Land rapid7#5164, improved WordPress readme detection

wvu · wvu · commit 326be0c14ef3 · 2015-04-16T12:09:38.000-05:00
diff --git a/lib/msf/http/wordpress/version.rb b/lib/msf/http/wordpress/version.rb
@@ -107,18 +107,17 @@ def check_version_from_readme(type, name, fixed_version = nil, vuln_introduced_v
       fail("Unknown readme type #{type}")
     end
 
-    readme_url = normalize_uri(target_uri.path, wp_content_dir, folder, name, 'readme.txt')
-    res = send_request_cgi(
-      'uri'    => readme_url,
-      'method' => 'GET'
-    )
-    
-    if res.nil? || res.code != 200
-      readme_url = normalize_uri(target_uri.path, wp_content_dir, folder, name, 'Readme.txt')
+    readmes = ['readme.txt', 'Readme.txt', 'README.txt']
+
+    res = nil
+    readmes.each do |readme_name|
+      readme_url = normalize_uri(target_uri.path, wp_content_dir, folder, name, readme_name)
+      vprint_status("#{peer} - Checking #{readme_url}")
       res = send_request_cgi(
         'uri'    => readme_url,
         'method' => 'GET'
       )
+      break if res && res.code == 200
     end
 
     if res.nil? || res.code != 200
