Module: WpTarget::WpLoginProtection
- Included in:
- WpTarget
- Defined in:
- lib/wpscan/wp_target/wp_login_protection.rb
Constant Summary
- LOGIN_PROTECTION_METHOD_PATTERN =
/^has_(.*)_protection\?/i
Instance Method Summary (collapse)
- - (Object) better_wp_security_url protected
- - (Object) bluetrait_event_viewer_url protected
- - (Boolean) has_better_wp_security_protection? protected
- - (Boolean) has_bluetrait_event_viewer_protection? protected
- - (Boolean) has_limit_login_attempts_protection? protected
- - (Boolean) has_login_lock_protection? protected
-
- (Boolean) has_login_lockdown_protection?
protected
Thanks to Alip Aswalid for providing this method.
- - (Boolean) has_login_protection?
- - (Boolean) has_login_security_solution_protection? protected
- - (Boolean) has_simple_login_lockdown_protection? protected
- - (Object) limit_login_attempts_url protected
-
- (Object) login_protection_plugin
Checks if a login protection plugin is enabled code.google.com/p/wpscan/issues/detail?id=111 return a WpPlugin object or nil if no one is found.
- - (Object) login_security_solution_url protected
- - (Object) plugin_url(plugin_name) protected
- - (Object) simple_login_lockdown_url protected
Instance Method Details
- (Object) better_wp_security_url (protected)
63 64 65 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 63 def better_wp_security_url plugin_url('better-wp-security/') end |
- (Object) bluetrait_event_viewer_url (protected)
99 100 101 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 99 def bluetrait_event_viewer_url plugin_url('bluetrait-event-viewer') end |
- (Boolean) has_better_wp_security_protection? (protected)
50 51 52 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 50 def has_better_wp_security_protection? Browser.get(better_wp_security_url).code != 404 end |
- (Boolean) has_bluetrait_event_viewer_protection? (protected)
95 96 97 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 95 def has_bluetrait_event_viewer_protection? Browser.get(bluetrait_event_viewer_url).code != 404 end |
- (Boolean) has_limit_login_attempts_protection? (protected)
86 87 88 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 86 def has_limit_login_attempts_protection? Browser.get(limit_login_attempts_url).code != 404 end |
- (Boolean) has_login_lock_protection? (protected)
45 46 47 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 45 def has_login_lock_protection? Browser.get(login_url).body =~ %r{LOGIN LOCK} ? true : false end |
- (Boolean) has_login_lockdown_protection? (protected)
Thanks to Alip Aswalid for providing this method. wordpress.org/extend/plugins/login-lockdown/
40 41 42 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 40 def has_login_lockdown_protection? Browser.get(login_url).body =~ %r{Login LockDown}i ? true : false end |
- (Boolean) has_login_protection?
10 11 12 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 10 def has_login_protection? !login_protection_plugin().nil? end |
- (Boolean) has_login_security_solution_protection? (protected)
77 78 79 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 77 def has_login_security_solution_protection? Browser.get(login_security_solution_url()).code != 404 end |
- (Boolean) has_simple_login_lockdown_protection? (protected)
68 69 70 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 68 def has_simple_login_lockdown_protection? Browser.get(simple_login_lockdown_url).code != 404 end |
- (Object) limit_login_attempts_url (protected)
90 91 92 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 90 def limit_login_attempts_url plugin_url('limit-login-attempts') end |
- (Object) login_protection_plugin
Checks if a login protection plugin is enabled code.google.com/p/wpscan/issues/detail?id=111 return a WpPlugin object or nil if no one is found
17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 17 def login_protection_plugin unless @login_protection_plugin protected_methods.grep(LOGIN_PROTECTION_METHOD_PATTERN).each do |symbol_to_call| if send(symbol_to_call) plugin_name = symbol_to_call[LOGIN_PROTECTION_METHOD_PATTERN, 1].gsub('_', '-') return @login_protection_plugin = WpPlugin.new( @uri, name: plugin_name, wp_content_dir: wp_content_dir, wp_plugins_dir: wp_plugins_dir ) end end @login_protection_plugin = nil end @login_protection_plugin end |
- (Object) login_security_solution_url (protected)
81 82 83 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 81 def login_security_solution_url plugin_url('login-security-solution') end |
- (Object) plugin_url(plugin_name) (protected)
54 55 56 57 58 59 60 61 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 54 def plugin_url(plugin_name) WpPlugin.new( @uri, name: plugin_name, wp_content_dir: wp_content_dir, wp_plugins_dir: wp_plugins_dir ).url end |
- (Object) simple_login_lockdown_url (protected)
72 73 74 |
# File 'lib/wpscan/wp_target/wp_login_protection.rb', line 72 def simple_login_lockdown_url plugin_url('simple-login-lockdown/') end |