Land #3359, more Set-Cookie fixes
commit
dfab26ea36
|
@ -42,10 +42,10 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'uri' => normalize_uri(@uri.path)
|
||||
})
|
||||
|
||||
return [nil, nil] if not (res and res.headers['Set-Cookie'])
|
||||
return [nil, nil] if res.nil? || res.get_cookies.empty?
|
||||
|
||||
# Get the session ID from the cookie
|
||||
m = res.headers['Set-Cookie'].match(/(DOLSESSID_.+);/)
|
||||
m = get_cookies.match(/(DOLSESSID_.+);/)
|
||||
id = (m.nil?) ? nil : m[1]
|
||||
|
||||
# Get the token from the decompressed HTTP body response
|
||||
|
|
|
@ -167,7 +167,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
print_status("Trying credential GlassFish 2.x #{user}:'#{pass}'....")
|
||||
res = try_login(user,pass)
|
||||
if res and res.code == 302
|
||||
session = $1 if (res and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*); /i)
|
||||
session = $1 if res && res.get_cookies =~ /JSESSIONID=(.*); /i
|
||||
res = send_request('/applications/upload.jsf', 'GET', session)
|
||||
|
||||
p = /<title>Deploy Enterprise Applications\/Modules/
|
||||
|
@ -180,7 +180,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
print_status("Trying credential GlassFish 3.x #{user}:'#{pass}'....")
|
||||
res = try_login(user,pass)
|
||||
if res and res.code == 302
|
||||
session = $1 if (res and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*); /i)
|
||||
session = $1 if res && res.get_cookies =~ /JSESSIONID=(.*); /i
|
||||
res = send_request('/common/applications/uploadFrame.jsf', 'GET', session)
|
||||
|
||||
p = /<title>Deploy Applications or Modules/
|
||||
|
|
|
@ -64,7 +64,7 @@ class Metasploit4 < Msf::Auxiliary
|
|||
}
|
||||
})
|
||||
|
||||
if res and res.code == 200 and res.headers['Set-Cookie'] and res.headers['Set-Cookie'] =~ /([^\s]*session)=([a-z0-9]+)/
|
||||
if res && res.code == 200 && res.get_cookies =~ /([^\s]*session)=([a-z0-9]+)/
|
||||
return $1,$2
|
||||
else
|
||||
return nil
|
||||
|
@ -134,8 +134,8 @@ class Metasploit4 < Msf::Auxiliary
|
|||
'cookie' => session_cookie
|
||||
})
|
||||
|
||||
if res and res.code == 302 and res.headers['Set-Cookie'] =~ /UserID=/
|
||||
parse_auth_cookie(res.headers['Set-Cookie'])
|
||||
if res and res.code == 302 and res.get_cookies.include?('UserID=')
|
||||
parse_auth_cookie(res.get_cookies)
|
||||
return true
|
||||
else
|
||||
return false
|
||||
|
|
|
@ -200,7 +200,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
return :abort
|
||||
end
|
||||
|
||||
if action.name != "OWA_2013" and not res.headers['set-cookie']
|
||||
if action.name != "OWA_2013" and res.get_cookies.empty?
|
||||
print_error("#{msg} Received invalid repsonse due to a missing cookie (possibly due to invalid version), aborting")
|
||||
return :abort
|
||||
end
|
||||
|
@ -233,8 +233,9 @@ class Metasploit3 < Msf::Auxiliary
|
|||
end
|
||||
else
|
||||
# these two lines are the authentication info
|
||||
sessionid = 'sessionid=' << res.headers['set-cookie'].split('sessionid=')[1].split('; ')[0]
|
||||
cadata = 'cadata=' << res.headers['set-cookie'].split('cadata=')[1].split('; ')[0]
|
||||
cookies = res.get_cookies
|
||||
sessionid = 'sessionid=' << cookies.split('sessionid=')[1].split('; ')[0]
|
||||
cadata = 'cadata=' << cookies.split('cadata=')[1].split('; ')[0]
|
||||
headers['Cookie'] = 'PBack=0; ' << sessionid << '; ' << cadata
|
||||
end
|
||||
|
||||
|
|
|
@ -82,7 +82,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'authorization' => basic_auth(user,pass)
|
||||
})
|
||||
|
||||
if (res and res.headers['Set-Cookie'])
|
||||
if res and !res.get_cookies.empty?
