Make URI modification more obvious, and let the user know why
parent
9d4427270e
commit
77438d2fc7
|
@ -21,7 +21,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
with a large nTables value in the 'kern' header, it is possible to trigger an
|
||||
integer overflow, which results in remote code execution under the context of the
|
||||
user. This vulnerability has also been exploited in the wild in limited targeted
|
||||
attacks.
|
||||
attacks. Please note in order to ensure reliability, the exploit is forced to
|
||||
modify your URIPATH parameter to less than 3 characters, which may cause possible
|
||||
URIPATH collisions.
|
||||
},
|
||||
'License' => MSF_LICENSE,
|
||||
'Author' =>
|
||||
|
@ -332,7 +334,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
datastore['URIPATH'] = datastore['URIPATH'] || random_uri
|
||||
datastore['URIPATH'] = '/' + datastore['URIPATH'] if datastore['URIPATH'] !~ /^\//
|
||||
datastore['URIPATH'] = datastore['URIPATH'][0,3] if datastore['URIPATH'].length > 3
|
||||
vprint_status("URIPATH set to #{datastore['URIPATH']}")
|
||||
print_debug("URIPATH set to #{datastore['URIPATH']}")
|
||||
|
||||
super
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue