Improved check method.
parent
92c56472ba
commit
0573caafc3
|
@ -24,7 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
||||||
'Author' =>
|
'Author' =>
|
||||||
[
|
[
|
||||||
'Nicholas Nam <nick[at]executionflow.org>',
|
'Nicholas Nam <nick[at]executionflow.org>',
|
||||||
'Imran E. Dawoodjee <imrandawoodjee.infosec[at]gmail.com> (minor improvements)'
|
'Imran E. Dawoodjee <imrandawoodjee.infosec[at]gmail.com>' # minor improvements
|
||||||
],
|
],
|
||||||
'License' => MSF_LICENSE,
|
'License' => MSF_LICENSE,
|
||||||
'References' =>
|
'References' =>
|
||||||
|
@ -46,8 +46,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
||||||
[
|
[
|
||||||
Opt::RPORT(5466),
|
Opt::RPORT(5466),
|
||||||
OptString.new('USERNAME', [true, 'Admin username', '']),
|
OptString.new('USERNAME', [true, 'Admin username', '']),
|
||||||
OptString.new('PASSWORD', [true, 'Admin password', '']),
|
OptString.new('PASSWORD', [true, 'Admin password', ''])
|
||||||
OptString.new('UIDADMIN', [false, 'Session cookie', ''])
|
|
||||||
], self.class
|
], self.class
|
||||||
)
|
)
|
||||||
deregister_options('CMDSTAGER::FLAVOR')
|
deregister_options('CMDSTAGER::FLAVOR')
|
||||||
|
@ -64,11 +63,15 @@ class MetasploitModule < Msf::Exploit::Remote
|
||||||
|
|
||||||
if ver.code != 200
|
if ver.code != 200
|
||||||
fail_with(Failure::NotFound, "#{peer} - License page was not found.")
|
fail_with(Failure::NotFound, "#{peer} - License page was not found.")
|
||||||
elsif ver.get_html_document.at('span').to_s.include? "Wing FTP Server 4.3.8"
|
elsif ver.get_html_document.text.to_s.include? "Wing FTP Server"
|
||||||
|
version = ver.get_html_document.at('span').text.to_s
|
||||||
|
if version[/([0-4]\.[0-3]\.[0-8])/]
|
||||||
|
print_good("Detected version: #{version}")
|
||||||
return Exploit::CheckCode::Vulnerable
|
return Exploit::CheckCode::Vulnerable
|
||||||
end
|
end
|
||||||
|
|
||||||
Exploit::CheckCode::Safe
|
return Exploit::CheckCode::Safe
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def exploit
|
def exploit
|
||||||
|
|
Loading…
Reference in New Issue