infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

maxthon_history_xcs.rb - fix User-agent string 

request.headers['User-agent'] is incorrect, it should be
request.headers['User-Agent'].

Downloaded following version from oldapps.com to confirm
the exploit code is wrong.

Supported Systems Windows 98, 2000 (Maxthon 2.5.15 Build
  1000), XP, Vista, 7, 8
MD5 Checksum F3791637C886A46940876211209F82F4
SHA1 Checksum 039BB218245E5DC1BAB0F57298C68AC487F86323

Release Date 20 October, 2011 (2 years ago )
unstable
Ruslaideemin 2013-06-11 13:37:21 +10:00
parent 69c25014ae
commit ca0ab8d6ee
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/windows/browser/maxthon_history_xcs.rb
View File

@ -51,8 +51,8 @@ class Metasploit3 < Msf::Exploit::Remote
end
def on_request_uri(cli, request)
if request.headers['User-agent'] !~ /Maxthon\/3/ or request.headers['User-agent'] !~ /AppleWebKit\/534.12/
print_status("Sending 404 for User-Agent #{request.headers['User-agent']}")
if request.headers['User-Agent'] !~ /Maxthon\/3/ or request.headers['User-Agent'] !~ /AppleWebKit\/534.12/
print_status("Sending 404 for User-Agent #{request.headers['User-Agent']}")
send_not_found(cli)
return
end