Minor update to comments for clarity
This commit is contained in:
Grant Willcox
@@ -70,7 +70,8 @@ module Msf::Exploit::Remote::HTTP::ManageEngineAdauditPlus::Login
|
||||
}
|
||||
end
|
||||
|
||||
# check if we have a new adapcsrf cookie with the expected format, which is different from the initial adapcsrf cookie format
|
||||
# check if we have a new adapcsrf cookie with the expected format, which is different
|
||||
# from the initial adapcsrf cookie format that we got before visiting the adaudit_plus_jump_to_js_uri URI.
|
||||
unless res_extra_cookies.code == 200 && res_extra_cookies.headers.include?('Set-Cookie') && res_extra_cookies.get_cookies =~ /adapcsrf=[a-f0-9]{128}/
|
||||
return {
|
||||
'status' => adaudit_plus_status::UNEXPECTED_REPLY,
|
||||
|
||||
Reference in New Issue
Block a user