infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix typos and output

unstable
sinn3r 2012-03-15 16:10:05 -05:00
parent 81b3eaa482
commit 46dbaf8283
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
modules/auxiliary/scanner/http/rails_mass_assignment.rb
View File

@ -18,13 +18,13 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {}) def initialize(info = {})
super(update_info(info, super(update_info(info,
'Name' => 'Ruby On Rails Attributes Mass Assignment scaner', 'Name' => 'Ruby On Rails Attributes Mass Assignment Scanner',
'Description' => %q{ 'Description' => %q{
This module scans Ruby On Rails sites for This module scans Ruby On Rails sites for
models with attributes not protected by attr_protected or attr_accessible. models with attributes not protected by attr_protected or attr_accessible.
After attempt to assing nonexistent field in model After attempting to assign a non-existent field, the default rails with
default rails + active_record setup will raise ActiveRecord::UnknownAttributeError active_record setup will raise an ActiveRecord::UnknownAttributeError
exeption and answer with HTTP code 500. exeption, and reply with HTTP code 500.
}, },
'References' => 'References' =>
@ -55,11 +55,11 @@ class Metasploit3 < Msf::Auxiliary
data_base_params = get_base_params(parsed_data) data_base_params = get_base_params(parsed_data)
if data_base_params.blank? if data_base_params.blank?
vprint_error('Non-standart rails params schema (maybe not a RoR website)') vprint_error("#{ip} - Non-standart rails params schema (maybe not a RoR website)")
return return
end end
check_data(parsed_data, data_base_params) check_data(ip, parsed_data, data_base_params)
end end
def get_base_params(parsed_query_string) def get_base_params(parsed_query_string)
@ -72,7 +72,7 @@ class Metasploit3 < Msf::Auxiliary
return base_params_names.uniq return base_params_names.uniq
end end
def check_data(parsed_data, base_params) def check_data(ip, parsed_data, base_params)
base_params.each do |param| base_params.each do |param|
query = parsed_data.dup query = parsed_data.dup
test_param = { param + "[#{Rex::Text.rand_text_alpha(10)}]" => Rex::Text.rand_text_alpha(10) } test_param = { param + "[#{Rex::Text.rand_text_alpha(10)}]" => Rex::Text.rand_text_alpha(10) }
@ -88,7 +88,7 @@ class Metasploit3 < Msf::Auxiliary
}, 20) }, 20)
if resp.code == 500 if resp.code == 500
print_good("Possible attributes mass assignment in attribute #{param}[...] at #{datastore['PATH']}") print_good("#{ip} - Possible attributes mass assignment in attribute #{param}[...] at #{datastore['PATH']}")
report_web_vuln( report_web_vuln(
:host => rhost, :host => rhost,
:port => rport, :port => rport,