Clean the find_csrf mehtod

2014-01-30 16:39:19 -06:00 · 2014-01-30 16:39:19 -06:00 · 4458dc80a5
parent 697a86aad7
commit 4458dc80a5
1 changed files with 14 additions and 16 deletions
--- a/modules/exploits/multi/http/tomcat_mgr_upload.rb
+++ b/modules/exploits/multi/http/tomcat_mgr_upload.rb
@ -10,6 +10,8 @@ class Metasploit3 < Msf::Exploit::Remote

  HttpFingerprint = { :pattern => [ /Apache.*(Coyote|Tomcat)/ ] }

+  CSRF_VAR = "CSRF_NONCE="
+
  include Msf::Exploit::Remote::HttpClient
  include Msf::Exploit::EXE

@ -303,23 +305,19 @@ class Metasploit3 < Msf::Exploit::Remote
  end

  def find_csrf(res = nil)
-    print_status("Finding CSRF")
-    body=res.body
-    body.each_line { |ln|
+    return "" if res.blank?
+
+    print_status("Finding CSRF token...")
+
+    body = res.body
+
+    body.each_line do |ln|
      ln.chomp!
-      csrf_string = "CSRF_NONCE="
-      csrf_nonce = ln.index(csrf_string)
-      csrf_test = 0
-      if csrf_nonce == nil
-        csrf_test = -1
-      else
-        csrf_test = csrf_nonce
-      end
-      if csrf_test >= 0
-        token = ln[csrf_nonce+csrf_string.length,32]
-        return token
-      end
-    }
+      csrf_nonce = ln.index(CSRF_VAR)
+      next if csrf_nonce.nil?
+      token = ln[csrf_nonce + CSRF_VAR.length, 32]
+      return token
+    end

    return ""
  end