infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix CVE-2017-5231 and respect user's dest

bug/bundler_fix
Justin Steven 2017-02-07 23:41:59 +10:00
parent 23c2787d57
commit cb74d3b05b
No known key found for this signature in database
GPG Key ID: F2B6D8D0DC2EBE82
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb
View File

@ -442,7 +442,7 @@ class Console::CommandDispatcher::Stdapi::Fs
files.each do |file| files.each do |file|
src_separator = client.fs.file.separator src_separator = client.fs.file.separator
src_path = file['path'] + client.fs.file.separator + file['name'] src_path = file['path'] + client.fs.file.separator + file['name']
dest_path = src_path.tr(src_separator, ::File::SEPARATOR) dest_path = ::File.join(dest, ::Rex::FileUtils::clean_path(file['path'].tr(src_separator, ::File::SEPARATOR)))
client.fs.file.download(dest_path, src_path, opts) do |step, src, dst| client.fs.file.download(dest_path, src_path, opts) do |step, src, dst|
print_status("#{step.ljust(11)}: #{src} -> #{dst}") print_status("#{step.ljust(11)}: #{src} -> #{dst}")