|
||||
print_good("#{rhost}:#{rport} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
|
||||
|
||||
report_hash = {
|
||||
|
|
|
@ -56,7 +56,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'method' => 'GET'
|
||||
})
|
||||
|
||||
if (res and res.code.to_i == 200 and res.headers['Set-Cookie'].include?('SEVONE'))
|
||||
if (res and res.code.to_i == 200 and res.get_cookies.include?('SEVONE'))
|
||||
version_key = /Version: <strong>(.+)<\/strong>/
|
||||
version = res.body.scan(version_key).flatten
|
||||
print_good("#{rhost}:#{rport} - Application confirmed to be SevOne Network Performance Management System version #{version}")
|
||||
|
|
|
@ -75,7 +75,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
}
|
||||
})
|
||||
|
||||
if res and res.code == 200 and res.body.to_s =~ /self.location="\.\.\/cgi\/url_redirect\.cgi/ and res.headers["Set-Cookie"].to_s =~ /(SID=[a-z]+)/
|
||||
if res and res.code == 200 and res.body.to_s =~ /self.location="\.\.\/cgi\/url_redirect\.cgi/ and res.get_cookies =~ /(SID=[a-z]+)/
|
||||
return $1
|
||||
else
|
||||
return nil
|
||||
|
|
|
@ -82,8 +82,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
session_id = ''
|
||||
cval = ''
|
||||
|
||||
if res and res.code == 200 and res.headers['Set-Cookie']
|
||||
res.headers['Set-Cookie'].split(';').each {|c|
|
||||
if res and res.code == 200 and !res.get_cookies.empty?
|
||||
res.get_cookies.split(';').each {|c|
|
||||
c.split(',').each {|v|
|
||||
if v.split('=')[0] =~ /cval/
|
||||
cval = v.split('=')[1]
|
||||
|
|
|
@ -86,8 +86,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
last_login = '' #A hidden field in the login page
|
||||
|
||||
res = send_request_raw({'uri'=>'/brightmail/viewLogin.do'})
|
||||
if res and res.headers['Set-Cookie']
|
||||
sid = res.headers['Set-Cookie'].scan(/JSESSIONID=([a-zA-Z0-9]+)/).flatten[0] || ''
|
||||
if res and !res.get_cookies.empty?
|
||||
sid = res.get_cookies.scan(/JSESSIONID=([a-zA-Z0-9]+)/).flatten[0] || ''
|
||||
end
|
||||
|
||||
if res
|
||||
|
@ -147,4 +147,4 @@ class Metasploit3 < Msf::Auxiliary
|
|||
download_file(sid, fname)
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -102,7 +102,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'data' => post_data,
|
||||
}, 20)
|
||||
|
||||
if res and res.code == 200 and res.headers['Set-Cookie']
|
||||
if res and res.code == 200 and !res.get_cookies.empty?
|
||||
vprint_error("#{target_url} - Apache Tomcat #{user} not found ")
|
||||
elsif res and res.code == 200 and res.body =~ /invalid username/i
|
||||
vprint_error("#{target_url} - Apache Tomcat #{user} not found ")
|
||||
|
|
|
@ -43,7 +43,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
})
|
||||
|
||||
# Get the PHP session ID
|
||||
m = res.headers['Set-Cookie'].match(/(PHPSESSID=.+);/)
|
||||
m = res.get_cookies.match(/(PHPSESSID=.+);/)
|
||||
id = (m.nil?) ? nil : m[1]
|
||||
|
||||
return id
|
||||
|
|
|
@ -93,10 +93,10 @@ class Metasploit3 < Msf::Auxiliary
|
|||
return
|
||||
end
|
||||
|
||||
if (res and res.code == 302 )
|
||||
if res.headers['Set-Cookie'] and res.headers['Set-Cookie'].match(/DomAuthSessId=(.*);(.*)/i)
|
||||
if res and res.code == 302
|
||||
if res.get_cookies.match(/DomAuthSessId=(.*);(.*)/i)
|
||||
cookie = "DomAuthSessId=#{$1}"
|
||||
elsif res.headers['Set-Cookie'] and res.headers['Set-Cookie'].match(/LtpaToken=(.*);(.*)/i)
|
||||
elsif res.get_cookies.match(/LtpaToken=(.*);(.*)/i)
|
||||
cookie = "LtpaToken=#{$1}"
|
||||
else
|
||||
print_error("http://#{vhost}:#{rport} - Lotus Domino - Unrecognized 302 response")
|
||||
|
|
|
@ -45,8 +45,8 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'data' => post_data,
|
||||
}, 20)
|
||||
|
||||
if (res and res.code == 302 )
|
||||
if res.headers['Set-Cookie'].match(/DomAuthSessId=(.*);(.*)/i)
|
||||
if res and res.code == 302
|
||||
if res.get_cookies.match(/DomAuthSessId=(.*);(.*)/i)
|
||||
print_good("http://#{vhost}:#{rport} - Lotus Domino - SUCCESSFUL login for '#{user}' : '#{pass}'")
|
||||
report_auth_info(
|
||||
:host => rhost,
|
||||
|
|
|
@ -76,9 +76,9 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
token = ''
|
||||
uisession = ''
|
||||
if res and res.code == 200 and res.headers['Set-Cookie']
|
||||
if res and res.code == 200 and !res.get_cookies.empty?
