accept a client argument for get_uri()
git-svn-id: file:///home/svn/framework3/trunk@11623 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
8b5f0f6559
commit
d7cda0f85a
|
@ -281,10 +281,14 @@ module Exploit::Remote::HttpServer
|
|||
# The address portion should be something a client would be able to route,
|
||||
# but see +srvhost_addr+ for caveats.
|
||||
#
|
||||
def get_uri
|
||||
def get_uri(cli=nil)
|
||||
ssl = !!(datastore["SSL"])
|
||||
proto = (ssl ? "https://" : "http://")
|
||||
host = srvhost_addr
|
||||
if (cli and cli.peerhost)
|
||||
host = Rex::Socket.source_address(cli.peerhost)
|
||||
else
|
||||
host = srvhost_addr
|
||||
end
|
||||
|
||||
if (ssl and datastore["SRVPORT"] == 443)
|
||||
port = ''
|
||||
|
|
|
@ -65,7 +65,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
"'%s'" % e
|
||||
}.join(',')
|
||||
|
||||
upload_url = get_uri
|
||||
upload_url = get_uri(cli)
|
||||
upload_url << '/' if upload_url[-1,1] != '/'
|
||||
upload_url << 'q'
|
||||
|
||||
|
|
|
@ -73,7 +73,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
def on_request_uri( cli, request )
|
||||
jpath = get_uri
|
||||
jpath = get_uri(cli)
|
||||
|
||||
case request.uri
|
||||
when /java.security.policy/
|
||||
|
|
Loading…
Reference in New Issue