From 51f3f59d2f0e6214ed96593df0fc1eca6b1a21b5 Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Fri, 11 Jan 2013 00:54:53 +0100 Subject: [PATCH 1/2] cve and references available --- data/exploits/{j7u10_jmx => cve-2013-0422}/B.class | Bin .../{j7u10_jmx => cve-2013-0422}/Exploit.class | Bin .../exploits/{j7u10_jmx => cve-2013-0422}/B.java | 0 .../{j7u10_jmx => cve-2013-0422}/Exploit.java | 0 .../exploits/{j7u10_jmx => cve-2013-0422}/Makefile | 4 ++-- 5 files changed, 2 insertions(+), 2 deletions(-) rename data/exploits/{j7u10_jmx => cve-2013-0422}/B.class (100%) rename data/exploits/{j7u10_jmx => cve-2013-0422}/Exploit.class (100%) rename external/source/exploits/{j7u10_jmx => cve-2013-0422}/B.java (100%) rename external/source/exploits/{j7u10_jmx => cve-2013-0422}/Exploit.java (100%) rename external/source/exploits/{j7u10_jmx => cve-2013-0422}/Makefile (68%) diff --git a/data/exploits/j7u10_jmx/B.class b/data/exploits/cve-2013-0422/B.class similarity index 100% rename from data/exploits/j7u10_jmx/B.class rename to data/exploits/cve-2013-0422/B.class diff --git a/data/exploits/j7u10_jmx/Exploit.class b/data/exploits/cve-2013-0422/Exploit.class similarity index 100% rename from data/exploits/j7u10_jmx/Exploit.class rename to data/exploits/cve-2013-0422/Exploit.class diff --git a/external/source/exploits/j7u10_jmx/B.java b/external/source/exploits/cve-2013-0422/B.java similarity index 100% rename from external/source/exploits/j7u10_jmx/B.java rename to external/source/exploits/cve-2013-0422/B.java diff --git a/external/source/exploits/j7u10_jmx/Exploit.java b/external/source/exploits/cve-2013-0422/Exploit.java similarity index 100% rename from external/source/exploits/j7u10_jmx/Exploit.java rename to external/source/exploits/cve-2013-0422/Exploit.java diff --git a/external/source/exploits/j7u10_jmx/Makefile b/external/source/exploits/cve-2013-0422/Makefile similarity index 68% rename from external/source/exploits/j7u10_jmx/Makefile rename to external/source/exploits/cve-2013-0422/Makefile index 3fa70edee3..e93911b8ed 100644 --- a/external/source/exploits/j7u10_jmx/Makefile +++ b/external/source/exploits/cve-2013-0422/Makefile @@ -11,8 +11,8 @@ CLASSES = \ all: $(CLASSES:.java=.class) install: - mv Exploit.class ../../../../data/exploits/j7u10_jmx/ - mv B.class ../../../../data/exploits/j7u10_jmx/ + mv Exploit.class ../../../../data/exploits/cve-2013-0422/ + mv B.class ../../../../data/exploits/cve-2013-0422/ clean: rm -rf *.class From 2c05af721c6535ebdf6313eed0416e0f1bfa9cfa Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Fri, 11 Jan 2013 00:57:05 +0100 Subject: [PATCH 2/2] module also updated with refs --- modules/exploits/multi/browser/java_jre17_jmxbean.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/modules/exploits/multi/browser/java_jre17_jmxbean.rb b/modules/exploits/multi/browser/java_jre17_jmxbean.rb index 093d67d9f9..c9b7e032a3 100644 --- a/modules/exploits/multi/browser/java_jre17_jmxbean.rb +++ b/modules/exploits/multi/browser/java_jre17_jmxbean.rb @@ -34,6 +34,8 @@ class Metasploit3 < Msf::Exploit::Remote 'juan vazquez' # Metasploit module ], 'References' => [ + [ 'CVE', '2013-0422' ], + [ 'US-CERT-VU', '625617' ], [ 'URL', 'http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html' ], [ 'URL', 'http://labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/' ] ], @@ -73,9 +75,9 @@ class Metasploit3 < Msf::Exploit::Remote def setup - path = File.join(Msf::Config.install_root, "data", "exploits", "j7u10_jmx", "Exploit.class") + path = File.join(Msf::Config.install_root, "data", "exploits", "cve-2013-0422", "Exploit.class") @exploit_class = File.open(path, "rb") {|fd| fd.read(fd.stat.size) } - path = File.join(Msf::Config.install_root, "data", "exploits", "j7u10_jmx", "B.class") + path = File.join(Msf::Config.install_root, "data", "exploits", "cve-2013-0422", "B.class") @loader_class = File.open(path, "rb") {|fd| fd.read(fd.stat.size) } @exploit_class_name = rand_text_alpha("Exploit".length)