Skip to content

Commit daba480

Browse files
author
jvazquez-r7
committed
fix DEPTH description and basename
1 parent 54120a2 commit daba480

File tree

1 file changed

+6
-2
lines changed

1 file changed

+6
-2
lines changed

modules/auxiliary/scanner/http/hp_imc_reportimgservlt_traversal.rb

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ def initialize(info = {})
4343
OptString.new('TARGETURI', [true, 'Path to HP Intelligent Management Center', '/imc']),
4444
OptString.new('FILEPATH', [true, 'The name of the file to download', '/boot.ini']),
4545
# By default files downloaded from C:\Program Files\iMC\client\bin\
46-
OptInt.new('DEPTH', [true, 'Traversal depth if absolute is set to false', 4])
46+
OptInt.new('DEPTH', [true, 'Traversal depth', 4])
4747
], self.class)
4848
end
4949

@@ -60,6 +60,10 @@ def is_imc?
6060
end
6161
end
6262

63+
def my_basename(filename)
64+
return ::File.basename(filename.gsub(/\\/, "/"))
65+
end
66+
6367
def run_host(ip)
6468

6569
if not is_imc?
@@ -83,7 +87,7 @@ def run_host(ip)
8387

8488
if res and res.code == 200 and res.headers['Content-Type'] and res.headers['Content-Type'] == "image/png"
8589
contents = res.body
86-
fname = File.basename(datastore['FILEPATH'])
90+
fname = my_basename(datastore['FILEPATH'])
8791
path = store_loot(
8892
'hp.imc.faultdownloadservlet',
8993
'application/octet-stream',

0 commit comments

Comments
 (0)