dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix AMT scanner for mangled HTML (no </p>) 

Also stores proof using the correct :info for report_vuln (not :proof).
This commit is contained in:
William Vu 2017-06-14 16:53:01 -05:00
parent c1372456e2
commit 549f9e74d8
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/auxiliary/scanner/http/intel_amt_digest_bypass.rb
View File

@ -76,7 +76,7 @@ class MetasploitModule < Msf::Auxiliary
proof = res.body.to_s
proof_hash = nil
info_keys = res.body.scan(/<td class=r1><p>([^\<]+)<\/p>/).map{|x| x.first.to_s.gsub("&#x2F;", "/") }
info_keys = res.body.scan(/<td class=r1><p>([^\<]+)(?:<\/p>)?/).map{|x| x.first.to_s.gsub("&#x2F;", "/") }
if info_keys.length > 0
proof_hash = {}
proof = ""
@ -106,7 +106,7 @@ class MetasploitModule < Msf::Auxiliary
:proto => 'tcp',
:name => "Intel AMT Digest Authentication Bypass",
:refs => self.references,
:proof => proof
:info => proof
})
rescue ::Timeout::Error, ::Errno::EPIPE