Fix for exploitation/exploit_jboss

2015-11-21 18:07:57 -05:00 · 2015-11-21 18:07:57 -05:00 · 2c14853b29
parent b31d69745e
commit 2c14853b29
3 changed files with 28 additions and 8 deletions
--- a/5
+++ b/5
@ -1,3 +1,8 @@
+11/21/2015
+----------
+-Merge of exploitation/exploit_jboss, bug fix
+-Fix in case module returns None
+
 11/8/2015
 ---------
 -All PowerUp modules now dynamically built from a single source file
--- a/lib/common/empire.py
+++ b/lib/common/empire.py
@ -9,7 +9,7 @@ menu loops.
 """

 # make version for Empire
-VERSION = "1.3.3"
+VERSION = "1.3.4"


 from pydispatch import dispatcher
@ -2382,14 +2382,14 @@ class ModuleMenu(cmd.Cmd):
        agentName = self.module.options['Agent']['Value']
        moduleData = self.module.generate()

-        # strip all comments from the module
-        moduleData = helpers.strip_powershell_comments(moduleData)
-
        if not moduleData or moduleData == "":
            print helpers.color("[!] Error: module produced an empty script")
            dispatcher.send("[!] Error: module produced an empty script", sender="Empire")
            return

+        # strip all comments from the module
+        moduleData = helpers.strip_powershell_comments(moduleData)
+
        taskCommand = ""

        # build the appropriate task command and module data blob
--- a/lib/modules/exploitation/exploit_jboss.py
+++ b/lib/modules/exploitation/exploit_jboss.py
@ -6,11 +6,11 @@ class Module:
    def __init__(self, mainMenu, params=[]):

        self.info = {
-            'Name': 'JBossed',
+            'Name': 'Exploit-JBoss',

            'Author': ['@424f424f'],

-            'Description': ("Exploit vulnerable JBoss Services"),
+            'Description': ("Exploit vulnerable JBoss Services."),

            'Background' : True,

@ -61,8 +61,8 @@ class Module:
                'Required'      :   True,
                'Value'         :   ''
            },
-            'WARFile' : {
-                'Description'   :   'Remote URL to your own WARFile to deploy.',
+            'WarFile' : {
+                'Description'   :   'Remote URL [http://IP:PORT/f.war] to your own WarFile to deploy.',
                'Required'      :   True,
                'Value'         :   ''
            }
@ -92,3 +92,18 @@ class Module:

        moduleCode = f.read()
        f.close()
+
+        script = moduleCode
+
+        script += "\nExploit-JBoss"
+
+        for option,values in self.options.iteritems():
+            if option.lower() != "agent" and option.lower() != "showall":
+                if values['Value'] and values['Value'] != '':
+                    if values['Value'].lower() == "true":
+                        # if we're just adding a switch
+                        script += " -" + str(option)
+                    else:
+                        script += " -" + str(option) + " " + str(values['Value']) 
+
+        return script