diff --git a/lib/msf/core/exploit/cmdstager.rb b/lib/msf/core/exploit/cmdstager.rb index 2485ca9c83..8bc407a8e9 100644 --- a/lib/msf/core/exploit/cmdstager.rb +++ b/lib/msf/core/exploit/cmdstager.rb @@ -209,8 +209,8 @@ module Exploit::CmdStager end def target_flavor - return target.opts['CmdStagerFlavor'] if target && target.opts['CMDStagerFlavor'] - return module_info['CmdStagerFlavor'] if module_info['CMDStagerFlavor'] + return target.opts['CmdStagerFlavor'].to_sym if target && target.opts['CMDStagerFlavor'] + return module_info['CmdStagerFlavor'].to_sym if module_info['CMDStagerFlavor'] nil end diff --git a/modules/exploits/linux/http/linksys_wrt110_cmd_exec.rb b/modules/exploits/linux/http/linksys_wrt110_cmd_exec.rb index 8967138ac9..25a8c80e8c 100644 --- a/modules/exploits/linux/http/linksys_wrt110_cmd_exec.rb +++ b/modules/exploits/linux/http/linksys_wrt110_cmd_exec.rb @@ -39,7 +39,7 @@ class Metasploit3 < Msf::Exploit::Remote [ ['Linux mipsel Payload', { } ] ], - 'CmdStagerFlavor' => :echo, + 'CmdStagerFlavor' => 'echo', 'DefaultTarget' => 0, )) diff --git a/modules/exploits/multi/http/hp_sitescope_issuesiebelcmd.rb b/modules/exploits/multi/http/hp_sitescope_issuesiebelcmd.rb index a5422de6d0..89b62906d8 100644 --- a/modules/exploits/multi/http/hp_sitescope_issuesiebelcmd.rb +++ b/modules/exploits/multi/http/hp_sitescope_issuesiebelcmd.rb @@ -51,7 +51,7 @@ class Metasploit3 < Msf::Exploit::Remote { 'Arch' => ARCH_X86, 'Platform' => 'win', - 'CmdStagerFlavor' => :vbs + 'CmdStagerFlavor' => 'vbs' } ], [ 'HP SiteScope 11.20 / Linux', diff --git a/modules/exploits/multi/http/hp_sys_mgmt_exec.rb b/modules/exploits/multi/http/hp_sys_mgmt_exec.rb index f4f79d536a..bbb6d97e6e 100644 --- a/modules/exploits/multi/http/hp_sys_mgmt_exec.rb +++ b/modules/exploits/multi/http/hp_sys_mgmt_exec.rb @@ -42,22 +42,22 @@ class Metasploit3 < Msf::Exploit::Remote ['Linux', { 'Platform' => 'linux', 'Arch' => ARCH_X86, - 'CmdStagerFlavor' => :bourne + 'CmdStagerFlavor' => 'bourne' }], ['Linux (x64)', { 'Platform' => 'linux', 'Arch' => ARCH_X86_64, - 'CmdStagerFlavor' => :bourne + 'CmdStagerFlavor' => 'bourne' }], ['Windows', { 'Platform' => 'win', 'Arch' => ARCH_X86, - 'CmdStagerFlavor' => :vbs + 'CmdStagerFlavor' => 'vbs' }], ['Windows (x64)', { 'Platform' => 'win', 'Arch' => ARCH_X86_64, - 'CmdStagerFlavor' => :vbs + 'CmdStagerFlavor' => 'vbs' }], ], 'Privileged' => false, diff --git a/modules/exploits/multi/http/hyperic_hq_script_console.rb b/modules/exploits/multi/http/hyperic_hq_script_console.rb index e32033716b..a573da80d2 100644 --- a/modules/exploits/multi/http/hyperic_hq_script_console.rb +++ b/modules/exploits/multi/http/hyperic_hq_script_console.rb @@ -37,7 +37,7 @@ class Metasploit3 < Msf::Exploit::Remote [ # Tested on Hyperic HQ versions 4.5.2-win32 and 4.6.6-win32 on Windows XP SP3 and Ubuntu 10.04 ['Automatic', {} ], - ['Windows', {'Arch' => ARCH_X86, 'Platform' => 'win', 'CmdStagerFlavor' => :vbs}], + ['Windows', {'Arch' => ARCH_X86, 'Platform' => 'win', 'CmdStagerFlavor' => 'vbs'}], ['Linux', {'Arch' => ARCH_X86, 'Platform' => 'linux' }], ['Unix CMD', {'Arch' => ARCH_CMD, 'Platform' => 'unix', 'Payload' => {'BadChars' => "\x22"}}] ], diff --git a/modules/exploits/multi/http/jenkins_script_console.rb b/modules/exploits/multi/http/jenkins_script_console.rb index 8dbad89281..57f3fa67a0 100644 --- a/modules/exploits/multi/http/jenkins_script_console.rb +++ b/modules/exploits/multi/http/jenkins_script_console.rb @@ -35,7 +35,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Platform' => %w{ win linux unix }, 'Targets' => [ - ['Windows', {'Arch' => ARCH_X86, 'Platform' => 'win', 'CmdStagerFlavor' => :vbs}], + ['Windows', {'Arch' => ARCH_X86, 'Platform' => 'win', 'CmdStagerFlavor' => 'vbs'}], ['Linux', { 'Arch' => ARCH_X86, 'Platform' => 'linux' }], ['Unix CMD', {'Arch' => ARCH_CMD, 'Platform' => 'unix', 