some fixes based on Christruncer's feedback
fixed some stuff i borked, back to you chris
This commit is contained in:
parent
cd3cdc5384
commit
2ac15f2088
|
@ -40,7 +40,13 @@ module Metasploit
|
|||
if nonce_response.body =~ /name='auth_key'\s+value='.*?((?:[a-z0-9]*))'/i
|
||||
server_nonce = $1
|
||||
|
||||
auth_uri = "#{uri}/index.php?app=core&module=global§ion=login&do=process"
|
||||
if uri.end_with? '/'
|
||||
base_uri = uri.gsub(/\/$/, '')
|
||||
else
|
||||
base_uri = uri
|
||||
end
|
||||
|
||||
auth_uri = "#{base_uri}/index.php?app=core&module=global§ion=login&do=process"
|
||||
|
||||
request = http_client.request_cgi(
|
||||
'uri' => auth_uri,
|
||||
|
@ -54,7 +60,7 @@ module Metasploit
|
|||
|
||||
response = http_client.send_recv(request)
|
||||
|
||||
if response && response.code == 200 && response.get_cookies.include?('ipsconnect') && response.get_cookies.include?('coppa')
|
||||
if response && response.get_cookies.include?('ipsconnect') && response.get_cookies.include?('coppa')
|
||||
result_opts.merge!(status: Metasploit::Model::Login::Status::SUCCESSFUL, proof: response)
|
||||
else
|
||||
result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: response)
|
||||
|
|
|
@ -66,7 +66,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
invalidate_login(credential_data)
|
||||
:abort
|
||||
when Metasploit::Model::Login::Status::INCORRECT
|
||||
print_brute :level => :verror, :ip => ip, :msg => "Failed: '#{result.credential}' #{result.proof}"
|
||||
print_brute :level => :verror, :ip => ip, :msg => "Failed: '#{result.credential}'"
|
||||
invalidate_login(credential_data)
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue