infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update zabbix_toggleids_sqli.rb

bug/bundler_fix
Brandon Perry 2016-08-31 17:18:28 -04:00 committed by GitHub
parent 38a8d21e5b
commit d43380330e
1 changed files with 37 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
modules/auxiliary/gather/zabbix_toggleids_sqli.rb
View File

@ -60,7 +60,11 @@ class MetasploitModule < Msf::Auxiliary
end
match = /#{left_marker}(.*)#{right_marker}/.match(res.body)
unless match
fail_with(Failure::Unknown, 'Server did not respond in an expected way')
end
if match[1] == flag
return Msf::Exploit::CheckCode::Vulnerable
end
@ -87,6 +91,10 @@ class MetasploitModule < Msf::Auxiliary
match = /#{left_marker}(.*)#{right_marker}/.match(res.body)
unless match
fail_with(Failure::Unknown, 'Server did not respond in an expected way')
end
count = match[1].to_i
dbs = []
@ -104,7 +112,11 @@ class MetasploitModule < Msf::Auxiliary
end
match = /#{left_marker}(.*)#{right_marker}/.match(res.body)
unless match
fail_with(Failure::Unknown, 'Server did not respond in an expected way')
end
dbs << match[1]
end
@ -129,6 +141,10 @@ class MetasploitModule < Msf::Auxiliary
match = /#{left_marker}(.*)#{right_marker}/.match(res.body)
unless match
fail_with(Failure::Unknown, 'Server did not respond in an expected way')
end
count = match[1].to_i
0.upto(count-1) do |cur|
@ -146,6 +162,11 @@ class MetasploitModule < Msf::Auxiliary
end
match = /#{left_marker}(.*)#{right_marker}/.match(res.body)
unless match
fail_with(Failure::Unknown, 'Server did not respond in an expected way')
end
user[col] = match[1]
end
users << user
@ -169,8 +190,13 @@ class MetasploitModule < Msf::Auxiliary
cookies = res.get_cookies
res.body =~ /name="sid" value="(.*?)">/
sid = $1
match = /name="sid" value="(.*?)">/.match(res.body)
unless match
fail_with(Failure::Unknown, 'Server did not respond in an expected way')
end
sid = match[1]
if datastore['REQUIREAUTH']
@ -208,8 +234,13 @@ class MetasploitModule < Msf::Auxiliary
end
cookies = res.get_cookies
res.body =~ /name="sid" value="(.*?)">/
sid = $1
match = /name="sid" value="(.*?)">/.match(res.body)
unless match
fail_with(Failure::Unknown, 'Server did not respond in an expected way')
end
sid = match[1]
elsif
fail_with(Failure::Unknown, 'Server did not respond in an expected way')
end