Module: WpTarget::WpFullPathDisclosure

Included in:
WpTarget
Defined in:
lib/wpscan/wp_target/wp_full_path_disclosure.rb

Instance Method Summary collapse

Instance Method Details

#full_path_disclosure_urlString


15
16
17
# File 'lib/wpscan/wp_target/wp_full_path_disclosure.rb', line 15

def full_path_disclosure_url
  @uri.merge('wp-includes/rss-functions.php').to_s
end

#has_full_path_disclosure?Boolean

Check for Full Path Disclosure (FPD)


9
10
11
12
# File 'lib/wpscan/wp_target/wp_full_path_disclosure.rb', line 9

def has_full_path_disclosure?
  response = Browser.get(full_path_disclosure_url())
  response.body[%r{Fatal error}i] ? true : false
end