From dca4f3f471eae2f4cfad03d9b9c74fce2b752b0b Mon Sep 17 00:00:00 2001
From: Yann Castel <yann.castel@orange.com>
Date: Thu, 17 Jun 2021 15:19:42 +0200
Subject: [PATCH] fix download link

---
 .../exploit/linux/http/rconfig_authenticated_rce.md    |  2 +-
 .../exploits/linux/http/rconfig_authenticated_rce.rb   | 10 +++++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/documentation/modules/exploit/linux/http/rconfig_authenticated_rce.md b/documentation/modules/exploit/linux/http/rconfig_authenticated_rce.md
index 2bcfa063e5..97dd76bdeb 100644
--- a/documentation/modules/exploit/linux/http/rconfig_authenticated_rce.md
+++ b/documentation/modules/exploit/linux/http/rconfig_authenticated_rce.md
@@ -8,7 +8,7 @@ triggered by a call to `images/vendor/<payload_file>.php`
 
 ### Installation
 
-Vulnerable versions of rConfig can be downloaded from [here](https://www.cacti.net/downloads/). Then,
+Vulnerable versions of rConfig can be downloaded from [here](https://www.rconfig.com/download/). Then,
 help yourself with [this](https://help.rconfig.com/gettingstarted/installation) installation guide.
 You can also use this [docker file](https://hub.docker.com/r/libyerman/rconfig)
 (as long as it is not updated and remains a 3.9.6 version of rConfig)
diff --git a/modules/exploits/linux/http/rconfig_authenticated_rce.rb b/modules/exploits/linux/http/rconfig_authenticated_rce.rb
index ea397107c4..9396307d08 100644
--- a/modules/exploits/linux/http/rconfig_authenticated_rce.rb
+++ b/modules/exploits/linux/http/rconfig_authenticated_rce.rb
@@ -45,13 +45,17 @@ class MetasploitModule < Msf::Exploit::Remote
             'Stability' => [ CRASH_SAFE ],
             'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS ],
             'Reliability' => [ REPEATABLE_SESSION ]
-          }
+          },
+        'DefaultOptions' => {
+          'SSL' => true,
+          'RPORT' => 443
+        }
       )
     )
 
     register_options [
-      OptString.new('USERNAME', [true, 'Username of the admin account', nil]),
-      OptString.new('PASSWORD', [true, 'Password of the admin account', nil]),
+      OptString.new('USERNAME', [true, 'Username of the admin account', 'admin']),
+      OptString.new('PASSWORD', [true, 'Password of the admin account', 'admin']),
       OptString.new('TARGETURI', [true, 'The base path of the rConfig server', '/'])
     ]
   end