infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix re-initialize bug.

bug/bundler_fix
Joe Vennix 2014-03-05 23:27:04 -06:00
parent 5790547d34
commit a792f85a5f
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/msf/core/exploit/remote/browser_exploit_server.rb
View File

@ -253,7 +253,7 @@ module Msf
# #
def init_profile(tag) def init_profile(tag)
sync do sync do
@target_profiles[tag] = {} @target_profiles[tag] ||= {}
end end
end end
@ -293,13 +293,12 @@ module Msf
tag = retrieve_tag(cli, request) tag = retrieve_tag(cli, request)
target_info = get_profile(tag) target_info = get_profile(tag)
init_profile(tag) init_profile(tag)
update_profile(target_info, :source, source.to_s)
# Gathering target info from the detection stage # Gathering target info from the detection stage
case source case source
when :script when :script
# Gathers target data from a POST request # Gathers target data from a POST request
vprint_status("Setting source to :script.")
update_profile(target_info, :source, 'script')
parsed_body = CGI::parse(Rex::Text.decode_base64(request.body) || '') parsed_body = CGI::parse(Rex::Text.decode_base64(request.body) || '')
vprint_status("Received sniffed browser data over POST: \n#{parsed_body}.") vprint_status("Received sniffed browser data over POST: \n#{parsed_body}.")
parsed_body.each { |k, v| update_profile(target_info, k.to_sym, v.first) } parsed_body.each { |k, v| update_profile(target_info, k.to_sym, v.first) }
@ -310,7 +309,6 @@ module Msf
# Module has all the info it needs, ua_string is kind of pointless. # Module has all the info it needs, ua_string is kind of pointless.
# Kill this to save space. # Kill this to save space.
fp.delete(:ua_string) fp.delete(:ua_string)
update_profile(target_info, :source, 'headers')
fp.each do |k, v| fp.each do |k, v|
update_profile(target_info, k.to_sym, v) update_profile(target_info, k.to_sym, v)
end end
@ -391,7 +389,7 @@ module Msf
var query = objToQuery(d); var query = objToQuery(d);
postInfo("<%=get_resource.chomp("/")%>/<%=@info_receiver_page%>/", query, function(){ postInfo("<%=get_resource.chomp("/")%>/<%=@info_receiver_page%>/", query, function(){
window.location="<%= get_module_resource %>";
}); });
} }
|).result(binding()) |).result(binding())
@ -466,6 +464,7 @@ module Msf
# on_request_exploit() to get the target information # on_request_exploit() to get the target information
# #
tag = retrieve_tag(cli, request) tag = retrieve_tag(cli, request)
vprint_status("Serving exploit to user with tag #{tag}")
profile = get_profile(tag) profile = get_profile(tag)
if profile.nil? if profile.nil?
print_status("Browsing directly to the exploit URL is forbidden.") print_status("Browsing directly to the exploit URL is forbidden.")
@ -475,7 +474,7 @@ module Msf
send_not_found(cli) send_not_found(cli)
else else
update_profile(profile, :tried, true) update_profile(profile, :tried, true)
print_status("Setting target \"#{tag}\" to :tried.") vprint_status("Setting target \"#{tag}\" to :tried.")
try_set_target(profile) try_set_target(profile)
bad_reqs = get_bad_requirements(profile) bad_reqs = get_bad_requirements(profile)
if bad_reqs.empty? if bad_reqs.empty?