Land #8695, Fix #8675, Add Cache-Control header, also meta tag for BAP2

bug/bundler_fix
Brent Cook 2017-07-23 07:17:45 -07:00
commit df22e098ed
No known key found for this signature in database
GPG Key ID: 1FFAA0B24B708F96
3 changed files with 7 additions and 1 deletions

View File

@ -810,6 +810,7 @@ module Msf
%Q|<html>
<head>
<meta http-equiv="cache-control" content="no-cache" />
<script>
#{js}
</script>

View File

@ -32,6 +32,7 @@ module Exploit::Remote::HttpServer
register_evasion_options(
[
OptBool.new('HTTP::no_cache', [false, 'Disallow the browser to cache HTTP content', false]),
OptBool.new('HTTP::chunked', [false, 'Enable chunking of HTTP responses via "Transfer-Encoding: chunked"', false]),
OptBool.new('HTTP::header_folding', [false, 'Enable folding of HTTP headers', false]),
OptBool.new('HTTP::junk_headers', [false, 'Enable insertion of random junk HTTP headers', false]),
@ -558,6 +559,10 @@ module Exploit::Remote::HttpServer
response.headers.junk_headers = 1
end
if datastore['HTTP::no_cache']
response.headers['Cache-Control'] = 'no-store, no-cache, must-revalidate'
end
headers.each_pair { |k,v| response[k] = v }
cli.send_response(response)

View File

@ -74,7 +74,7 @@ class MetasploitModule < Msf::Auxiliary
def on_request_exploit(cli, req, target_info)
print_target_info(cli, target_info)
send_not_found(cli)
send_response(cli, '')
end
def run