|
||||
# extract tokens from cookie
|
||||
res.headers['Set-Cookie'].split(';').each {|c|
|
||||
res.get_cookies.split(';').each {|c|
|
||||
c.split(',').each {|v|
|
||||
if v.split('=')[0] =~ /token/
|
||||
token = v.split('=')[1]
|
||||
|
|
|
@ -56,7 +56,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'headers' => { 'Authorization' => "Basic #{@user_pass}"}
|
||||
}, 25)
|
||||
if res
|
||||
@vim_cookie = res.headers['Set-Cookie']
|
||||
@vim_cookie = res.get_cookies
|
||||
if res.code== 200
|
||||
res.body.scan(/<a href="([\w\/\?=&;%]+)">/) do |match|
|
||||
link = match[0]
|
||||
|
@ -88,7 +88,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
'headers' => { 'Authorization' => "Basic #{@user_pass}"}
|
||||
}, 25)
|
||||
if res
|
||||
@vim_cookie = res.headers['Set-Cookie']
|
||||
@vim_cookie = res.get_cookies
|
||||
if res.code == 200
|
||||
img = res.body
|
||||
ss_path = store_loot("host.vmware.screenshot", "image/png", datastore['RHOST'], img, name , "Screenshot of VM #{name}")
|
||||
|
|
|
@ -78,10 +78,10 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'uri' => @uri.path
|
||||
})
|
||||
|
||||
return [nil, nil] if not (res and res.headers['Set-Cookie'])
|
||||
return [nil, nil] if res.nil? || res.get_cookies.empty?
|
||||
|
||||
# Get the session ID from the cookie
|
||||
m = res.headers['Set-Cookie'].match(/(DOLSESSID_.+);/)
|
||||
m = res.get_cookies.match(/(DOLSESSID_.+);/)
|
||||
id = (m.nil?) ? nil : m[1]
|
||||
|
||||
# Get the token from the decompressed HTTP body response
|
||||
|
|
|
@ -67,7 +67,7 @@ class Metasploit4 < Msf::Exploit::Remote
|
|||
if res.headers['Location'] =~ /users\/login$/
|
||||
fail_with(Failure::NoAccess, 'Authentication failed')
|
||||
else
|
||||
session = $1 if res.headers['Set-Cookie'] =~ /_session_id=([0-9a-f]*)/
|
||||
session = $1 if res.get_cookies =~ /_session_id=([0-9a-f]*)/
|
||||
fail_with(Failure::UnexpectedReply, 'Failed to retrieve the current session id') if session.nil?
