Class: WPScan::Finders::InterestingFindings::UploadDirectoryListing

Inherits:

CMSScanner::Finders::Finder

Object
CMSScanner::Finders::Finder
WPScan::Finders::InterestingFindings::UploadDirectoryListing

Defined in:: app/finders/interesting_findings/upload_directory_listing.rb

Overview

UploadDirectoryListing finder

Instance Method Summary collapse

#aggressive(_opts = {}) ⇒ InterestingFinding

Instance Method Details

#aggressive(_opts = {}) ⇒ `InterestingFinding`

Returns:

(InterestingFinding)

# File 'app/finders/interesting_findings/upload_directory_listing.rb', line 9

def aggressive(_opts = {})
  path = 'wp-content/uploads/'

  return unless target.directory_listing?(path)

  url = target.url(path)

  Model::UploadDirectoryListing.new(
    url,
    confidence: 100,
    found_by: DIRECT_ACCESS,
    to_s: "Upload directory has listing enabled: #{url}"
  )
end