Land #3359, more Set-Cookie fixes

bug/bundler_fix
William Vu 2014-05-14 01:22:09 -05:00
commit dfab26ea36
No known key found for this signature in database
GPG Key ID: E761DCB4C1629024
36 changed files with 64 additions and 63 deletions

View File

@ -42,10 +42,10 @@ class Metasploit3 < Msf::Auxiliary
'uri' => normalize_uri(@uri.path)
})
return [nil, nil] if not (res and res.headers['Set-Cookie'])
return [nil, nil] if res.nil? || res.get_cookies.empty?
# Get the session ID from the cookie
m = res.headers['Set-Cookie'].match(/(DOLSESSID_.+);/)
m = get_cookies.match(/(DOLSESSID_.+);/)
id = (m.nil?) ? nil : m[1]
# Get the token from the decompressed HTTP body response

View File

@ -167,7 +167,7 @@ class Metasploit3 < Msf::Auxiliary
print_status("Trying credential GlassFish 2.x #{user}:'#{pass}'....")
res = try_login(user,pass)
if res and res.code == 302
session = $1 if (res and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*); /i)
session = $1 if res && res.get_cookies =~ /JSESSIONID=(.*); /i
res = send_request('/applications/upload.jsf', 'GET', session)
p = /<title>Deploy Enterprise Applications\/Modules/
@ -180,7 +180,7 @@ class Metasploit3 < Msf::Auxiliary
print_status("Trying credential GlassFish 3.x #{user}:'#{pass}'....")
res = try_login(user,pass)
if res and res.code == 302
session = $1 if (res and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*); /i)
session = $1 if res && res.get_cookies =~ /JSESSIONID=(.*); /i
res = send_request('/common/applications/uploadFrame.jsf', 'GET', session)
p = /<title>Deploy Applications or Modules/

View File

@ -64,7 +64,7 @@ class Metasploit4 < Msf::Auxiliary
}
})
if res and res.code == 200 and res.headers['Set-Cookie'] and res.headers['Set-Cookie'] =~ /([^\s]*session)=([a-z0-9]+)/
if res && res.code == 200 && res.get_cookies =~ /([^\s]*session)=([a-z0-9]+)/
return $1,$2
else
return nil
@ -134,8 +134,8 @@ class Metasploit4 < Msf::Auxiliary
'cookie' => session_cookie
})
if res and res.code == 302 and res.headers['Set-Cookie'] =~ /UserID=/
parse_auth_cookie(res.headers['Set-Cookie'])
if res and res.code == 302 and res.get_cookies.include?('UserID=')
parse_auth_cookie(res.get_cookies)
return true
else
return false

View File

@ -200,7 +200,7 @@ class Metasploit3 < Msf::Auxiliary
return :abort
end
if action.name != "OWA_2013" and not res.headers['set-cookie']
if action.name != "OWA_2013" and res.get_cookies.empty?
print_error("#{msg} Received invalid repsonse due to a missing cookie (possibly due to invalid version), aborting")
return :abort
end
@ -233,8 +233,9 @@ class Metasploit3 < Msf::Auxiliary
end
else
# these two lines are the authentication info
sessionid = 'sessionid=' << res.headers['set-cookie'].split('sessionid=')[1].split('; ')[0]
cadata = 'cadata=' << res.headers['set-cookie'].split('cadata=')[1].split('; ')[0]
cookies = res.get_cookies
sessionid = 'sessionid=' << cookies.split('sessionid=')[1].split('; ')[0]
cadata = 'cadata=' << cookies.split('cadata=')[1].split('; ')[0]
headers['Cookie'] = 'PBack=0; ' << sessionid << '; ' << cadata
end

View File

@ -82,7 +82,7 @@ class Metasploit3 < Msf::Auxiliary
'authorization' => basic_auth(user,pass)
})
if (res and res.headers['Set-Cookie'])
if res and !res.get_cookies.empty?
print_good("#{rhost}:#{rport} - SUCCESSFUL LOGIN - #{user.inspect}:#{pass.inspect}")
report_hash = {

View File

@ -56,7 +56,7 @@ class Metasploit3 < Msf::Auxiliary
'method' => 'GET'
})
if (res and res.code.to_i == 200 and res.headers['Set-Cookie'].include?('SEVONE'))
if (res and res.code.to_i == 200 and res.get_cookies.include?('SEVONE'))
version_key = /Version: <strong>(.+)<\/strong>/
version = res.body.scan(version_key).flatten
print_good("#{rhost}:#{rport} - Application confirmed to be SevOne Network Performance Management System version #{version}")

