infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #2237 - Fix check function

bug/bundler_fix
sinn3r 2013-08-27 11:11:54 -05:00
parent 997c5e5516 7efe85dbd6
commit 2e4e3fdbe6
1 changed files with 38 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/exploits/unix/webapp/php_include.rb
View File

@ -61,10 +61,16 @@ class Metasploit3 < Msf::Exploit::Remote
def check
uri = datastore['PHPURI'] ? datastore['PHPURI'].dup : ""
tpath = normalize_uri(datastore['PATH'])
if tpath[-1,1] == '/'
tpath = tpath.chop
end
if(uri and ! uri.empty?)
uri.gsub!(/\?.*/, "")
print_status("Checking uri #{uri}")
response = send_request_raw({ 'uri' => uri})
print_status("Checking uri #{rhost+tpath+uri}")
response = send_request_raw({ 'uri' => tpath+uri})
return Exploit::CheckCode::Detected if response.code == 200
print_error("Server responded with #{response.code}")
return Exploit::CheckCode::Safe
@ -128,7 +134,7 @@ class Metasploit3 < Msf::Exploit::Remote
uris.each do |uri|
break if session_created?
# print_status("Sending #{tpath+uri}")
vprint_status("Sending: #{rhost+tpath+uri}")
begin
if http_method == "GET"
response = send_request_raw( {