Update modules/exploits/multi/http/wingftp_null_byte_rce.rb

Chocapikk · msutovsky-r7 · web-flow · commit d79810a7e39e · 2025-07-03T13:54:11.000+02:00
Co-authored-by: msutovsky-r7 &lt;martin_sutovsky@rapid7.com&gt;
diff --git a/modules/exploits/multi/http/wingftp_null_byte_rce.rb b/modules/exploits/multi/http/wingftp_null_byte_rce.rb
@@ -133,7 +133,7 @@ def exploit
     )
     fail_with(Failure::UnexpectedReply, 'Injection failed') unless res&.code == 200
 
-    uid = res.get_cookies.to_s[/UID=[^;]+/]
+    uid = res.get_cookies_parsed.fetch('UID', nil)
     fail_with(Failure::UnexpectedReply, 'UID cookie not returned') unless uid
     print_good("Received UID: #{uid}, injection succeeded")
 

Original file line number	Diff line number	Diff line change
`@@ -133,7 +133,7 @@ def exploit`
`133`	`133`	`)`
`134`	`134`	`fail_with(Failure::UnexpectedReply, 'Injection failed') unless res&.code == 200`
`135`	`135`
`136`		`- uid = res.get_cookies.to_s[/UID=[^;]+/]`
	`136`	`+ uid = res.get_cookies_parsed.fetch('UID', nil)`
`137`	`137`	`fail_with(Failure::UnexpectedReply, 'UID cookie not returned') unless uid`
`138`	`138`	`print_good("Received UID: #{uid}, injection succeeded")`
`139`	`139`