View File

@ -75,7 +75,7 @@ class Metasploit3 < Msf::Auxiliary
}
})
if res and res.code == 200 and res.body.to_s =~ /self.location="\.\.\/cgi\/url_redirect\.cgi/ and res.headers["Set-Cookie"].to_s =~ /(SID=[a-z]+)/
if res and res.code == 200 and res.body.to_s =~ /self.location="\.\.\/cgi\/url_redirect\.cgi/ and res.get_cookies =~ /(SID=[a-z]+)/
return $1
else
return nil

View File

@ -82,8 +82,8 @@ class Metasploit3 < Msf::Auxiliary
session_id = ''
cval = ''
if res and res.code == 200 and res.headers['Set-Cookie']
res.headers['Set-Cookie'].split(';').each {|c|
if res and res.code == 200 and !res.get_cookies.empty?
res.get_cookies.split(';').each {|c|
c.split(',').each {|v|
if v.split('=')[0] =~ /cval/
cval = v.split('=')[1]

View File

@ -86,8 +86,8 @@ class Metasploit3 < Msf::Auxiliary
last_login = '' #A hidden field in the login page
res = send_request_raw({'uri'=>'/brightmail/viewLogin.do'})
if res and res.headers['Set-Cookie']
sid = res.headers['Set-Cookie'].scan(/JSESSIONID=([a-zA-Z0-9]+)/).flatten[0] || ''
if res and !res.get_cookies.empty?
sid = res.get_cookies.scan(/JSESSIONID=([a-zA-Z0-9]+)/).flatten[0] || ''
end
if res
@ -147,4 +147,4 @@ class Metasploit3 < Msf::Auxiliary
download_file(sid, fname)
end
end
end

View File

@ -102,7 +102,7 @@ class Metasploit3 < Msf::Auxiliary
'data' => post_data,
}, 20)
if res and res.code == 200 and res.headers['Set-Cookie']
if res and res.code == 200 and !res.get_cookies.empty?
vprint_error("#{target_url} - Apache Tomcat #{user} not found ")
elsif res and res.code == 200 and res.body =~ /invalid username/i
vprint_error("#{target_url} - Apache Tomcat #{user} not found ")

View File

@ -43,7 +43,7 @@ class Metasploit3 < Msf::Auxiliary
})
# Get the PHP session ID
m = res.headers['Set-Cookie'].match(/(PHPSESSID=.+);/)
m = res.get_cookies.match(/(PHPSESSID=.+);/)
id = (m.nil?) ? nil : m[1]
return id

View File

@ -93,10 +93,10 @@ class Metasploit3 < Msf::Auxiliary
return
end
if (res and res.code == 302 )
if res.headers['Set-Cookie'] and res.headers['Set-Cookie'].match(/DomAuthSessId=(.*);(.*)/i)
if res and res.code == 302
if res.get_cookies.match(/DomAuthSessId=(.*);(.*)/i)
cookie = "DomAuthSessId=#{$1}"
elsif res.headers['Set-Cookie'] and res.headers['Set-Cookie'].match(/LtpaToken=(.*);(.*)/i)
elsif res.get_cookies.match(/LtpaToken=(.*);(.*)/i)
cookie = "LtpaToken=#{$1}"
else
print_error("http://#{vhost}:#{rport} - Lotus Domino - Unrecognized 302 response")

View File

@ -45,8 +45,8 @@ class Metasploit3 < Msf::Auxiliary
'data' => post_data,
}, 20)
if (res and res.code == 302 )
if res.headers['Set-Cookie'].match(/DomAuthSessId=(.*);(.*)/i)
if res and res.code == 302
if res.get_cookies.match(/DomAuthSessId=(.*);(.*)/i)
print_good("http://#{vhost}:#{rport} - Lotus Domino - SUCCESSFUL login for '#{user}' : '#{pass}'")
report_auth_info(
:host => rhost,

View File

@ -76,9 +76,9 @@ class Metasploit3 < Msf::Auxiliary
token = ''
uisession = ''
if res and res.code == 200 and res.headers['Set-Cookie']
if res and res.code == 200 and !res.get_cookies.empty?
# extract tokens from cookie
res.headers['Set-Cookie'].split(';').each {|c|
res.get_cookies.split(';').each {|c|
c.split(',').each {|v|
if v.split('=')[0] =~ /token/
token = v.split('=')[1]

