Class: WPScan::Finders::InterestingFindings::UploadSQLDump

Inherits:

CMSScanner::Finders::Finder

Object
CMSScanner::Finders::Finder
WPScan::Finders::InterestingFindings::UploadSQLDump

Defined in:: app/finders/interesting_findings/upload_sql_dump.rb

Overview

UploadSQLDump finder

Constant Summary collapse

SQL_PATTERN =

/(?:DROP|CREATE|(?:UN)?LOCK) TABLE|INSERT INTO/.freeze

Instance Method Summary collapse

#aggressive(_opts = {}) ⇒ InterestingFinding

Instance Method Details

#aggressive(_opts = {}) ⇒ `InterestingFinding`

Returns:

(InterestingFinding)

# File 'app/finders/interesting_findings/upload_sql_dump.rb', line 11

def aggressive(_opts = {})
  path = 'wp-content/uploads/dump.sql'
  res  = target.head_and_get(path, [200], get: { headers: { 'Range' => 'bytes=0-3000' } })

  return unless SQL_PATTERN.match?(res.body)

  Model::UploadSQLDump.new(
    target.url(path),
    confidence: 100,
    found_by: DIRECT_ACCESS
  )
end