2014-07-17 22:56:32 +00:00
|
|
|
# -*- coding: binary -*-
|
|
|
|
|
|
|
|
# This module provides a way of interacting with JBoss installations
|
|
|
|
module Msf
|
|
|
|
module HTTP
|
|
|
|
module JBoss
|
2014-07-18 09:51:46 +00:00
|
|
|
require 'msf/http/jboss/base'
|
2014-08-01 19:28:26 +00:00
|
|
|
require 'msf/http/jboss/bean_shell_scripts'
|
|
|
|
require 'msf/http/jboss/bean_shell'
|
2014-07-17 22:56:32 +00:00
|
|
|
|
2014-07-21 21:41:58 +00:00
|
|
|
include Msf::Exploit::Remote::HttpClient
|
2014-07-18 09:51:46 +00:00
|
|
|
include Msf::HTTP::JBoss::Base
|
2014-08-01 19:28:26 +00:00
|
|
|
include Msf::HTTP::JBoss::BeanShellScripts
|
|
|
|
include Msf::HTTP::JBoss::BeanShell
|
2014-07-17 22:56:32 +00:00
|
|
|
|
2014-07-21 21:41:58 +00:00
|
|
|
def initialize(info = {})
|
2014-07-17 22:56:32 +00:00
|
|
|
super
|
2014-08-01 19:28:26 +00:00
|
|
|
|
2014-07-21 21:41:58 +00:00
|
|
|
register_options(
|
|
|
|
[
|
2014-08-01 19:28:26 +00:00
|
|
|
OptString.new('TARGETURI', [true, 'The URI path of the JMX console', '/jmx-console']),
|
|
|
|
OptEnum.new('VERB', [true, 'HTTP Method to use (for CVE-2010-0738)', 'POST', ['GET', 'POST', 'HEAD']]),
|
|
|
|
OptString.new('PACKAGE', [false, 'The package containing the BSHDeployer service'])
|
2014-07-21 21:41:58 +00:00
|
|
|
], self.class)
|
2014-07-17 22:56:32 +00:00
|
|
|
end
|
2014-08-01 19:28:26 +00:00
|
|
|
|
2014-07-17 22:56:32 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|