View File

@ -56,7 +56,7 @@ class Metasploit3 < Msf::Auxiliary
'headers' => { 'Authorization' => "Basic #{@user_pass}"}
}, 25)
if res
@vim_cookie = res.headers['Set-Cookie']
@vim_cookie = res.get_cookies
if res.code== 200
res.body.scan(/<a href="([\w\/\?=&;%]+)">/) do |match|
link = match[0]
@ -88,7 +88,7 @@ class Metasploit3 < Msf::Auxiliary
'headers' => { 'Authorization' => "Basic #{@user_pass}"}
}, 25)
if res
@vim_cookie = res.headers['Set-Cookie']
@vim_cookie = res.get_cookies
if res.code == 200
img = res.body
ss_path = store_loot("host.vmware.screenshot", "image/png", datastore['RHOST'], img, name , "Screenshot of VM #{name}")

View File

@ -78,10 +78,10 @@ class Metasploit3 < Msf::Exploit::Remote
'uri' => @uri.path
})
return [nil, nil] if not (res and res.headers['Set-Cookie'])
return [nil, nil] if res.nil? || res.get_cookies.empty?
# Get the session ID from the cookie
m = res.headers['Set-Cookie'].match(/(DOLSESSID_.+);/)
m = res.get_cookies.match(/(DOLSESSID_.+);/)
id = (m.nil?) ? nil : m[1]
# Get the token from the decompressed HTTP body response

View File

@ -67,7 +67,7 @@ class Metasploit4 < Msf::Exploit::Remote
if res.headers['Location'] =~ /users\/login$/
fail_with(Failure::NoAccess, 'Authentication failed')
else
session = $1 if res.headers['Set-Cookie'] =~ /_session_id=([0-9a-f]*)/
session = $1 if res.get_cookies =~ /_session_id=([0-9a-f]*)/
fail_with(Failure::UnexpectedReply, 'Failed to retrieve the current session id') if session.nil?
end

View File

@ -90,7 +90,7 @@ class Metasploit3 < Msf::Exploit::Remote
'josso_password' => datastore['PASSWORD']
}
})
if res and res.headers['Set-Cookie'] =~ /JOSSO_SESSIONID_josso=([A-F0-9]+)/
if res and res.get_cookies =~ /JOSSO_SESSIONID_josso=([A-F0-9]+)/
return $1
else
return nil

View File

@ -87,7 +87,7 @@ class Metasploit3 < Msf::Exploit::Remote
'method' => 'GET'
})
if res and res.code == 200 and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*);/
if res and res.code == 200 and res.get_cookies =~ /JSESSIONID=(.*);/
first_session = $1
end
@ -113,7 +113,7 @@ class Metasploit3 < Msf::Exploit::Remote
'cookie' => "JSESSIONID=#{first_session}"
})
if res and res.code == 200 and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*);/
if res and res.code == 200 and res.get_cookies =~ /JSESSIONID=(.*);/
@session = $1
return true
end

View File

@ -77,7 +77,7 @@ class Metasploit3 < Msf::Exploit::Remote
'iptest' => "127.0.0.1" # In order to make things as fast as possible
}
})
if res and res.code == 200 and res.headers.include?('Set-Cookie') and res.headers['Set-Cookie'] =~ /SESSIONID/
if res and res.code == 200 and res.get_cookies.include?('SESSIONID')
return res.get_cookies
else
return nil

View File

@ -97,7 +97,7 @@ class Metasploit3 < Msf::Exploit::Remote
# response handling
if res and res.code == 302
if (res.headers['Set-Cookie'] =~ /ac_ActiveCollab_sid_eaM4h3LTIZ=(.*); expires=/)
if res.get_cookies =~ /ac_ActiveCollab_sid_[a-zA-Z0-9]+=(.*); expires=/
acsession = $1
end
elsif res and res.body =~ /Failed to log you in/

View File

@ -283,7 +283,7 @@ class Metasploit3 < Msf::Exploit::Remote
# likely to change
success = true if(res.body.scan(/Welcome to Axis2 Web/i).size == 1)
if (res.headers['Set-Cookie'] =~ /JSESSIONID=(.*);/)
if res.get_cookies =~ /JSESSIONID=(.*);/
session = $1
end
end
@ -319,7 +319,7 @@ class Metasploit3 < Msf::Exploit::Remote
# likely to change
success = true if(res.body.scan(/Welcome to Axis2 Web/i).size == 1)
if (res.headers['Set-Cookie'] =~ /JSESSIONID=(.*);/)
if res.get_cookies =~ /JSESSIONID=(.*);/
session = $1
end
end

