From 52004b1e338957143370b05990f5a2c80a9d5f27 Mon Sep 17 00:00:00 2001
From: HD Moore <hd_moore@rapid7.com>
Date: Tue, 31 Jan 2012 01:44:03 -0600
Subject: [PATCH] A little more cleanup for IPv6 in HTTP mixins

---
 lib/msf/core/exploit/http/server.rb | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/lib/msf/core/exploit/http/server.rb b/lib/msf/core/exploit/http/server.rb
index 53b02bf42a..633def2554 100644
--- a/lib/msf/core/exploit/http/server.rb
+++ b/lib/msf/core/exploit/http/server.rb
@@ -293,6 +293,10 @@ module Exploit::Remote::HttpServer
 			host = srvhost_addr
 		end
 
+		if Rex::Socket.is_ipv6?(host)
+			host = "[#{host}]"
+		end
+
 		if (ssl and datastore["SRVPORT"] == 443)
 			port = ''
 		elsif (!ssl and datastore["SRVPORT"] == 80)
@@ -331,7 +335,7 @@ module Exploit::Remote::HttpServer
 		if (datastore['LHOST'])
 			host = datastore["LHOST"]
 		else
-			if (datastore['SRVHOST'] == "0.0.0.0")
+			if (datastore['SRVHOST'] == "0.0.0.0" or datastore['SRVHOST'] == "::")
 				if (sock and sock.peerhost)
 					host = Rex::Socket.source_address(sock.peerhost)
 				else
@@ -880,7 +884,11 @@ module Exploit::Remote::HttpServer::PHPInclude
 	# Does not take SSL into account.  For the reasoning behind this, see +exploit+.
 	#
 	def php_include_url(sock=nil)
-		"http://#{srvhost_addr}:#{datastore['SRVPORT']}#{get_resource()}?"
+		host = srvhost_addr
+		if Rex::Socket.is_ipv6?
+			host = "[#{host}]"
+		end
+		"http://#{host}:#{datastore['SRVPORT']}#{get_resource()}?"
 	end