Updates HTTP_METHOD option to use OptEnum.

2013-02-04 15:32:36 -06:00 · 2013-02-04 15:32:36 -06:00 · 9b30e354ea
parent 1d3bf02866
commit 9b30e354ea
2 changed files with 2 additions and 4 deletions
--- a/modules/exploits/multi/http/rails_json_yaml_code_exec.rb
+++ b/modules/exploits/multi/http/rails_json_yaml_code_exec.rb
@ -55,8 +55,7 @@ class Metasploit3 < Msf::Exploit::Remote
 			[
 				Opt::RPORT(80),
 				OptString.new('TARGETURI', [ true, 'The path to a vulnerable Ruby on Rails application', "/"]),
-				OptString.new('HTTP_METHOD', [ true, 'The HTTP request method (GET, POST, PUT typically work)', "POST"])
-
+				OptEnum.new('HTTP_METHOD', [true, 'HTTP Method', 'POST', ['GET', 'POST', 'PUT'] ])
 			], self.class)

 	end
--- a/modules/exploits/multi/http/rails_xml_yaml_code_exec.rb
+++ b/modules/exploits/multi/http/rails_xml_yaml_code_exec.rb
@ -53,8 +53,7 @@ class Metasploit3 < Msf::Exploit::Remote
 			[
 				Opt::RPORT(80),
 				OptString.new('URIPATH', [ true, 'The path to a vulnerable Ruby on Rails application', "/"]),
-				OptString.new('HTTP_METHOD', [ true, 'The HTTP request method (GET, POST, PUT typically work)', "POST"])
-
+				OptEnum.new('HTTP_METHOD', [true, 'HTTP Method', 'POST', ['GET', 'POST', 'PUT'] ])
 			], self.class)

 		register_evasion_options(