infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

some bugs for sinn3r

bug/bundler_fix
Brandon Perry 2014-03-24 18:17:50 -05:00
parent d6f397ab6d
commit ec35f4b13f
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/exploits/linux/http/lifesize_uvc_ping_rce.rb
View File

@ -48,6 +48,8 @@ class Metasploit3 < Msf::Exploit::Remote
register_options( register_options(
[ [
Opt::RPORT(443),
OptBool.new('SSL', [true, 'Use SSL', true]),
OptString.new('TARGETURI', [true, 'The URI of the vulnerable instance', '/']), OptString.new('TARGETURI', [true, 'The URI of the vulnerable instance', '/']),
OptString.new('USERNAME', [true, 'The username to authenticate with', 'administrator']), OptString.new('USERNAME', [true, 'The username to authenticate with', 'administrator']),
OptString.new('PASSWORD', [true, 'The password to authenticate with', 'admin123']) OptString.new('PASSWORD', [true, 'The password to authenticate with', 'admin123'])
@ -63,6 +65,10 @@ class Metasploit3 < Msf::Exploit::Remote
fail_with("Server did not respond in an expected way") fail_with("Server did not respond in an expected way")
end end
if res.code != 200
fail_with("Did not get a 200 response, perhaps the server isn't on an SSL port")
end
token = /name='csrfmiddlewaretoken' value='(.*)'/.match(res.body) token = /name='csrfmiddlewaretoken' value='(.*)'/.match(res.body)
token = token[1] token = token[1]