Sha256: ffa2eed90a872c4cd491f6075cb5c6af8ec24406a9bcbfa4a71c62872f87f2cb

Contents?: true

Size: 681 Bytes

Versions: 7

Compression:

Stored size: 681 Bytes

Contents

module WPScan
  module Finders
    module InterestingFindings
      # UploadSQLDump finder
      class UploadSQLDump < CMSScanner::Finders::Finder
        SQL_PATTERN = /(?:(?:(?:DROP|CREATE) TABLE)|INSERT INTO)/.freeze

        # @return [ InterestingFinding ]
        def aggressive(_opts = {})
          url = dump_url
          res = Browser.get(url)

          return unless res.code == 200 && res.body =~ SQL_PATTERN

          WPScan::UploadSQLDump.new(
            url,
            confidence: 100,
            found_by: DIRECT_ACCESS
          )
        end

        def dump_url
          target.url('wp-content/uploads/dump.sql')
        end
      end
    end
  end
end

Version data entries

7 entries across 7 versions & 1 rubygems

Version Path
wpscan-3.4.5 app/finders/interesting_findings/upload_sql_dump.rb
wpscan-3.4.4 app/finders/interesting_findings/upload_sql_dump.rb
wpscan-3.4.3 app/finders/interesting_findings/upload_sql_dump.rb
wpscan-3.4.2 app/finders/interesting_findings/upload_sql_dump.rb
wpscan-3.4.1 app/finders/interesting_findings/upload_sql_dump.rb
wpscan-3.4.0 app/finders/interesting_findings/upload_sql_dump.rb
wpscan-3.3.3 app/finders/interesting_findings/upload_sql_dump.rb