Update gitea git hooks rce check method

rapid7 · Sep 30, 2021 · 3283d4f · 3283d4f
1 parent 6c4d948
commit 3283d4f
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/modules/exploits/multi/http/gitea_git_hooks_rce.rb b/modules/exploits/multi/http/gitea_git_hooks_rce.rb
@@ -131,8 +131,12 @@ def check
     end
 
     # Powered by Gitea Version: 1.12.5
-    unless (match = res.body.match(/Powered by Gitea Version: (?<version>[\d.]+)/))
-      return CheckCode::Unsupported('Target does not appear to be running Gitea.')
+    unless (match = res.body.match(/Gitea Version: (?<version>[\da-zA-Z.]+)/))
+      return CheckCode::Unknown('Target does not appear to be running Gitea.')
+    end
+
+    if match[:version].match /[a-zA-Z]/
+      return CheckCode::Unknown("Unknown Gitea version #{match[:version]}.")
     end
 
     if Rex::Version.new(match[:version]) >= Rex::Version.new('1.13.0')