infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix #7158, tiki_calendar_exec incorrectly reports successful login 

Fix #7158
bug/bundler_fix
wchen-r7 2016-07-28 17:03:31 -05:00
parent c682490c1b
commit 1e1866f583
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/exploits/linux/http/tiki_calendar_exec.rb
View File

@ -53,8 +53,8 @@ class MetasploitModule < Msf::Exploit::Remote
[
Opt::RPORT(80),
OptString.new('TARGETURI', [ true, 'The URI of Tiki-Wiki', '/']),
OptString.new('USERNAME', [ false, 'Username of a user with calendar access', 'admin']),
OptString.new('PASSWORD', [ false, 'Password of a user with calendar access', 'admin'])
OptString.new('USERNAME', [ true, 'Username of a user with calendar access', 'admin']),
OptString.new('PASSWORD', [ true, 'Password of a user with calendar access', 'admin'])
], self.class
)
end
@ -67,6 +67,11 @@ class MetasploitModule < Msf::Exploit::Remote
'uri' => normalize_uri(target_uri.path, 'tiki-login_scr.php'),
'method' => 'GET'
)
if res && res.code == 404
fail_with(Failure::Unknown, 'Target does not have tiki-login_scr.php')
end
cookie = res ? res.get_cookies : ''
# if we have creds, login with them
vprint_status('Attempting Login')
@ -88,7 +93,7 @@ class MetasploitModule < Msf::Exploit::Remote
# double check auth worked and we got a Log out on the page.
# at times I got it to auth, but then it would give permission errors
# so we want to try to double check everything is good
if res && !res.body =~ /Log out/
if res && res.body !~ /Log out/
fail_with(Failure::UnexpectedReply, "#{peer} Login Failed with #{datastore['USERNAME']}:#{datastore['PASSWORD']}")
end
vprint_good("Login Successful!")