Skip to content

Commit

Permalink
Use Gem::Version for string versions comparison
Browse files Browse the repository at this point in the history
  • Loading branch information
@jvazquez-r7
jvazquez-r7 committed Jun 20, 2014
1 parent 8d111ca commit a081bea
Showing 1 changed file with 4 additions and 26 deletions.
30 changes: 4 additions & 26 deletions modules/exploits/windows/local/ms14_009_ie_dfsvc.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,11 +83,11 @@ def check

mscorlib_version = get_mscorlib_version

if valid_mscorlib_version?(net_version, mscorlib_version)
return Exploit::CheckCode::Vulnerable
if Gem::Version.new(mscorlib_version) >= Gem::Version.new(NET_VERSIONS[net_version]["mscorlib"])
return Exploit::CheckCode::Safe
end

Exploit::CheckCode::Safe
Exploit::CheckCode::Vulnerable
end

def get_net_version
Expand Down Expand Up @@ -144,7 +144,7 @@ def exploit

mscorlib_version = get_mscorlib_version

unless valid_mscorlib_version?(net_version, mscorlib_version)
if Gem::Version.new(mscorlib_version) >= Gem::Version.new(NET_VERSIONS[net_version]["mscorlib"])
fail_with(Failure::NotVulnerable, ".NET Installation not vulnerable")
end

Expand All @@ -166,28 +166,6 @@ def exploit
)
end

def valid_mscorlib_version?(net_version, mscorlib_version)
valid = false

mscorlib = mscorlib_version.split(".")
mscorlib.reverse!

max_version = NET_VERSIONS[net_version]["mscorlib"].split(".")
max_version.reverse!

i = 0
mscorlib.each do |v|
if v.to_i < max_version[i].to_i
valid = true
elsif v.to_i > max_version[i].to_i
valid = false
end
i = i + 1
end

valid
end

def cleanup
session.railgun.kernel32.SetEnvironmentVariableA("PSHCMD", nil)
super
Expand Down

0 comments on commit a081bea

Please sign in to comment.