nonce, #generate_wordpress_plugin_header, #upload_payload_as_plugin, #upload_payload_as_plugin_and_execute

Methods included from Net::HttpServer

#http_server_bind_address, #http_server_bind_port, #http_server_thread, #js_ajax_download, #js_ajax_post, #js_post, #on_http_request, #start_http_server, #stop_http_server

Methods included from Wpxf

app_path, build_module_list, change_stdout_sync, custom_modules_path, data_directory, databases_path, gemspec, home_directory, load_custom_modules, load_module, modules_path, payloads_path, version

Instance Method Details

#initializeObject

Initialize a new instance of Wpxf::WordPress::ReflectedXss.



8
9
10
11
12
13
14
15
16
17
18
19
20
 
# File 'lib/wpxf/wordpress/reflected_xss.rb', line 8

def initialize
  super
  @success = false
  _update_info_without_validation(
    desc: %(
      This module prepares a payload and link that can be sent
      to an admin user which when visited with a valid session
      will create a new admin user which will be used to upload
      and execute the selected payload in the context of the
      web server.
    )
  )
end

#runBoolean

Run the module.

Returns:

  • (Boolean)

    true if successful.



24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'lib/wpxf/wordpress/reflected_xss.rb', line 24

def run
  unless respond_to? 'url_with_xss'
    raise 'Required method "url_with_xss" has not been implemented'
  end

  return false unless super
  return true if aux_module?

  emit_info 'Provide the URL below to the victim to begin the payload upload'
  puts
  puts url_with_xss
  puts

  start_http_server
  @success
end