Class: WPScan::Finders::InterestingFindings::BackupDB

Inherits:

CMSScanner::Finders::Finder

• Object
• CMSScanner::Finders::Finder
• WPScan::Finders::InterestingFindings::BackupDB

Defined in:

app/finders/interesting_findings/backup_db.rb

Overview

BackupDB finder

Instance Method Summary

• #aggressive(_opts = {}) ⇒ InterestingFinding

Instance Method Details

#aggressive(_opts = {}) ⇒ InterestingFinding

Returns:

• (InterestingFinding)

# File 'app/finders/interesting_findings/backup_db.rb', line 7

def aggressive(_opts = {})
  path = 'wp-content/backup-db/'
  url  = target.url(path)
  res  = Browser.get(url)

  return unless [200, 403].include?(res.code) && !target.homepage_or_404?(res)

  WPScan::InterestingFinding.new(
    url,
    confidence: 70,
    found_by: DIRECT_ACCESS,
    interesting_entries: target.directory_listing_entries(path),
    references: { url: 'https://github.com/wpscanteam/wpscan/issues/422' }
  )
end