View File

@ -684,7 +684,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Trying #{type} credentials for GlassFish 2.x #{user}:'#{pass}'....")
res = try_login(user,pass)
if res and res.code == 302
session = $1 if (res and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*); /i)
session = $1 if res and res.get_cookies =~ /JSESSIONID=(.*); /i
res = send_request('/applications/upload.jsf', 'GET', session)
p = /<title>Deploy Enterprise Applications\/Modules/
@ -697,7 +697,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Trying #{type} credentials for GlassFish 3.x #{user}:'#{pass}'....")
res = try_login(user,pass)
if res and res.code == 302
session = $1 if (res and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*); /i)
session = $1 if res and res.get_cookies =~ /JSESSIONID=(.*); /i
res = send_request('/common/applications/uploadFrame.jsf', 'GET', session)
p = /<title>Deploy Applications or Modules/
@ -788,7 +788,7 @@ class Metasploit3 < Msf::Exploit::Remote
print_status("Glassfish edition: #{banner}")
#Get session
res.headers['Set-Cookie'] =~ /JSESSIONID=(.*); /
res.get_cookies =~ /JSESSIONID=(.*); /
session = $1
#Set HTTP verbs. lower-case is used to bypass auth on v3.0

View File

@ -61,7 +61,7 @@ class Metasploit3 < Msf::Exploit::Remote
if res.code == 200
vprint_error("#{peer} - Authentication failed")
return Exploit::CheckCode::Unknown
elsif res.code == 301 and res.headers['set-cookie'] =~ /sid([\da-f]+)=([\da-f]{32})/
elsif res.code == 301 and res.get_cookies =~ /sid([\da-f]+)=([\da-f]{32})/
vprint_good("#{peer} - Authenticated successfully")
return Exploit::CheckCode::Appears
end
@ -130,7 +130,7 @@ class Metasploit3 < Msf::Exploit::Remote
# login; get session id and token
print_status("#{peer} - Authenticating as user '#{user}'")
res = login(base, user, pass)
if res and res.code == 301 and res.headers['set-cookie'] =~ /sid([\da-f]+)=([\da-f]{32})/
if res and res.code == 301 and res.get_cookies =~ /sid([\da-f]+)=([\da-f]{32})/
token = "#{$1}"
sid = "#{$2}"
print_good("#{peer} - Authenticated successfully")

View File

@ -102,7 +102,7 @@ class Metasploit3 < Msf::Exploit::Remote
'method' => 'POST'
)
if res and res.code == 200 and res.headers['Set-Cookie'] =~ /JSESSIONID=([0-9A-F]*);/
if res and res.code == 200 and res.get_cookies =~ /JSESSIONID=([0-9A-F]*);/
session_id = $1
else
print_error("#{peer} - Retrieve of initial JSESSIONID failed")
@ -125,7 +125,7 @@ class Metasploit3 < Msf::Exploit::Remote
}
})
if res and res.code == 302 and res.headers['Set-Cookie'] =~ /JSESSIONID=([0-9A-F]*);/
if res and res.code == 302 and res.get_cookies =~ /JSESSIONID=([0-9A-F]*);/
session_id = $1
redirect = URI(res.headers['Location']).path
else

View File

@ -113,7 +113,7 @@ class Metasploit3 < Msf::Exploit::Remote
# CpqElm-Login: success
if res.headers['CpqElm-Login'].to_s =~ /success/
cookie = res.headers['Set-Cookie'].scan(/(Compaq\-HMMD=[\w\-]+)/).flatten[0] || ''
cookie = res.get_cookies.scan(/(Compaq\-HMMD=[\w\-]+)/).flatten[0] || ''
end
cookie

View File

@ -161,7 +161,7 @@ class Metasploit3 < Msf::Exploit::Remote
if not (res and res.code == 302) or res.headers['Location'] =~ /loginError/
fail_with(Failure::NoAccess, 'login failed')
end
sessionid = 'JSESSIONID' << res.headers['set-cookie'].split('JSESSIONID')[1].split('; ')[0]
sessionid = 'JSESSIONID' << res.get_cookies.split('JSESSIONID')[1].split('; ')[0]
@cookie = "#{sessionid}"
else
print_status('No authentication required, skipping login...')

