From 0cc5a875cae23bfe813840cde9200c7e237ed822 Mon Sep 17 00:00:00 2001
From: Rob <rob@rastating.com>
Date: Sun, 17 Jun 2018 01:44:16 +0100
Subject: [PATCH] Change Wpxf.load_module to use the database to fetch the
 class name

---
 modules/modules.rb                | 14 ++++----------
 spec/lib/cli/autocomplete_spec.rb | 14 ++++++++++++++
 spec/lib/cli/modules_spec.rb      | 14 ++++++++++++++
 3 files changed, 32 insertions(+), 10 deletions(-)

diff --git a/modules/modules.rb b/modules/modules.rb
index e1b8d57..4b3cf3f 100644
--- a/modules/modules.rb
+++ b/modules/modules.rb
@@ -18,16 +18,10 @@ def self.build_module_list(namespace, folder_name = '')
     end
   end
 
-  def self.load_module(name)
-    match = name.match(/^(auxiliary|exploit)\//i)
-    raise 'Invalid module path' unless match
-
-    type = match.captures[0]
-    list = type == 'auxiliary' ? Wpxf::Auxiliary.module_list : Wpxf::Exploit.module_list
-
-    mod = list.find { |p| p[:name] == name }
-    raise "\"#{name}\" is not a valid module" if mod.nil?
-    mod[:class].new
+  def self.load_module(path)
+    mod = Models::Module.first(path: path)
+    raise "\"#{path}\" is not a valid module" if mod.nil?
+    Object.const_get(mod.class_name).new
   end
 
   module Auxiliary
diff --git a/spec/lib/cli/autocomplete_spec.rb b/spec/lib/cli/autocomplete_spec.rb
index 8f4f3f2..e9a8911 100644
--- a/spec/lib/cli/autocomplete_spec.rb
+++ b/spec/lib/cli/autocomplete_spec.rb
@@ -15,6 +15,20 @@
 
   before :each, 'setup subject' do
     allow(subject).to receive(:context).and_return(nil)
+
+    Models::Module.create(
+      path: 'exploit/shell/admin_shell_upload',
+      type: 'exploit',
+      name: 'Admin Shell Upload',
+      class_name: 'Wpxf::Exploit::AdminShellUpload'
+    )
+
+    Models::Module.create(
+      path: 'auxiliary/dos/load_scripts_dos',
+      type: 'auxiliary',
+      name: 'WordPress "load-scripts.php" DoS',
+      class_name: 'Wpxf::Auxiliary::LoadScriptsDos'
+    )
   end
 
   describe '#setup_auto_complete' do
diff --git a/spec/lib/cli/modules_spec.rb b/spec/lib/cli/modules_spec.rb
index d6b71dc..bdf57fa 100644
--- a/spec/lib/cli/modules_spec.rb
+++ b/spec/lib/cli/modules_spec.rb
@@ -13,6 +13,20 @@
     allow(subject).to receive(:puts)
     allow(subject).to receive(:indent_cursor).and_call_original
     allow(subject).to receive(:print_table)
+
+    Models::Module.create(
+      path: 'exploit/shell/admin_shell_upload',
+      type: 'exploit',
+      name: 'Admin Shell Upload',
+      class_name: 'Wpxf::Exploit::AdminShellUpload'
+    )
+
+    Models::Module.create(
+      path: 'auxiliary/dos/load_scripts_dos',
+      type: 'auxiliary',
+      name: 'WordPress "load-scripts.php" DoS',
+      class_name: 'Wpxf::Auxiliary::LoadScriptsDos'
+    )
   end
 
   describe '#new' do