From 19cd00e6d5054a062b4d8a47dffb76208bf18924 Mon Sep 17 00:00:00 2001
From: Nikita Oleksov <n.e.oleksov@gmail.com>
Date: Mon, 16 Feb 2015 23:53:32 +0700
Subject: [PATCH] Fix cookit name split

---
 modules/auxiliary/gather/f5_bigip_cookie_disclosure.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/auxiliary/gather/f5_bigip_cookie_disclosure.rb b/modules/auxiliary/gather/f5_bigip_cookie_disclosure.rb
index 34b87e9f42..cc9afd8de4 100644
--- a/modules/auxiliary/gather/f5_bigip_cookie_disclosure.rb
+++ b/modules/auxiliary/gather/f5_bigip_cookie_disclosure.rb
@@ -21,7 +21,7 @@ class Metasploit3 < Msf::Auxiliary
       'Author'         => [ 'Thanat0s <thanspam[at]trollprod.org>', 
                             'Oleg Broslavsky <ovbroslavsky[at]gmail.com>',
                             'Nikita Oleksov <neoleksov[at]gmail.com>',
-			    'Denis Kolegov <dnkolegov[at]gmail.com>'
+							'Denis Kolegov <dnkolegov[at]gmail.com>'
                           ],
       'References'     =>
         [
@@ -92,7 +92,7 @@ class Metasploit3 < Msf::Auxiliary
       # 4. IPv6 pool members in non-default route domains - "BIGipServerWEB=rd3o20010112000000000000000000000030o80",
       # 5. Encrypted cookies - "BIGipServerWEB=!dcdlUciYEFlt1QzXtD7QKx22XJx7Uuj2I0dYdFTwJASsJyJySME9/GACjztr7WYJIvHxTSNreeve7foossGzKS3vT9ECJscSg1LAc3rc"
 
-      m = res.get_cookies.match(/([\-\w\d]+)=(((?:\d+\.){2}\d+)|(rd\d+o0{20}f{4}\w+o\d{1,5})|(vi([a-f0-9]{32})\.(\d{1,5}))|(rd\d+o([a-f0-9]{32})o(\d{1,5}))|(!(.){104}))(?:$|,|;|\s)/)
+      m = res.get_cookies.match(/([~_\.\-\w\d]+)=(((?:\d+\.){2}\d+)|(rd\d+o0{20}f{4}\w+o\d{1,5})|(vi([a-f0-9]{32})\.(\d{1,5}))|(rd\d+o([a-f0-9]{32})o(\d{1,5}))|(!(.){104}))(?:$|,|;|\s)/)
       cookie[:id] = (m.nil?) ? nil : m[1]
       cookie[:value] = (m.nil?) ? nil : m[2]