Module: Msf::HTTP::Wordpress::Login

Included in:
Msf::HTTP::Wordpress
Defined in:
lib/msf/http/wordpress/login.rb

Instance Method Summary collapse

Instance Method Details

#wordpress_login(user, pass) ⇒ String?

performs a wordpress login

Parameters:

  • user (String)

    Username

  • pass (String)

    Password

Returns:

  • (String, nil)

    the session cookies as a single string on successful login, nil otherwise


9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# File 'lib/msf/http/wordpress/login.rb', line 9

def (user, pass)
  redirect = "#{target_uri}#{Rex::Text.rand_text_alpha(8)}"
  res = send_request_cgi({
      'method' => 'POST',
      'uri' => ,
      'vars_post' => (user, pass, redirect)
  })

  if res and (res.code == 301 or res.code == 302) and res.headers['Location'] == redirect
    match = res.get_cookies.match(/(wordpress(?:_sec)?_logged_in_[^=]+=[^;]+);/i)
    # return wordpress login cookie
    return match[0] if match

    # support for older wordpress versions
    # Wordpress 2.0
    match_user = res.get_cookies.match(/(wordpressuser_[^=]+=[^;]+);/i)
    match_pass = res.get_cookies.match(/(wordpresspass_[^=]+=[^;]+);/i)
    # return wordpress login cookie
    return "#{match_user[0]} #{match_pass[0]}" if (match_user and match_pass)

    # Wordpress 2.5
    match_2_5 = res.get_cookies.match(/(wordpress_[a-z0-9]+=[^;]+);/i)
    # return wordpress login cookie
    return match_2_5[0] if match_2_5
  end
  return nil
end