Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip.
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
7ef8c16e75
commit
c336d063da
|
@ -20,7 +20,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
super(
|
||||
'Name' => 'rsyslog Long Tag Off-By-Two DoS',
|
||||
'Description' => %q{
|
||||
This module triggers an off-by-two stack overflow in the
|
||||
This module triggers an off-by-two overflow in the
|
||||
rsyslog daemon. This flaw is unlikely to yield code execution
|
||||
but is effective at shutting down a remote log daemon. This bug
|
||||
was introduced in version 4.6.0 and corrected in 4.6.8/5.8.5.
|
||||
|
|
|
@ -191,7 +191,10 @@ EOF
|
|||
|
||||
# Obfuscate it up a bit
|
||||
js = obfuscate_js(js, 'Symbols' => {
|
||||
'Variables' => %W{ DataTranslator GenerateHTML escapeData xunescape shellcode oneblock fullblock sprayContainer xi searchArray xc escData xhtml pTags oTags newElement sprayready sprayContainerIndex fill_function }
|
||||
'Variables' => %W{ DataTranslator GenerateHTML escapeData xunescape
|
||||
shellcode oneblock fullblock sprayContainer xi searchArray xc
|
||||
escData xhtml pTags oTags newElement sprayready sprayContainerIndex
|
||||
fill_function }
|
||||
}).to_s
|
||||
|
||||
str1 = Rex::Text.rand_text_alpha(20)
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
require 'msf/core'
|
||||
|
||||
class Metasploit3 < Msf::Exploit::Remote
|
||||
rank = NormalRanking
|
||||
Rank = NormalRanking
|
||||
|
||||
include Msf::Exploit::Remote::HttpServer::HTML
|
||||
|
||||
|
|
|
@ -40,7 +40,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
[
|
||||
[ 'OSVDB', '49371' ],
|
||||
[ 'CVE', '2008-4779' ],
|
||||
[ 'BID', '17432' ],
|
||||
[ 'BID', '31913' ],
|
||||
[ 'URL', 'http://www.exploit-db.com/exploits/12008/' ]
|
||||
],
|
||||
'Platform' => [ 'win' ],
|
||||
|
@ -67,7 +67,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
}
|
||||
],
|
||||
],
|
||||
'Disclosure' => 'Oct 28 2008',
|
||||
'DisclosureDate' => 'Oct 28 2008',
|
||||
'DefaultTarget' => 0))
|
||||
|
||||
register_options(
|
||||
|
|
|
@ -127,7 +127,7 @@ class Metasploit3 < Msf::Post
|
|||
print_error("Wordlist File #{pass_file} does not exists!")
|
||||
return
|
||||
end
|
||||
creds = ::File.open(pass_file, "r")
|
||||
creds = ::File.open(pass_file, "rb")
|
||||
else
|
||||
creds = "Cisco\n" << "cisco\n"<< "sanfran\n" << "SanFran\n" << "password\n" << "Password\n"
|
||||
end
|
||||
|
|
|
@ -42,7 +42,7 @@ class Metasploit3 < Msf::Post
|
|||
if not ::File.exists?(datastore['RESOURCE'])
|
||||
raise "Resource File does not exists!"
|
||||
else
|
||||
::File.open(datastore['RESOURCE'], "r").each_line do |cmd|
|
||||
::File.open(datastore['RESOURCE'], "rb").each_line do |cmd|
|
||||
next if cmd.strip.length < 1
|
||||
next if cmd[0,1] == "#"
|
||||
begin
|
||||
|
|
|
@ -285,7 +285,7 @@ class Metasploit3 < Msf::Post
|
|||
|
||||
# Function for writing results of other functions to a file
|
||||
def filewrt(file2wrt, data2wrt)
|
||||
output = ::File.open(file2wrt, "a")
|
||||
output = ::File.open(file2wrt, "ab")
|
||||
if data2wrt
|
||||
data2wrt.each_line do |d|
|
||||
output.puts(d)
|
||||
|
|
Loading…
Reference in New Issue