Class: WPScan::Finders::InterestingFindings::EmergencyPwdResetScript

Inherits:

Finder

• Object
• Finder
• WPScan::Finders::InterestingFindings::EmergencyPwdResetScript

Defined in:

app/finders/interesting_findings/emergency_pwd_reset_script.rb

Overview

Emergency Password Reset Script finder

Constant Summary

Constants inherited from Finder

Finder::DIRECT_ACCESS

Instance Attribute Summary

Attributes inherited from Finder

#progress_bar, #target

Instance Method Summary

• #aggressive(_opts = {}) ⇒ InterestingFinding

Methods inherited from Finder

#browser, #create_progress_bar, #found_by, #hydra, #initialize, #passive, #titleize

Constructor Details

This class inherits a constructor from WPScan::Finders::Finder

Instance Method Details

#aggressive(_opts = {}) ⇒ InterestingFinding

Returns:

• (InterestingFinding)

# File 'app/finders/interesting_findings/emergency_pwd_reset_script.rb', line 9

def aggressive(_opts = {})
  path = 'emergency.php'
  res  = target.head_and_get(path)

  return unless res.code == 200 && !target.homepage_or_404?(res)

  Model::EmergencyPwdResetScript.new(
    target.url(path),
    confidence: /password/i.match?(res.body) ? 100 : 40,
    found_by: DIRECT_ACCESS
  )
end