From c8dddbff70260321a17ee80497307af10c028c11 Mon Sep 17 00:00:00 2001 From: Michael Messner Date: Wed, 24 Jun 2015 21:32:01 +0200 Subject: [PATCH] server header --- .../linux/http/dlink_dspw110_cookie_noauth_exec.rb | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/modules/exploits/linux/http/dlink_dspw110_cookie_noauth_exec.rb b/modules/exploits/linux/http/dlink_dspw110_cookie_noauth_exec.rb index 38f31f9672..ae3358f0db 100644 --- a/modules/exploits/linux/http/dlink_dspw110_cookie_noauth_exec.rb +++ b/modules/exploits/linux/http/dlink_dspw110_cookie_noauth_exec.rb @@ -18,8 +18,7 @@ class Metasploit3 < Msf::Exploit::Remote This module exploits an anonymous remote upload and code execution vulnerability on different D-Link devices. The vulnerability is a command injection in the cookie handling process of the lighttpd web server when handling specially crafted cookie values. This module has been - successfully tested on D-Link DSP-W110A1_FW105B01 in emulated environment and on the real - device. + successfully tested on D-Link DSP-W110A1_FW105B01 in emulated environment. }, 'Author' => [ @@ -39,13 +38,13 @@ class Metasploit3 < Msf::Exploit::Remote }, 'Targets' => [ - [ 'MIPS Little Endian', + [ 'MIPS Little Endian', # unknown if there are LE devices out there ... but in case we have a target { 'Platform' => 'linux', 'Arch' => ARCH_MIPSLE } ], - [ 'MIPS Big Endian', # unknown if there are BE devices out there ... but in case we have a target + [ 'MIPS Big Endian', { 'Platform' => 'linux', 'Arch' => ARCH_MIPSBE @@ -63,7 +62,7 @@ class Metasploit3 < Msf::Exploit::Remote 'method' => 'GET', }) - if res && res.headers["Server"] =~ /lighttpd\/1.4.34/ + if res && res.headers["Server"] =~ /lighttpd\/1\.4\.34/ return Exploit::CheckCode::Detected end rescue ::Rex::ConnectionError