From 1f4ff30adb09c836dc9cb5f2c2024a244cebd08d Mon Sep 17 00:00:00 2001 From: William Vu Date: Tue, 16 May 2017 22:38:36 -0500 Subject: [PATCH] Improve 200 fail_with in wp_phpmailer_host_header One. last. commit. Noticed this in the response body. --- modules/exploits/unix/webapp/wp_phpmailer_host_header.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/exploits/unix/webapp/wp_phpmailer_host_header.rb b/modules/exploits/unix/webapp/wp_phpmailer_host_header.rb index 6d3b050f6e..a241c2eaf5 100644 --- a/modules/exploits/unix/webapp/wp_phpmailer_host_header.rb +++ b/modules/exploits/unix/webapp/wp_phpmailer_host_header.rb @@ -137,7 +137,7 @@ class MetasploitModule < Msf::Exploit::Remote ) if res && !res.redirect? - if res.code == 200 + if res.code == 200 && res.body.include?('login_error') fail_with(Failure::NoAccess, 'WordPress username may be incorrect') elsif res.code == 400 && res.headers['Server'] =~ /^Apache/ fail_with(Failure::NotVulnerable, 'HttpProtocolOptions may be Strict')