Make URI modification more obvious, and let the user know why

unstable
sinn3r 2012-10-04 17:52:04 -05:00
parent 9d4427270e
commit 77438d2fc7
1 changed files with 4 additions and 2 deletions

View File

@ -21,7 +21,9 @@ class Metasploit3 < Msf::Exploit::Remote
with a large nTables value in the 'kern' header, it is possible to trigger an
integer overflow, which results in remote code execution under the context of the
user. This vulnerability has also been exploited in the wild in limited targeted
attacks.
attacks. Please note in order to ensure reliability, the exploit is forced to
modify your URIPATH parameter to less than 3 characters, which may cause possible
URIPATH collisions.
},
'License' => MSF_LICENSE,
'Author' =>
@ -332,7 +334,7 @@ class Metasploit3 < Msf::Exploit::Remote
datastore['URIPATH'] = datastore['URIPATH'] || random_uri
datastore['URIPATH'] = '/' + datastore['URIPATH'] if datastore['URIPATH'] !~ /^\//
datastore['URIPATH'] = datastore['URIPATH'][0,3] if datastore['URIPATH'].length > 3
vprint_status("URIPATH set to #{datastore['URIPATH']}")
print_debug("URIPATH set to #{datastore['URIPATH']}")
super
end