Modify check

wchen-r7 · wchen-r7 · commit 0d9ebe13a1cb · 2015-10-26T15:25:38.000-05:00
diff --git a/modules/exploits/multi/http/mma_backdoor_upload.rb b/modules/exploits/multi/http/mma_backdoor_upload.rb
@@ -4,6 +4,7 @@
 ##
 
 require 'msf/core'
+require 'nokogiri'
 
 class Metasploit3 < Msf::Exploit::Remote
   Rank = ExcellentRanking
@@ -49,17 +50,27 @@ def initialize(info={})
       ],self.class) # sometimes it is under host/images/mma.php so you may want to set this one
   end
 
+  def has_input_name?(nodes, name)
+    nodes.select { |e| e.attributes['name'].value == name }.empty? ? false : true
+  end
+
   def check
     uri = normalize_uri(target_uri.path)
     res = send_request_cgi({
       'method' => 'GET',
       'uri'    => uri
     })
 
-    if res && res.body =~ /_upl/
-      return Exploit::CheckCode::Appears
+    if res
+      n = ::Nokogiri::HTML(res.body)
+      form = n.at('form[@id="uploader"]')
+      inputs = form.search('input')
+      if has_input_name?(inputs, 'file') && has_input_name?(inputs, '_upl')
+        return Exploit::CheckCode::Appears
+      end
     end
-    return Exploit::CheckCode::Safe
+
+    Exploit::CheckCode::Safe
   end
 
   def exploit
