1
mirror of https://github.com/rapid7/metasploit-framework synced 2024-11-05 14:57:30 +01:00
This commit is contained in:
Brandon Perry 2014-10-16 10:36:37 -07:00
commit 9bab77ece6

View File

@ -28,7 +28,9 @@ class Metasploit3 < Msf::Exploit::Remote
],
'References' =>
[
['CVE', '2014-3704']
['CVE', '2014-3704'],
['URL', 'https://www.drupal.org/SA-CORE-2014-005'],
['URL', 'http://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html']
],
'Privileged' => false,
'Platform' => ['php'],
@ -112,7 +114,6 @@ class Metasploit3 < Msf::Exploit::Remote
def exploit
# TODO: Password hashing function
# TODO: Check returns from regex matches, fail if nil
# TODO: Check if option admin_role exists via admin/people/permissions/roles
# call login page to extract tokens
@ -201,7 +202,6 @@ class Metasploit3 < Msf::Exploit::Remote
enabled_module_regex = /name="(.+)" value="1" checked="checked" class="form-checkbox"/
enabled_matches = res.body.to_enum(:scan, enabled_module_regex).map { Regexp.last_match }
unless enabled_matches
fail_with(Failure::Unknown, "No modules enabled is incorrect, bailing.")
end
@ -338,4 +338,3 @@ class Metasploit3 < Msf::Exploit::Remote
)
end
end