accept a client argument for get_uri()
git-svn-id: file:///home/svn/framework3/trunk@11623 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
8b5f0f6559
commit
d7cda0f85a
|
@ -281,10 +281,14 @@ module Exploit::Remote::HttpServer
|
||||||
# The address portion should be something a client would be able to route,
|
# The address portion should be something a client would be able to route,
|
||||||
# but see +srvhost_addr+ for caveats.
|
# but see +srvhost_addr+ for caveats.
|
||||||
#
|
#
|
||||||
def get_uri
|
def get_uri(cli=nil)
|
||||||
ssl = !!(datastore["SSL"])
|
ssl = !!(datastore["SSL"])
|
||||||
proto = (ssl ? "https://" : "http://")
|
proto = (ssl ? "https://" : "http://")
|
||||||
|
if (cli and cli.peerhost)
|
||||||
|
host = Rex::Socket.source_address(cli.peerhost)
|
||||||
|
else
|
||||||
host = srvhost_addr
|
host = srvhost_addr
|
||||||
|
end
|
||||||
|
|
||||||
if (ssl and datastore["SRVPORT"] == 443)
|
if (ssl and datastore["SRVPORT"] == 443)
|
||||||
port = ''
|
port = ''
|
||||||
|
|
|
@ -65,7 +65,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
"'%s'" % e
|
"'%s'" % e
|
||||||
}.join(',')
|
}.join(',')
|
||||||
|
|
||||||
upload_url = get_uri
|
upload_url = get_uri(cli)
|
||||||
upload_url << '/' if upload_url[-1,1] != '/'
|
upload_url << '/' if upload_url[-1,1] != '/'
|
||||||
upload_url << 'q'
|
upload_url << 'q'
|
||||||
|
|
||||||
|
|
|
@ -73,7 +73,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
end
|
end
|
||||||
|
|
||||||
def on_request_uri( cli, request )
|
def on_request_uri( cli, request )
|
||||||
jpath = get_uri
|
jpath = get_uri(cli)
|
||||||
|
|
||||||
case request.uri
|
case request.uri
|
||||||
when /java.security.policy/
|
when /java.security.policy/
|
||||||
|
|
Loading…
Reference in New Issue