Follow 301 re-direct

I found that in some cases, the trigger URL cannot be accessed directly. For example, if the uploaded file was example.php, browsing to "example.php" would hit a 301 re-direct to "/example". It isn't until hitting "/example" that the php is executed. This small change will just allow the trigger to follow one 301 redirect.
2017-08-23 18:53:54 -06:00 · 2017-08-23 18:53:54 -06:00 · c49b72a470
parent 899c2cc6fa
commit c49b72a470
1 changed files with 2 additions and 1 deletions
--- a/modules/exploits/multi/http/phpmailer_arg_injection.rb
+++ b/modules/exploits/multi/http/phpmailer_arg_injection.rb
@ -68,9 +68,10 @@ class MetasploitModule < Msf::Exploit::Remote
    while wait_time > 0
      sleep(sleep_time)
      wait_time -= sleep_time
-      res = send_request_cgi(
+      res = send_request_cgi!({
        'method'   => 'GET',
        'uri'      => trigger_uri
+        }, redirect_depth = 1
      )

      if res.nil?