Clean the find_csrf mehtod
parent
697a86aad7
commit
4458dc80a5
|
@ -10,6 +10,8 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
HttpFingerprint = { :pattern => [ /Apache.*(Coyote|Tomcat)/ ] }
|
||||
|
||||
CSRF_VAR = "CSRF_NONCE="
|
||||
|
||||
include Msf::Exploit::Remote::HttpClient
|
||||
include Msf::Exploit::EXE
|
||||
|
||||
|
@ -303,23 +305,19 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
def find_csrf(res = nil)
|
||||
print_status("Finding CSRF")
|
||||
body=res.body
|
||||
body.each_line { |ln|
|
||||
return "" if res.blank?
|
||||
|
||||
print_status("Finding CSRF token...")
|
||||
|
||||
body = res.body
|
||||
|
||||
body.each_line do |ln|
|
||||
ln.chomp!
|
||||
csrf_string = "CSRF_NONCE="
|
||||
csrf_nonce = ln.index(csrf_string)
|
||||
csrf_test = 0
|
||||
if csrf_nonce == nil
|
||||
csrf_test = -1
|
||||
else
|
||||
csrf_test = csrf_nonce
|
||||
end
|
||||
if csrf_test >= 0
|
||||
token = ln[csrf_nonce+csrf_string.length,32]
|
||||
csrf_nonce = ln.index(CSRF_VAR)
|
||||
next if csrf_nonce.nil?
|
||||
token = ln[csrf_nonce + CSRF_VAR.length, 32]
|
||||
return token
|
||||
end
|
||||
}
|
||||
|
||||
return ""
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue