kawaiipunk/laipower
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

installed plugin WPScan version 1.15.1

Browse Source
This commit is contained in:
KawaiiPunk
2021-05-13 11:27:50 +00:00
committed by Gitium
parent 2b403ab680
commit e0e2392c3c
193 changed files with 30878 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
wp-content/plugins/wpscan/security-checks/database-exports/check.php Normal file
View File

@ -0,0 +1,81 @@
<?php
/**
* Classname: WPScan\Checks\databaseExports
*/
namespace WPScan\Checks;
// Exit if accessed directly.
defined( 'ABSPATH' ) || exit;
/**
* DatabaseExports.
*
* Checks for exported database files.
*
* @since 1.0.0
*/
class databaseExports extends Check {
/**
* Title.
*
* @since 1.0.0
* @access public
* @return string
*/
public function title() {
return __( 'Database Exports', 'wpscan' );
}
/**
* Description.
*
* @since 1.0.0
* @access public
* @return string
*/
public function description() {
return __( 'Search the file system for database export files that are publicly accessible.', 'wpscan' );
}
/**
* Success message.
*
* @since 1.0.0
* @access public
* @return string
*/
public function success_message() {
return __( 'No publicly accessible database export files were found', 'wpscan' );
}
/**
* Perform the check and save the results.
*
* @since 1.0.0
* @access public
* @return void
*/
public function perform() {
$vulnerabilities = $this->get_vulnerabilities();
$host = parse_url( get_site_url(), PHP_URL_HOST );
$text = file_get_contents( $this->dir . '/assets/db_exports.txt' );
$exports = str_replace( '{domain_name}', $host, $text );
$names = explode( PHP_EOL, $exports );
foreach ( $names as $name ) {
$path = ABSPATH . $name;
$url = esc_url( get_site_url() . '/' . $name );
if ( file_exists( $path ) ) {
$response = wp_remote_head( $url, array( 'timeout' => 5 ) );
$code = wp_remote_retrieve_response_code( $response );
if ( 200 === $code ) {
$this->add_vulnerability( __( 'A publicly accessible database file was found in', 'wpscan' ) . " <a href='$url' target='_blank'>$url</a>.", 'high', sanitize_title( $name ), 'https://blog.wpscan.com/2021/01/28/wordpress-database-backup-files.html' );
}
}
}
}
}