Module: Msf::Exploit::Remote::HTTP::Wordpress::XmlRpc

Included in:
Msf::Exploit::Remote::HTTP::Wordpress
Defined in:
lib/msf/core/exploit/http/wordpress/xml_rpc.rb

Instance Method Summary collapse

Instance Method Details

#wordpress_generate_xml_rpc_body(method_name, *params) ⇒ String

Generates the xml post body for a XMLRPC call

Parameters:

  • method_name (String)

    The XMLRPC method to call

  • params (String)

    The XMLRPC method params

Returns:

  • (String)

    xml string


27
28
29
30
31
32
33
34
35
36
37
38
# File 'lib/msf/core/exploit/http/wordpress/xml_rpc.rb', line 27

def wordpress_generate_xml_rpc_body(method_name, *params)
  xml = "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>"
  xml << "<methodCall>"
  xml << "<methodName>#{method_name}</methodName>"
  xml << "<params>"
  params.each do |p|
    xml << "<param><value><string>#{p}</string></value></param>"
  end
  xml << "</params>"
  xml << "</methodCall>"
  return xml
end

#wordpress_xmlrpc_enabled?Boolean

Determines if the XMLRPC interface is enabled by sending a demo.sayHello request

Returns:

  • (Boolean)

    true if the interface is enabled


8
9
10
11
12
13
14
15
16
17
18
19
20
# File 'lib/msf/core/exploit/http/wordpress/xml_rpc.rb', line 8

def wordpress_xmlrpc_enabled?
  xml = wordpress_generate_xml_rpc_body('demo.sayHello')

  res = send_request_cgi(
  'uri'       => wordpress_url_xmlrpc,
  'method'    => 'POST',
  'ctype'     => 'text/xml;charset=UTF-8',
  'data'      => xml
  )

  return true if res && res.body && res.body.to_s =~ /<string>Hello!<\/string>/
  return false
end