Class: WPScan::Finders::Users::LoginErrorMessages

Inherits:
CMSScanner::Finders::Finder
  • Object
show all
Defined in:
app/finders/users/login_error_messages.rb

Overview

Login Error Messages

Existing username:

WP < 3.1 - Incorrect password.
WP >= 3.1 - The password you entered for the username admin is incorrect.

Non existent username: Invalid username.

Instance Method Summary collapse

Instance Method Details

#aggressive(opts = {}) ⇒ Array<User>

Parameters:

  • opts (Hash) (defaults to: {})

Options Hash (opts):

  • :list (String)

Returns:

  • (Array<User>)


18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# File 'app/finders/users/login_error_messages.rb', line 18

def aggressive(opts = {})
  found = []

  usernames(opts).each do |username|
    res   = target.(username, SecureRandom.hex[0, 8])
    error = res.html.css('div#login_error').text.strip

    return found if error.empty? # Protection plugin / error disabled

    next unless /The password you entered for the username|Incorrect Password/i.match?(error)

    found << Model::User.new(username, found_by: found_by, confidence: 100)
  end

  found
end

#usernames(opts = {}) ⇒ Array<String>

Returns List of usernames to check.

Returns:

  • (Array<String>)

    List of usernames to check



36
37
38
39
40
41
42
43
# File 'app/finders/users/login_error_messages.rb', line 36

def usernames(opts = {})
  # usernames from the potential Users found
  unames = opts[:found].map(&:username)

  Array(opts[:list]).each { |uname| unames << uname.chomp }

  unames.uniq
end