infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve 200 fail_with in wp_phpmailer_host_header 

One. last. commit. Noticed this in the response body.
bug/bundler_fix
William Vu 2017-05-16 22:38:36 -05:00
parent 21e741b530
commit 1f4ff30adb
No known key found for this signature in database
GPG Key ID: 68BD00CE25866743
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/exploits/unix/webapp/wp_phpmailer_host_header.rb
View File

@ -137,7 +137,7 @@ class MetasploitModule < Msf::Exploit::Remote
)
if res && !res.redirect?
if res.code == 200
if res.code == 200 && res.body.include?('login_error')
fail_with(Failure::NoAccess, 'WordPress username may be incorrect')
elsif res.code == 400 && res.headers['Server'] =~ /^Apache/
fail_with(Failure::NotVulnerable, 'HttpProtocolOptions may be Strict')