infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix #6658, MS08-067 unable to find the right target for W2k3SP0 

Fix #6658.

When there is no service pack, the
Msf::Exploit::Remote::SMB#smb_fingerprint_windows_sp method returns
an empty string. But in the MS08-067 exploit, instead of check an
empty string, it checks for "No Service Pack", which causes it to
never detect the right target for Windows Server 2003 SP0.
bug/bundler_fix
wchen-r7 2016-03-09 11:05:34 -06:00
parent 8697798989
commit 179d38b914
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/exploits/windows/smb/ms08_067_netapi.rb
View File

@ -879,7 +879,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
# Windows 2003 SP0 is mostly universal
if fprint['os'] == 'Windows 2003' and fprint['sp'] == 'No Service Pack'
if fprint['os'] == 'Windows 2003' and fprint['sp'].empty?
mytarget = targets[3]
end