Bug #2348
Incorrect URI string in efs_easychatserver_username.rb
| Status: | Closed | Start date: | 08/06/2010 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | Mario Ceballos | % Done: | 0% |
|
| Category: | modules - exploits | |||
| Target version: | - | |||
| Resolution: | Release Note: |
Description
Changed uri variable in modules/exploits/windows/http/efs_easychatserver_username.rb from:
uri = "/chat.ghp?username=#{juju}&password=#{val}&room=2&#{val}=#{num}"
to:
uri = "/chat.ghp?username=#{juju}&password=#{val}&room=2&#sex=#{num}"
"sex" is a parameter passed to the server and apparently can't be random. It worked for the windows/shell_reverse_tcp and windows/meterpreter/reverse_tcp payloads. Easy Chat was installed on Windows XP SP2.
Thanks,
Brennon
History
Updated by Mario Ceballos over 1 year ago
- Assignee changed from Joshua J. Drake to Mario Ceballos
- Resolution set to fixed
updated with Brennon's fix.
Updated by HD Moore over 1 year ago
- Status changed from New to Resolved
- Resolution deleted (
fixed)
Updated by Jonathan Cran about 1 year ago
- Status changed from Resolved to Closed