Skip to content

Commit d90f874

Browse files
committed
Fix merge
1 parent 7d2a2a8 commit d90f874

File tree

2 files changed

+5
-3
lines changed

2 files changed

+5
-3
lines changed

data/php/hop.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ function findSendDelete($tempdir, $prefix, $one=true){
3333
if(array_key_exists('HTTP_X_INIT', $_SERVER)){
3434
$f = fopen($tempdir."/init", "w"); //only one init file
3535
}else{
36-
$prefix = "down_" . bin2hex($_SERVER['HTTP_X_URLFRAG']);
36+
$prefix = "down_" . sha1($_SERVER['HTTP_X_URLFRAG']);
3737
$f = fopen(tempnam($tempdir,$prefix), "w");
3838
}
3939
fwrite($f, $postdata);
@@ -46,8 +46,8 @@ function findSendDelete($tempdir, $prefix, $one=true){
4646
$postdata = file_get_contents("php://input");
4747
//See if we should send anything down
4848
if($postdata === "RECV\x00"){
49-
findSendDelete($tempdir, "down_" . bin2hex($url));
50-
$fname = $tempdir . "/up_recv_" . bin2hex($url); //Only keep one RECV poll
49+
findSendDelete($tempdir, "down_" . sha1($url));
50+
$fname = $tempdir . "/up_recv_" . sha1($url); //Only keep one RECV poll
5151
}else{
5252
$fname = tempnam($tempdir, "up_"); //actual data gets its own filename
5353
}

lib/msf/core/handler/reverse_hop_http.rb

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ module Handler
1717
module ReverseHopHttp
1818

1919
include Msf::Handler::ReverseHttp
20+
include Msf::Payload::UUIDOptions
2021

2122
#
2223
# Magic bytes to know we are talking to a valid hop
@@ -256,6 +257,7 @@ def send_new_stage(uri)
256257
# generate a new connect
257258
sum = uri_checksum_lookup(:connect)
258259
conn_id = generate_uri_uuid(sum, uuid)
260+
conn_id = conn_id[1..-1] if conn_id.start_with? '/'
259261
url = full_uri + conn_id + "/\x00"
260262

261263
print_status("Preparing stage for next session #{conn_id}")

0 commit comments

Comments
 (0)