|
||||
end
|
||||
|
||||
|
|
|
@ -90,7 +90,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'josso_password' => datastore['PASSWORD']
|
||||
}
|
||||
})
|
||||
if res and res.headers['Set-Cookie'] =~ /JOSSO_SESSIONID_josso=([A-F0-9]+)/
|
||||
if res and res.get_cookies =~ /JOSSO_SESSIONID_josso=([A-F0-9]+)/
|
||||
return $1
|
||||
else
|
||||
return nil
|
||||
|
|
|
@ -87,7 +87,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'method' => 'GET'
|
||||
})
|
||||
|
||||
if res and res.code == 200 and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*);/
|
||||
if res and res.code == 200 and res.get_cookies =~ /JSESSIONID=(.*);/
|
||||
first_session = $1
|
||||
end
|
||||
|
||||
|
@ -113,7 +113,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'cookie' => "JSESSIONID=#{first_session}"
|
||||
})
|
||||
|
||||
if res and res.code == 200 and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*);/
|
||||
if res and res.code == 200 and res.get_cookies =~ /JSESSIONID=(.*);/
|
||||
@session = $1
|
||||
return true
|
||||
end
|
||||
|
|
|
@ -77,7 +77,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'iptest' => "127.0.0.1" # In order to make things as fast as possible
|
||||
}
|
||||
})
|
||||
if res and res.code == 200 and res.headers.include?('Set-Cookie') and res.headers['Set-Cookie'] =~ /SESSIONID/
|
||||
if res and res.code == 200 and res.get_cookies.include?('SESSIONID')
|
||||
return res.get_cookies
|
||||
else
|
||||
return nil
|
||||
|
|
|
@ -97,7 +97,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
# response handling
|
||||
if res and res.code == 302
|
||||
if (res.headers['Set-Cookie'] =~ /ac_ActiveCollab_sid_eaM4h3LTIZ=(.*); expires=/)
|
||||
if res.get_cookies =~ /ac_ActiveCollab_sid_[a-zA-Z0-9]+=(.*); expires=/
|
||||
acsession = $1
|
||||
end
|
||||
elsif res and res.body =~ /Failed to log you in/
|
||||
|
|
|
@ -283,7 +283,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
# likely to change
|
||||
|
||||
success = true if(res.body.scan(/Welcome to Axis2 Web/i).size == 1)
|
||||
if (res.headers['Set-Cookie'] =~ /JSESSIONID=(.*);/)
|
||||
if res.get_cookies =~ /JSESSIONID=(.*);/
|
||||
session = $1
|
||||
end
|
||||
end
|
||||
|
@ -319,7 +319,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
# likely to change
|
||||
|
||||
success = true if(res.body.scan(/Welcome to Axis2 Web/i).size == 1)
|
||||
if (res.headers['Set-Cookie'] =~ /JSESSIONID=(.*);/)
|
||||
if res.get_cookies =~ /JSESSIONID=(.*);/
|
||||
session = $1
|
||||
end
|
||||
end
|
||||
|
|
|
@ -684,7 +684,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
print_status("Trying #{type} credentials for GlassFish 2.x #{user}:'#{pass}'....")
|
||||
res = try_login(user,pass)
|
||||
if res and res.code == 302
|
||||
session = $1 if (res and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*); /i)
|
||||
session = $1 if res and res.get_cookies =~ /JSESSIONID=(.*); /i
|
||||
res = send_request('/applications/upload.jsf', 'GET', session)
|
||||
|
||||
p = /<title>Deploy Enterprise Applications\/Modules/
|
||||
|
@ -697,7 +697,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
print_status("Trying #{type} credentials for GlassFish 3.x #{user}:'#{pass}'....")
