-
Notifications
You must be signed in to change notification settings - Fork 36
/
Copy pathwordpress.go
60 lines (50 loc) · 1.74 KB
/
wordpress.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
package wordpress
import (
"net/http"
"net/url"
"strings"
"github.com/vulncheck-oss/go-exploit/config"
"github.com/vulncheck-oss/go-exploit/output"
"github.com/vulncheck-oss/go-exploit/protocol"
"github.com/vulncheck-oss/go-exploit/random"
)
var LoginPath = `wp-login.php`
// Attempts to log into the WordPress instance and if successful return the cookies set by
// WordPress.
func Login(conf *config.Config, username, password string) ([]*http.Cookie, bool) {
form := url.Values{}
form.Add("log", username)
form.Add("pwd", password)
form.Add("wp-submit", "Login")
url := protocol.GenerateURL(conf.Rhost, conf.Rport, conf.SSL, "/"+LoginPath)
form.Add("redirect_to", url+"#"+random.LettersRange(10, 20))
headers := map[string]string{
"Content-Type": "application/x-www-form-urlencoded",
}
resp, body, ok := protocol.HTTPSendAndRecvWithHeadersNoRedirect("POST", url, form.Encode(), headers)
if !ok {
output.PrintFrameworkError("WordPress login failed")
output.PrintfFrameworkDebug("resp=%#v body=%q", resp, body)
return []*http.Cookie{}, false
}
location, err := resp.Location()
if err != nil {
output.PrintFrameworkError("WordPress did not return a redirect")
return []*http.Cookie{}, false
}
if location.String() != form["redirect_to"][0] {
output.PrintFrameworkError("WordPress did not redirect to the expected location")
return []*http.Cookie{}, false
}
if len(resp.Cookies()) < 1 {
output.PrintFrameworkError("WordPress did respond with cookies")
return []*http.Cookie{}, false
}
for _, cookie := range resp.Cookies() {
if strings.Contains(strings.ToLower(cookie.Name), "wordpress") {
return resp.Cookies(), true
}
}
output.PrintFrameworkError("WordPress cookie not found")
return []*http.Cookie{}, false
}