garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix Timthumb RCE detection for version 2.0 (which was excluded)

Browse Source
This commit is contained in:
erwanlr
2014-07-02 12:17:14 +02:00
parent 605e9cfe6d
commit d9b86f9922
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/common/models/wp_timthumb/vulnerable.rb
View File

@@ -18,9 +18,9 @@ class WpTimthumb < WpItem
return rce_132_vuln unless VersionCompare.is_newer_or_same?('1.33', version) return rce_132_vuln unless VersionCompare.is_newer_or_same?('1.33', version)
end end
# Vulnerable versions : >= 2.0 and < 2.8.14 # Vulnerable versions : > 1.35 (or >= 2.0) and < 2.8.14
def check_rce_webshot def check_rce_webshot
return if VersionCompare.is_newer_or_same?('2.8.14', version) || VersionCompare.is_newer_or_same?(version, '2.0') return if VersionCompare.is_newer_or_same?('2.8.14', version) || VersionCompare.is_newer_or_same?(version, '1.35')
response = Browser.get(uri.merge('?webshot=1&src=http://' + default_allowed_domains.sample)) response = Browser.get(uri.merge('?webshot=1&src=http://' + default_allowed_domains.sample))