dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Land #9931, minor fixes for #9876 (Drupalgeddon 2)

This commit is contained in:
William Vu 2018-04-25 18:14:12 -05:00
parent eb79bc47f0 873cbcee27
commit fdc11ac607
No known key found for this signature in database
GPG Key ID: 68BD00CE25866743
1 changed files with 0 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/exploits/unix/webapp/drupal_drupalgeddon2.rb
View File

@ -19,8 +19,6 @@ class MetasploitModule < Msf::Exploit::Remote
This module exploits a Drupal property injection in the Forms API.
Drupal 6.x, < 7.58, 8.2.x, < 8.3.9, < 8.4.6, and < 8.5.1 are vulnerable.
Tested on 7.57 and 8.4.5.
},
'Author' => [
'Jasper Mattsson', # Vulnerability discovery
@ -201,16 +199,6 @@ class MetasploitModule < Msf::Exploit::Remote
end
end
# XXX: Ivars are being preserved
def cleanup
begin
remove_instance_variable(:@version)
rescue NameError
end
super
end
def dropper_assert
php_file = Pathname.new(
"#{datastore['WritableDir']}/#{random_crap}.php"