Land rapid7#19176, Add missing Arch parameter

smcintyre-r7 · smcintyre-r7 · commit 08575d08952e · 2024-06-18T17:07:08.000-04:00
Adding Arch parameter to dnn_cookie_deserialization_rce module
diff --git a/modules/exploits/windows/http/dnn_cookie_deserialization_rce.rb b/modules/exploits/windows/http/dnn_cookie_deserialization_rce.rb
@@ -59,6 +59,7 @@ def initialize(info = {})
           [ 'URL', 'https://github.com/pwntester/ysoserial.net']
         ],
         'Platform' => 'win',
+        'Arch' => [ARCH_X86, ARCH_X64],
         'Targets' => [
           [ 'Automatic', { 'auto' => true } ],
           [ 'v5.0 - v9.0.0', { 'ReqEncrypt' => false, 'ReqSession' => false } ],
@@ -227,11 +228,11 @@ def exploit
 
     if @encrypted
       # Requires either supplied key and IV, or verification code and plaintext
-      if (!key.blank? && !iv.blank?)
+      if !key.blank? && !iv.blank?
         @passphrase = key + iv
         # Key and IV were supplied, don't try and decrypt.
         @try_decrypt = false
-      elsif (!@verification_codes.empty? && !@kpt.blank?)
+      elsif !@verification_codes.empty? && !@kpt.blank?
         @try_decrypt = true
       else
         fail_with(Failure::BadConfig, 'You must provide either (VERIFICATION_CODE and VERIFICATION_PLAIN) or (KEY and IV).')