|
||||
res = try_login(user,pass)
|
||||
if res and res.code == 302
|
||||
session = $1 if (res and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*); /i)
|
||||
session = $1 if res and res.get_cookies =~ /JSESSIONID=(.*); /i
|
||||
res = send_request('/common/applications/uploadFrame.jsf', 'GET', session)
|
||||
|
||||
p = /<title>Deploy Applications or Modules/
|
||||
|
@ -788,7 +788,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
print_status("Glassfish edition: #{banner}")
|
||||
|
||||
#Get session
|
||||
res.headers['Set-Cookie'] =~ /JSESSIONID=(.*); /
|
||||
res.get_cookies =~ /JSESSIONID=(.*); /
|
||||
session = $1
|
||||
|
||||
#Set HTTP verbs. lower-case is used to bypass auth on v3.0
|
||||
|
|
|
@ -61,7 +61,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
if res.code == 200
|
||||
vprint_error("#{peer} - Authentication failed")
|
||||
return Exploit::CheckCode::Unknown
|
||||
elsif res.code == 301 and res.headers['set-cookie'] =~ /sid([\da-f]+)=([\da-f]{32})/
|
||||
elsif res.code == 301 and res.get_cookies =~ /sid([\da-f]+)=([\da-f]{32})/
|
||||
vprint_good("#{peer} - Authenticated successfully")
|
||||
return Exploit::CheckCode::Appears
|
||||
end
|
||||
|
@ -130,7 +130,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
# login; get session id and token
|
||||
print_status("#{peer} - Authenticating as user '#{user}'")
|
||||
res = login(base, user, pass)
|
||||
if res and res.code == 301 and res.headers['set-cookie'] =~ /sid([\da-f]+)=([\da-f]{32})/
|
||||
if res and res.code == 301 and res.get_cookies =~ /sid([\da-f]+)=([\da-f]{32})/
|
||||
token = "#{$1}"
|
||||
sid = "#{$2}"
|
||||
print_good("#{peer} - Authenticated successfully")
|
||||
|
|
|
@ -102,7 +102,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'method' => 'POST'
|
||||
)
|
||||
|
||||
if res and res.code == 200 and res.headers['Set-Cookie'] =~ /JSESSIONID=([0-9A-F]*);/
|
||||
if res and res.code == 200 and res.get_cookies =~ /JSESSIONID=([0-9A-F]*);/
|
||||
session_id = $1
|
||||
else
|
||||
print_error("#{peer} - Retrieve of initial JSESSIONID failed")
|
||||
|
@ -125,7 +125,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
}
|
||||
})
|
||||
|
||||
if res and res.code == 302 and res.headers['Set-Cookie'] =~ /JSESSIONID=([0-9A-F]*);/
|
||||
if res and res.code == 302 and res.get_cookies =~ /JSESSIONID=([0-9A-F]*);/
|
||||
session_id = $1
|
||||
redirect = URI(res.headers['Location']).path
|
||||
else
|
||||
|
|
|
@ -113,7 +113,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
# CpqElm-Login: success
|
||||
if res.headers['CpqElm-Login'].to_s =~ /success/
|
||||
cookie = res.headers['Set-Cookie'].scan(/(Compaq\-HMMD=[\w\-]+)/).flatten[0] || ''
|
||||
cookie = res.get_cookies.scan(/(Compaq\-HMMD=[\w\-]+)/).flatten[0] || ''
|
||||
end
|
||||
|
||||
cookie
|
||||
|
|
|
@ -161,7 +161,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
if not (res and res.code == 302) or res.headers['Location'] =~ /loginError/
|
||||
fail_with(Failure::NoAccess, 'login failed')
|
||||
end
|
||||
sessionid = 'JSESSIONID' << res.headers['set-cookie'].split('JSESSIONID')[1].split('; ')[0]
|
||||
sessionid = 'JSESSIONID' << res.get_cookies.split('JSESSIONID')[1].split('; ')[0]
|
||||
@cookie = "#{sessionid}"
|
||||
else
|
||||
print_status('No authentication required, skipping login...')
|
||||
|
|
|
@ -193,7 +193,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
}
|
||||
})
|
||||
|
||||
if res and res.code == 302 and res.headers['Location'] =~ /index.do/ and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*);/
|
||||
if res and res.code == 302 and res.headers['Location'] =~ /index.do/ and res.get_cookies =~ /JSESSIONID=(.*);/
|
||||
print_good("#{peer} - Login successful")
|
||||
session = $1
|
||||
else
|
||||
|
|
|
@ -73,7 +73,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
})
|
||||
|
||||
# If we don't get a cookie, bail!
|
||||
if res and res.headers['Set-Cookie'] =~ /(PHPVolunteerManagent=\w+);*/
|
||||
if res and res.get_cookies =~ /(PHPVolunteerManagent=\w+);*/
|
||||
cookie = $1
|
||||
vprint_status("#{peer} - Found cookie: #{cookie}")
|
||||
else
|
||||
|
|
|
@ -79,12 +79,12 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'uri' => uri,
|
||||
}, 3)
|
||||
|
||||
if (res.nil? or not res.headers['Set-Cookie'])
|
||||
if res.nil? or res.get_cookies.empty?
