infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change HAVE_POPEN to USE_POPEN 

PS target doesn't support it, so the option should be renamed.
bug/bundler_fix
William Vu 2016-10-14 11:58:39 -05:00
parent 5b46e72aea
commit 1da40b5deb
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
modules/exploits/unix/fileformat/imagemagick_delegate.rb
View File

@ -25,8 +25,8 @@ class MetasploitModule < Msf::Exploit
(discovered by taviso) to achieve RCE in the Ghostscript delegate.
Ghostscript versions 9.18 and later are affected.
If ImageMagick supports popen(), a |-prefixed command will be used for
the exploit. No delegates are involved in this exploitation.
If USE_POPEN is set to true, a |-prefixed command will be used for the
exploit. No delegates are involved in this exploitation.
},
'Author' => [
'stewie', # Vulnerability discovery
@ -72,7 +72,7 @@ class MetasploitModule < Msf::Exploit
register_options([
OptString.new('FILENAME', [true, 'Output file', 'msf.png']),
OptBool.new('HAVE_POPEN', [false, 'popen() support', true])
OptBool.new('USE_POPEN', [false, 'Use popen() vector', true])
])
end
@ -87,7 +87,7 @@ class MetasploitModule < Msf::Exploit
end
def template
if datastore['HAVE_POPEN']
if datastore['USE_POPEN']
t = 'popen'
else
t = 'delegate'