Don't allow 127.0.0.1 as SRVHOST

jvazquez-r7 · jvazquez-r7 · commit 40bf44bd0536 · 2014-10-31T08:19:15.000-05:00
diff --git a/modules/exploits/freebsd/misc/citrix_netscaler_soap_bof.rb b/modules/exploits/freebsd/misc/citrix_netscaler_soap_bof.rb
@@ -88,8 +88,8 @@ def check
   end
 
   def exploit
-    if datastore['SRVHOST'] == '0.0.0.0'
-      fail_with(Failure::BadConfig, 'Don\'t use 0.0.0.0 as SRVHOST, use an address on the local machine reachable by the target')
+    if ['0.0.0.0', '127.0.0.1'].include?(datastore['SRVHOST'])
+      fail_with(Failure::BadConfig, 'Bad SRVHOST, use an address on the local machine reachable by the target')
     end
 
     if check != Exploit::CheckCode::Detected
