infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update vbulletin check

bug/bundler_fix
sinn3r 2014-01-19 16:54:27 -06:00
parent 0a8aa07131
commit 4fdd2c19a1
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
modules/auxiliary/gather/vbulletin_vote_sqli.rb
View File

@ -128,21 +128,21 @@ class Metasploit3 < Msf::Auxiliary
end end
def check def check
node_id = get_node
unless node_id.nil?
return Msf::Exploit::CheckCode::Vulnerable
end
res = send_request_cgi({ res = send_request_cgi({
'uri' => normalize_uri(target_uri.path, "index.php") 'uri' => normalize_uri(target_uri.path, "index.php")
}) })
if res and res.code == 200 and res.body.to_s =~ /"simpleversion": "v=5/ if res and res.code == 200 and res.body.to_s =~ /"simpleversion": "v=5/
return Msf::Exploit::CheckCode::Detected if get_node
# Multiple factors determine this LOOKS vulnerable
return Msf::Exploit::CheckCode::Appears
else
# Not enough information about the vuln state, but at least we know this is vbulletin
return Msf::Exploit::CheckCode::Detected
end
end end
return Msf::Exploit::CheckCode::Unknown Msf::Exploit::CheckCode::Safe
end end
def run def run