Module: Msf::Exploit::Remote::HTTP::Smartermail

Defined in:
lib/msf/core/exploit/remote/http/smartermail.rb

Instance Method Summary collapse

Instance Method Details

#check_version(patched_version, low_bound = 0) ⇒ Object 



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/msf/core/exploit/remote/http/smartermail.rb', line 8

def check_version(patched_version, low_bound = 0)
  print_status('Checking target web server for a response...')
  res = send_request_cgi!({
                            'method' => 'GET',
                            'uri' => normalize_uri(target_uri.path)
                          })

  if res
    body = res.body
  else
    return CheckCode::Unknown('Target did not respond to check request.')
  end

  unless res.code == 200 && body.downcase.include?('smartermail')
    return CheckCode::Unknown('Target is not running SmarterMail.')
  end

  print_good('Target is running SmarterMail.')

  print_status('Checking SmarterMail product version...')
  product_version = body.match('stProductVersion.*')
  version_number = product_version.to_s.split('"')[1] if product_version

  unless product_version
    return CheckCode::Detected('SmarterMail product version cannot be determined.')
  end

  print_good("Target is running SmarterMail Version #{version_number}.")

  if Rex::Version.new(version_number) < Rex::Version.new(patched_version) && Rex::Version.new(version_number) >= Rex::Version.new(low_bound)
    return CheckCode::Appears('SmarterMail version is vulnerable.')
  end

  return CheckCode::Safe('SmarterMail version is patched or not vulnerable.')

end