infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change HAVE_POPEN to USE_POPEN 

PS target doesn't support it, so the option should be renamed.
bug/bundler_fix
William Vu 2016-10-14 11:58:39 -05:00
parent 5b46e72aea
commit 1da40b5deb
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
modules/exploits/unix/fileformat/imagemagick_delegate.rb
View File

@ -25,8 +25,8 @@ class MetasploitModule < Msf::Exploit
(discovered by taviso) to achieve RCE in the Ghostscript delegate. (discovered by taviso) to achieve RCE in the Ghostscript delegate.
Ghostscript versions 9.18 and later are affected. Ghostscript versions 9.18 and later are affected.
If ImageMagick supports popen(), a |-prefixed command will be used for If USE_POPEN is set to true, a |-prefixed command will be used for the
the exploit. No delegates are involved in this exploitation. exploit. No delegates are involved in this exploitation.
}, },
'Author' => [ 'Author' => [
'stewie', # Vulnerability discovery 'stewie', # Vulnerability discovery
@ -72,7 +72,7 @@ class MetasploitModule < Msf::Exploit
register_options([ register_options([
OptString.new('FILENAME', [true, 'Output file', 'msf.png']), OptString.new('FILENAME', [true, 'Output file', 'msf.png']),
OptBool.new('HAVE_POPEN', [false, 'popen() support', true]) OptBool.new('USE_POPEN', [false, 'Use popen() vector', true])
]) ])
end end
@ -87,7 +87,7 @@ class MetasploitModule < Msf::Exploit
end end
def template def template
if datastore['HAVE_POPEN'] if datastore['USE_POPEN']
t = 'popen' t = 'popen'
else else
t = 'delegate' t = 'delegate'