@return Array
# File lib/wpscan/wp_target/wp_config_backup.rb, line 40 def self.config_backup_files %w{ wp-config.php~ #wp-config.php# wp-config.php.save wp-config.php.swp wp-config.php.swo wp-config.php_bak wp-config.bak wp-config.php.bak wp-config.save wp-config.old wp-config.php.old wp-config.php.orig wp-config.orig wp-config.php.original wp-config.original wp-config.txt } # thanks to Feross.org for these end
Checks to see if wp-config.php has a backup See www.feross.org/cmsploit/ return an array of backup config files url
# File lib/wpscan/wp_target/wp_config_backup.rb, line 8 def config_backup found = [] backups = WpConfigBackup.config_backup_files browser = Browser.instance hydra = browser.hydra queue_count = 0 backups.each do |file| file_url = @uri.merge(URI.escape(file)).to_s request = browser.forge_request(file_url) request.on_complete do |response| if response.body[%r{define}] and not response.body[%r{<\s?html}] found << file_url end end hydra.queue(request) queue_count += 1 if queue_count == browser.max_threads hydra.run queue_count = 0 end end hydra.run found end