Update magicinfo_traversal.rb

h4x-x0r · h4x-x0r · commit bd181f8a13e9 · 2025-05-15T22:11:23.000+01:00
diff --git a/modules/exploits/windows/http/magicinfo_traversal.rb b/modules/exploits/windows/http/magicinfo_traversal.rb
@@ -21,9 +21,9 @@ def initialize(info = {})
           'SSD Secure Disclosure' # Discovery and PoC
         ],
         'References' => [
-          [ 'URL', 'https://ssd-disclosure.com/ssd-advisory-samsung-magicinfo-unauthenticated-rce/'],
-          [ 'URL', 'https://security.samsungtv.com/securityUpdates'],
-          [ 'CVE', '2024-7399'] # SVE-2024-50018
+          ['URL', 'https://ssd-disclosure.com/ssd-advisory-samsung-magicinfo-unauthenticated-rce/'],
+          ['URL', 'https://security.samsungtv.com/securityUpdates'],
+          ['CVE', '2024-7399'] # SVE-2024-50018
         ],
         'DisclosureDate' => '2025-04-30',
         'DefaultOptions' => {
@@ -41,6 +41,7 @@ def initialize(info = {})
           ]
         ],
         'DefaultTarget' => 0,
+        'Privileged' => true,
         'Notes' => {
           'Stability' => [CRASH_SAFE],
           'Reliability' => [REPEATABLE_SESSION],
@@ -67,7 +68,7 @@ def check
 
     js_object = res.body.to_s[/window\.globalConfig = (\{.+\})/m, 1]
 
-    fail_with(Failure::UnexpectedReply, 'Could not extract globalConfig object from response.') unless js_object
+    return CheckCode::Safe('Could not extract globalConfig object from response.') unless js_object
 
     json_b = js_object.gsub(/'/, '"') # replace ' with " so that we can use JSON.parse on the response body
     data = JSON.parse(json_b)