|
||||
print_error("Could not generate a valid session")
|
||||
return
|
||||
end
|
||||
|
||||
return res.headers['Set-Cookie']
|
||||
return res.get_cookies
|
||||
end
|
||||
|
||||
def cleanup
|
||||
|
|
|
@ -124,7 +124,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
}
|
||||
})
|
||||
|
||||
cookie = (res and res.headers['Set-Cookie'] =~ /qdpm\=.+\;/) ? res.headers['Set-Cookie'] : ''
|
||||
cookie = (res and res.get_cookies =~ /qdpm\=.+\;/) ? res.get_cookies : ''
|
||||
return {} if cookie.empty?
|
||||
cookie = cookie.to_s.scan(/(qdpm\=\w+)\;/).flatten[0]
|
||||
|
||||
|
|
|
@ -233,8 +233,8 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'uri' => datastore['TARGETURI'] || "/",
|
||||
'method' => datastore['HTTP_METHOD'],
|
||||
}, 25)
|
||||
if res && res.headers['Set-Cookie']
|
||||
match = res.headers['Set-Cookie'].match(/([_A-Za-z0-9]+)=([A-Za-z0-9%]*)--([0-9A-Fa-f]+); /)
|
||||
if res && !res.get_cookies.empty?
|
||||
match = res.get_cookies.match(/([_A-Za-z0-9]+)=([A-Za-z0-9%]*)--([0-9A-Fa-f]+); /)
|
||||
end
|
||||
|
||||
if match
|
||||
|
|
|
@ -86,8 +86,8 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
}
|
||||
})
|
||||
|
||||
if res and res.headers['Set-Cookie'] =~ /PHPSESSID/ and res.body !~ /\<i\>Access denied\!\<\/i\>/
|
||||
return res.headers['Set-Cookie']
|
||||
if res and res.get_cookies.include?('PHPSESSID') and res.body !~ /\<i\>Access denied\!\<\/i\>/
|
||||
return res.get_cookies
|
||||
else
|
||||
return ''
|
||||
end
|
||||
|
|
|
@ -95,7 +95,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
if (res and res.code == 302 and res.headers['Location'] =~ /main.php/)
|
||||
print_status("Successfully logged in as #{user}:#{pass}")
|
||||
|
||||
if (res.headers['Set-Cookie'] =~ /SiTsessionID/) and res.headers['Set-Cookie'].split("SiTsessionID")[-1] =~ /=(.*);/
|
||||
if (res.get_cookies =~ /SiTsessionID/) and res.get_cookies.split("SiTsessionID")[-1] =~ /=(.*);/
|
||||
session = $1
|
||||
print_status("Successfully retrieved cookie: #{session}")
|
||||
return session
|
||||
|
|
|
@ -124,8 +124,8 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
uid = ''
|
||||
session_id_port =
|
||||
session_id = ''
|
||||
if res and res.code == 200 and res.headers['Set-Cookie']
|
||||
res.headers['Set-Cookie'].split(';').each {|c|
|
||||
if res and res.code == 200 and !res.get_cookies.empty?
|
||||
res.get_cookies.split(';').each {|c|
|
||||
c.split(',').each {|v|
|
||||
if v.split('=')[0] =~ /cval/
|
||||
cval = v.split('=')[1]
|
||||
|
@ -159,7 +159,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
else
|
||||
session_id_port = ''
|
||||
session_id = ''
|
||||
res.headers['Set-Cookie'].split(';').each {|c|
|
||||
res.get_cookies.split(';').each {|c|
|
||||
c.split(',').each {|v|
|
||||
if v.split('=')[0] =~ /session_id/
|
||||
session_id_port = v.split('=')[0]
|
||||
|
|
|
@ -202,7 +202,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
session_id_port =
|
||||
session_id = ''
|
||||
if res and res.code == 200
|
||||
res.headers['Set-Cookie'].split(';').each {|c|
|
||||
res.get_cookies.split(';').each {|c|
|
||||
c.split(',').each {|v|
|
||||
if v.split('=')[0] =~ /cval/
|
||||
cval = v.split('=')[1]
|
||||
|
@ -236,7 +236,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
else
|
||||
session_id_port = ''
|
||||
session_id = ''
|
||||
res.headers['Set-Cookie'].split(';').each {|c|
|
||||
res.get_cookies.split(';').each {|c|
|
||||
c.split(',').each {|v|
|
||||
if v.split('=')[0] =~ /session_id/
|
||||
session_id_port = v.split('=')[0]
|
||||
|
|
Loading…
Reference in New Issue