From 08394765df8c957f8c486db0707e9aa69900ffde Mon Sep 17 00:00:00 2001
From: wchen-r7 <wei_chen@rapid7.com>
Date: Tue, 17 May 2016 03:14:00 -0500
Subject: [PATCH 1/2] Fix #6879, REXML::ParseException No close tag for /div

---
 modules/exploits/multi/http/moodle_cmd_exec.rb | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/modules/exploits/multi/http/moodle_cmd_exec.rb b/modules/exploits/multi/http/moodle_cmd_exec.rb
index 8b1ac0a3f4..7f108d1dd4 100644
--- a/modules/exploits/multi/http/moodle_cmd_exec.rb
+++ b/modules/exploits/multi/http/moodle_cmd_exec.rb
@@ -101,17 +101,10 @@ class MetasploitModule < Msf::Exploit::Remote
         'cookie' => sess
       })
 
-      tinymce.body.each_line do |line|
-        next if line !~ /name="sesskey"/
-        sesskey = line[0..line.index('>')]
-      end
-
-      if sesskey == ''
+      sesskey = tinymce.get_hidden_inputs[1]['sesskey']
+      unless sesskey
         fail_with(Failure::UnexpectedReply, "Unable to get proper session key")
       end
-
-      sesskey = REXML::Document.new sesskey
-      sesskey = sesskey.root.attributes["value"]
     else
       sesskey = datastore['SESSKEY']
     end

From e8ac5683524242d9c0ae34bd073feea98550b80a Mon Sep 17 00:00:00 2001
From: wchen-r7 <wei_chen@rapid7.com>
Date: Tue, 17 May 2016 03:15:26 -0500
Subject: [PATCH 2/2] doesn't look like we're using the tcp mixin

---
 modules/exploits/multi/http/moodle_cmd_exec.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/modules/exploits/multi/http/moodle_cmd_exec.rb b/modules/exploits/multi/http/moodle_cmd_exec.rb
index 7f108d1dd4..f39530eb3a 100644
--- a/modules/exploits/multi/http/moodle_cmd_exec.rb
+++ b/modules/exploits/multi/http/moodle_cmd_exec.rb
@@ -9,7 +9,6 @@ require 'rexml/document'
 class MetasploitModule < Msf::Exploit::Remote
   Rank = GoodRanking
 
-  include Msf::Exploit::Remote::Tcp
   include Msf::Exploit::Remote::HttpClient
 
   def initialize(info={})