View File

@ -193,7 +193,7 @@ class Metasploit3 < Msf::Exploit::Remote
}
})
if res and res.code == 302 and res.headers['Location'] =~ /index.do/ and res.headers['Set-Cookie'] =~ /JSESSIONID=(.*);/
if res and res.code == 302 and res.headers['Location'] =~ /index.do/ and res.get_cookies =~ /JSESSIONID=(.*);/
print_good("#{peer} - Login successful")
session = $1
else

View File

@ -73,7 +73,7 @@ class Metasploit3 < Msf::Exploit::Remote
})
# If we don't get a cookie, bail!
if res and res.headers['Set-Cookie'] =~ /(PHPVolunteerManagent=\w+);*/
if res and res.get_cookies =~ /(PHPVolunteerManagent=\w+);*/
cookie = $1
vprint_status("#{peer} - Found cookie: #{cookie}")
else

View File

@ -79,12 +79,12 @@ class Metasploit3 < Msf::Exploit::Remote
'uri' => uri,
}, 3)
if (res.nil? or not res.headers['Set-Cookie'])
if res.nil? or res.get_cookies.empty?
print_error("Could not generate a valid session")
return
end
return res.headers['Set-Cookie']
return res.get_cookies
end
def cleanup

View File

@ -124,7 +124,7 @@ class Metasploit3 < Msf::Exploit::Remote
}
})
cookie = (res and res.headers['Set-Cookie'] =~ /qdpm\=.+\;/) ? res.headers['Set-Cookie'] : ''
cookie = (res and res.get_cookies =~ /qdpm\=.+\;/) ? res.get_cookies : ''
return {} if cookie.empty?
cookie = cookie.to_s.scan(/(qdpm\=\w+)\;/).flatten[0]

View File

@ -233,8 +233,8 @@ class Metasploit3 < Msf::Exploit::Remote
'uri' => datastore['TARGETURI'] || "/",
'method' => datastore['HTTP_METHOD'],
}, 25)
if res && res.headers['Set-Cookie']
match = res.headers['Set-Cookie'].match(/([_A-Za-z0-9]+)=([A-Za-z0-9%]*)--([0-9A-Fa-f]+); /)
if res && !res.get_cookies.empty?
match = res.get_cookies.match(/([_A-Za-z0-9]+)=([A-Za-z0-9%]*)--([0-9A-Fa-f]+); /)
end
if match

View File

@ -86,8 +86,8 @@ class Metasploit3 < Msf::Exploit::Remote
}
})
if res and res.headers['Set-Cookie'] =~ /PHPSESSID/ and res.body !~ /\<i\>Access denied\!\<\/i\>/
return res.headers['Set-Cookie']
if res and res.get_cookies.include?('PHPSESSID') and res.body !~ /\<i\>Access denied\!\<\/i\>/
return res.get_cookies
else
return ''
end

View File

@ -95,7 +95,7 @@ class Metasploit3 < Msf::Exploit::Remote
if (res and res.code == 302 and res.headers['Location'] =~ /main.php/)
print_status("Successfully logged in as #{user}:#{pass}")
if (res.headers['Set-Cookie'] =~ /SiTsessionID/) and res.headers['Set-Cookie'].split("SiTsessionID")[-1] =~ /=(.*);/
if (res.get_cookies =~ /SiTsessionID/) and res.get_cookies.split("SiTsessionID")[-1] =~ /=(.*);/
session = $1
print_status("Successfully retrieved cookie: #{session}")
return session

View File

@ -124,8 +124,8 @@ class Metasploit3 < Msf::Exploit::Remote
uid = ''
session_id_port =
session_id = ''
if res and res.code == 200 and res.headers['Set-Cookie']
res.headers['Set-Cookie'].split(';').each {|c|
if res and res.code == 200 and !res.get_cookies.empty?
res.get_cookies.split(';').each {|c|
c.split(',').each {|v|
if v.split('=')[0] =~ /cval/
cval = v.split('=')[1]
@ -159,7 +159,7 @@ class Metasploit3 < Msf::Exploit::Remote
else
session_id_port = ''
session_id = ''
res.headers['Set-Cookie'].split(';').each {|c|
res.get_cookies.split(';').each {|c|
c.split(',').each {|v|
if v.split('=')[0] =~ /session_id/
session_id_port = v.split('=')[0]

View File

@ -202,7 +202,7 @@ class Metasploit3 < Msf::Exploit::Remote
session_id_port =
session_id = ''
if res and res.code == 200
res.headers['Set-Cookie'].split(';').each {|c|
res.get_cookies.split(';').each {|c|
c.split(',').each {|v|
if v.split('=')[0] =~ /cval/
cval = v.split('=')[1]
@ -236,7 +236,7 @@ class Metasploit3 < Msf::Exploit::Remote
else
session_id_port = ''
session_id = ''
res.headers['Set-Cookie'].split(';').each {|c|
res.get_cookies.split(';').each {|c|
c.split(',').each {|v|
if v.split('=')[0] =~ /session_id/
session_id_port = v.split('=')[0]