From a081beacc22bd175ea12bf971fd9cd10e6e955e4 Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Fri, 20 Jun 2014 09:44:29 -0500 Subject: [PATCH] Use Gem::Version for string versions comparison --- .../windows/local/ms14_009_ie_dfsvc.rb | 30 +++---------------- 1 file changed, 4 insertions(+), 26 deletions(-) diff --git a/modules/exploits/windows/local/ms14_009_ie_dfsvc.rb b/modules/exploits/windows/local/ms14_009_ie_dfsvc.rb index 3c643ef678c4..0709852f0bee 100644 --- a/modules/exploits/windows/local/ms14_009_ie_dfsvc.rb +++ b/modules/exploits/windows/local/ms14_009_ie_dfsvc.rb @@ -83,11 +83,11 @@ def check mscorlib_version = get_mscorlib_version - if valid_mscorlib_version?(net_version, mscorlib_version) - return Exploit::CheckCode::Vulnerable + if Gem::Version.new(mscorlib_version) >= Gem::Version.new(NET_VERSIONS[net_version]["mscorlib"]) + return Exploit::CheckCode::Safe end - Exploit::CheckCode::Safe + Exploit::CheckCode::Vulnerable end def get_net_version @@ -144,7 +144,7 @@ def exploit mscorlib_version = get_mscorlib_version - unless valid_mscorlib_version?(net_version, mscorlib_version) + if Gem::Version.new(mscorlib_version) >= Gem::Version.new(NET_VERSIONS[net_version]["mscorlib"]) fail_with(Failure::NotVulnerable, ".NET Installation not vulnerable") end @@ -166,28 +166,6 @@ def exploit ) end - def valid_mscorlib_version?(net_version, mscorlib_version) - valid = false - - mscorlib = mscorlib_version.split(".") - mscorlib.reverse! - - max_version = NET_VERSIONS[net_version]["mscorlib"].split(".") - max_version.reverse! - - i = 0 - mscorlib.each do |v| - if v.to_i < max_version[i].to_i - valid = true - elsif v.to_i > max_version[i].to_i - valid = false - end - i = i + 1 - end - - valid - end - def cleanup session.railgun.kernel32.SetEnvironmentVariableA("PSHCMD", nil) super