server header

bug/bundler_fix
Michael Messner 2015-06-24 21:32:01 +02:00
parent 8bc012a665
commit c8dddbff70
1 changed files with 4 additions and 5 deletions

View File

@ -18,8 +18,7 @@ class Metasploit3 < Msf::Exploit::Remote
This module exploits an anonymous remote upload and code execution vulnerability on different This module exploits an anonymous remote upload and code execution vulnerability on different
D-Link devices. The vulnerability is a command injection in the cookie handling process of the D-Link devices. The vulnerability is a command injection in the cookie handling process of the
lighttpd web server when handling specially crafted cookie values. This module has been lighttpd web server when handling specially crafted cookie values. This module has been
successfully tested on D-Link DSP-W110A1_FW105B01 in emulated environment and on the real successfully tested on D-Link DSP-W110A1_FW105B01 in emulated environment.
device.
}, },
'Author' => 'Author' =>
[ [
@ -39,13 +38,13 @@ class Metasploit3 < Msf::Exploit::Remote
}, },
'Targets' => 'Targets' =>
[ [
[ 'MIPS Little Endian', [ 'MIPS Little Endian', # unknown if there are LE devices out there ... but in case we have a target
{ {
'Platform' => 'linux', 'Platform' => 'linux',
'Arch' => ARCH_MIPSLE 'Arch' => ARCH_MIPSLE
} }
], ],
[ 'MIPS Big Endian', # unknown if there are BE devices out there ... but in case we have a target [ 'MIPS Big Endian',
{ {
'Platform' => 'linux', 'Platform' => 'linux',
'Arch' => ARCH_MIPSBE 'Arch' => ARCH_MIPSBE
@ -63,7 +62,7 @@ class Metasploit3 < Msf::Exploit::Remote
'method' => 'GET', 'method' => 'GET',
}) })
if res && res.headers["Server"] =~ /lighttpd\/1.4.34/ if res && res.headers["Server"] =~ /lighttpd\/1\.4\.34/
return Exploit::CheckCode::Detected return Exploit::CheckCode::Detected
end end
rescue ::Rex::ConnectionError rescue ::Rex::ConnectionError