Module: Msf::Exploit::Remote::HTTP::Webmin::Login
- Included in:
- Msf::Exploit::Remote::HTTP::Webmin
- Defined in:
- lib/msf/core/exploit/remote/http/webmin/login.rb
Instance Method Summary collapse
-
#webmin_login(user, pass) ⇒ String?
performs a webmin login.
Instance Method Details
#webmin_login(user, pass) ⇒ String?
performs a webmin login
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# File 'lib/msf/core/exploit/remote/http/webmin/login.rb', line 9 def webmin_login(user, pass) print_status('Attempting to authenticate with Webmin') res = send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(datastore['TARGETURI'], 'session_login.cgi'), 'cookie' => 'testing=1', # it must be used for "Error - No cookies" 'keep_cookies' => true, 'vars_post' => { 'page' => '', 'user' => user, 'pass' => pass } }) if res && res.code == 302 && res. =~ /sid=(\w+)/ print_good("Authentication successful") return ::Regexp.last_match(1) end return nil unless res res end |