Updates to better OWA fix
This commit is contained in:
parent
714fd0bec6
commit
5fb268bbdf
|
@ -221,7 +221,7 @@ class Metasploit3 < Msf::Auxiliary
|
|||
cookies = res.get_cookies
|
||||
cookie_header = 'PBack=0'
|
||||
%w(sessionid cadata).each do |necessary_cookie|
|
||||
if cookies =~ /#{necessary_cookie}=([^;]+)/
|
||||
if cookies =~ /#{necessary_cookie}=([^;]*)/
|
||||
cookie_header << "; #{Regexp.last_match(1)}"
|
||||
else
|
||||
print_error("#{msg} Missing #{necessary_cookie} cookie. This is not OWA 2010, aborting")
|
||||
|
@ -247,11 +247,6 @@ class Metasploit3 < Msf::Auxiliary
|
|||
return :abort
|
||||
end
|
||||
|
||||
if res.redirect?
|
||||
vprint_error("#{msg} FAILED LOGIN. '#{user}' : '#{pass}' (response was a #{res.code} redirect)")
|
||||
return :skip_pass
|
||||
end
|
||||
|
||||
if res.body =~ login_check
|
||||
print_good("#{msg} SUCCESSFUL LOGIN. '#{user}' : '#{pass}'")
|
||||
|
||||
|
@ -266,6 +261,12 @@ class Metasploit3 < Msf::Auxiliary
|
|||
|
||||
report_auth_info(report_hash)
|
||||
return :next_user
|
||||
|
||||
if res.redirect?
|
||||
vprint_error("#{msg} FAILED LOGIN. '#{user}' : '#{pass}' (response was a #{res.code} redirect)")
|
||||
return :skip_pass
|
||||
end
|
||||
|
||||
else
|
||||
vprint_error("#{msg} FAILED LOGIN. '#{user}' : '#{pass}' (response body did not match)")
|
||||
return :skip_pass
|
||||
|
|
Loading…
Reference in New Issue