Land #2941, @todb-r7's release fix-up

rapid7 · Feb 3, 2014 · ab4f62c · ab4f62c
2 parents d5709c5 + 7e2a9a7
commit ab4f62c
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 14 deletions.
diff --git a/modules/auxiliary/gather/drupal_openid_xxe.rb b/modules/auxiliary/gather/drupal_openid_xxe.rb
@@ -17,10 +17,11 @@ def initialize(info = {})
     super(update_info(info,
       'Name'           => 'Drupal OpenID External Entity Injection',
       'Description'    => %q{
-        This module abuses a XML External Entity Injection on the OpenID module
-        from Drupal. The vulnerability exists on the parsing of a malformed XRDS
-        file coming from a malicious OpenID endpoint. This module has been tested
-        successfully in Drupal 7.15 and 7.2 with the OpenID module enabled.
+        This module abuses an XML External Entity Injection
+        vulnerability on the OpenID module from Drupal. The vulnerability exists
+        in the parsing of a malformed XRDS file coming from a malicious OpenID
+        endpoint. This module has been tested successfully on Drupal 7.15 and
+        7.2 with the OpenID module enabled.
       },
       'License'        => MSF_LICENSE,
       'Author'         =>
@@ -102,7 +103,7 @@ def check
     res = send_openid_auth(signature)
 
     unless res
-      vprint_status("Connection timed out")
+      vprint_status("#{peer} - Connection timed out")
       return Exploit::CheckCode::Unknown
     end
 
@@ -157,12 +158,12 @@ def primer
 
   def on_request_uri(cli, request)
     if request.uri =~ /#{@prefix}/
-      vprint_status("Signature found, parsing file...")
+      vprint_status("#{peer} - Signature found, parsing file...")
       @http_loot = parse_loot(request.uri)
       return
     end
 
-    print_status("Sending XRDS...")
+    print_status("#{peer} - Sending XRDS...")
     send_response_html(cli, xrds_file, { 'Content-Type' => 'application/xrds+xml' })
   end
 

diff --git a/modules/exploits/multi/http/struts_dev_mode.rb b/modules/exploits/multi/http/struts_dev_mode.rb
@@ -13,13 +13,13 @@ class Metasploit3 < Msf::Exploit::Remote
 
   def initialize(info = {})
     super(update_info(info,
-      'Name'           => 'Apache Struts Developer Mode OGNL Execution',
+      'Name'           => 'Apache Struts 2 Developer Mode OGNL Execution',
       'Description'    => %q{
         This module exploits a remote command execution vulnerability in Apache
         Struts 2. The problem exists on applications running in developer mode,
         where the DebuggingInterceptor allows evaluation and execution of OGNL
         expressions, which allows remote attackers to execute arbitrary Java
-        code. This module has been tested successfully in Struts 2.3.16, Tomcat
+        code. This module has been tested successfully on Struts 2.3.16, Tomcat
         7 and Ubuntu 10.04.
       },
       'Author'         =>

diff --git a/modules/exploits/multi/http/tomcat_mgr_upload.rb b/modules/exploits/multi/http/tomcat_mgr_upload.rb
@@ -17,7 +17,7 @@ class Metasploit3 < Msf::Exploit::Remote
 
   def initialize(info = {})
     super(update_info(info,
-      'Name'        => 'Apache Tomcat Manager Application Upload Authenticated Code Execution',
+      'Name'        => 'Apache Tomcat Manager Authenticated Upload Code Execution',
       'Description' => %q{
         This module can be used to execute a payload on Apache Tomcat servers that
         have an exposed "manager" application. The payload is uploaded as a WAR archive
@@ -198,7 +198,7 @@ def query_status
     res = send_request_raw('uri' => path)
 
     unless res and res.code == 200
-      vprint_error("Failed: Error requesting #{path}")
+      vprint_error("#{peer} - Failed: Error requesting #{path}")
       return nil
     end
 
@@ -372,7 +372,7 @@ def parse_upload_response(res)
 
     if res.code < 200 or res.code >= 300
       vprint_warning("Warning: The web site asked for authentication: #{res.headers['WWW-Authenticate'] || res.headers['Authentication']}") if res.code == 401
-      vprint_error("Upload failed on #{upload_path} [#{res.code} #{res.message}]")
+      vprint_error("#{peer} - Upload failed on #{upload_path} [#{res.code} #{res.message}]")
       return false
     end
 
@@ -423,4 +423,4 @@ def undeploy_app
     return true
   end
 
-end
+end
diff --git a/modules/exploits/unix/webapp/simple_e_document_upload_exec.rb b/modules/exploits/unix/webapp/simple_e_document_upload_exec.rb
@@ -97,7 +97,7 @@ def upload
     data.add_part(php, 'application/octet-stream', nil, "form-data; name=\"fileupload\"; filename=\"#{@fname}\"")
     post_data = data.to_s.gsub(/^\r\n--_Part_/, '--_Part_')
 
-    print_status("#{peer} - Uploading malicious file...")
+    print_status("#{peer} - Uploading PHP payload...")
     res = send_request_cgi({
       'method'   => 'POST',
       'uri'      => normalize_uri(target_uri.path, 'upload.php'),

diff --git a/modules/exploits/unix/webapp/skybluecanvas_exec.rb b/modules/exploits/unix/webapp/skybluecanvas_exec.rb
@@ -76,6 +76,8 @@ def check
   def exploit
     uri = normalize_uri(target_uri.path.to_s, "index.php")
 
+    vprint_status("#{peer} - Sending request to #{uri}.")
+
     send_request_cgi({
       'method'  => 'POST',
       'uri'     => uri,