infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Ensure necessary cookies are present in OWA 2010 login response

bug/bundler_fix
Jon Hart 2014-10-28 15:40:15 -07:00
parent 9c028c1435
commit a3e1e11987
No known key found for this signature in database
GPG Key ID: 2FA9F0A3AFA8E9D3
1 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
modules/auxiliary/scanner/http/owa_login.rb
View File

@ -215,12 +215,21 @@ class Metasploit3 < Msf::Auxiliary
else else
# The authentication info is in the cookies on this response # The authentication info is in the cookies on this response
cookies = res.get_cookies cookies = res.get_cookies
sessionid_value = cookies.split('sessionid=')[1] cookie_header = 'PBack=0'
sessionid_value = sessionid_value.to_s.split('; ')[0] %w(sessionid cadata).each do |necessary_cookie|
sessionid_header = "sessionid=#{sessionid_value}" if cookies =~ /#{necessary_cookie}=([^;]+)/
cadata_value = cookies.split('cadata=')[1] cookie_header << "; #{Regexp.last_match(1)}"
cadata_value = cadata_value.to_s.split('; ')[0] else
cadata_header = "cadata=#{cadata_value}" print_error("#{msg} Missing #{necessary_cookie} cookie. This is not OWA 2010")
return :abort
end
end
sessionid_value = cookies.split('sessionid=')[1]
sessionid_value = sessionid_value.to_s.split('; ')[0]
sessionid_header = "sessionid=#{sessionid_value}"
cadata_value = cookies.split('cadata=')[1]
cadata_value = cadata_value.to_s.split('; ')[0]
cadata_header = "cadata=#{cadata_value}"
headers['Cookie'] = 'PBack=0; ' << sessionid_header << '; ' << cadata_header headers['Cookie'] = 'PBack=0; ' << sessionid_header << '; ' << cadata_header
end end