'Payload' => {'BadChars' => "\x22"}}] ], diff --git a/modules/exploits/multi/http/netwin_surgeftp_exec.rb b/modules/exploits/multi/http/netwin_surgeftp_exec.rb index d46f881a56..045e29d131 100644 --- a/modules/exploits/multi/http/netwin_surgeftp_exec.rb +++ b/modules/exploits/multi/http/netwin_surgeftp_exec.rb @@ -33,7 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Platform' => %w{ win unix }, 'Targets' => [ - [ 'Windows', { 'Arch'=>ARCH_X86, 'Platform'=>'win', 'CmdStagerFlavor' => :vbs} ], + [ 'Windows', { 'Arch'=>ARCH_X86, 'Platform'=>'win', 'CmdStagerFlavor' => 'vbs'} ], [ 'Unix', { 'Arch'=>ARCH_CMD, 'Platform'=>'unix', 'Payload'=>{'BadChars' => "\x22"}} ] ], 'DisclosureDate' => 'Dec 06 2012')) diff --git a/modules/exploits/multi/http/struts_code_exec.rb b/modules/exploits/multi/http/struts_code_exec.rb index 1d8a5d10a0..ffe386982e 100644 --- a/modules/exploits/multi/http/struts_code_exec.rb +++ b/modules/exploits/multi/http/struts_code_exec.rb @@ -43,7 +43,7 @@ class Metasploit3 < Msf::Exploit::Remote { 'Arch' => ARCH_X86, 'Platform' => 'win', - 'CmdStagerFlavor' => :tftp + 'CmdStagerFlavor' => 'tftp' } ], ['Linux Universal', diff --git a/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb b/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb index f6f1116a2f..1967998615 100644 --- a/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb +++ b/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb @@ -46,7 +46,7 @@ class Metasploit3 < Msf::Exploit::Remote { 'Arch' => ARCH_X86, 'Platform' => 'win', - 'CmdStagerFlavor' => :tftp + 'CmdStagerFlavor' => 'tftp' } ], ['Linux Universal', diff --git a/modules/exploits/multi/sap/sap_mgmt_con_osexec_payload.rb b/modules/exploits/multi/sap/sap_mgmt_con_osexec_payload.rb index 1ad494238b..d845ce36ef 100644 --- a/modules/exploits/multi/sap/sap_mgmt_con_osexec_payload.rb +++ b/modules/exploits/multi/sap/sap_mgmt_con_osexec_payload.rb @@ -57,7 +57,7 @@ class Metasploit4 < Msf::Exploit::Remote { 'Arch' => ARCH_X86, 'Platform' => 'win', - 'CmdStagerFlavor' => :vbs + 'CmdStagerFlavor' => 'vbs' }, ], ], diff --git a/modules/exploits/multi/sap/sap_soap_rfc_sxpg_call_system_exec.rb b/modules/exploits/multi/sap/sap_soap_rfc_sxpg_call_system_exec.rb index 6283a6b799..85ed24179a 100644 --- a/modules/exploits/multi/sap/sap_soap_rfc_sxpg_call_system_exec.rb +++ b/modules/exploits/multi/sap/sap_soap_rfc_sxpg_call_system_exec.rb @@ -67,7 +67,7 @@ class Metasploit4 < Msf::Exploit::Remote { 'Arch' => ARCH_X86_64, 'Platform' => 'win', - 'CmdStagerFlavor' => :vbs + 'CmdStagerFlavor' => 'vbs' } ] ], diff --git a/modules/exploits/multi/sap/sap_soap_rfc_sxpg_command_exec.rb b/modules/exploits/multi/sap/sap_soap_rfc_sxpg_command_exec.rb index f94814e445..e0b7025f3f 100644 --- a/modules/exploits/multi/sap/sap_soap_rfc_sxpg_command_exec.rb +++ b/modules/exploits/multi/sap/sap_soap_rfc_sxpg_command_exec.rb @@ -68,7 +68,7 @@ class Metasploit4 < Msf::Exploit::Remote { 'Arch' => ARCH_X86_64, 'Platform' => 'win', - 'CmdStagerFlavor' => :vbs + 'CmdStagerFlavor' => 'vbs' } ] ], diff --git a/modules/exploits/multi/ssh/sshexec.rb b/modules/exploits/multi/ssh/sshexec.rb index 6166f4665d..4a2a2eb3e4 100644 --- a/modules/exploits/multi/ssh/sshexec.rb +++ b/modules/exploits/multi/ssh/sshexec.rb @@ -61,7 +61,7 @@ class Metasploit3 < Msf::Exploit::Remote } ] ], - 'CmdStagerFlavor' => [ :bourne, :echo, :printf ], + 'CmdStagerFlavor' => %w{ bourne echo printf }, 'DefaultTarget' => 0, # For the CVE 'DisclosureDate' => 'Jan 01 1999' diff --git a/modules/exploits/unix/webapp/zeroshell_exec.rb b/modules/exploits/unix/webapp/zeroshell_exec.rb index 7a085e34d9..a1f626717e 100644 --- a/modules/exploits/unix/webapp/zeroshell_exec.rb +++ b/modules/exploits/unix/webapp/zeroshell_exec.rb @@ -35,7 +35,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'Platform' => ['linux'], 'Arch' => ARCH_X86, - 'CmdStagerFlavor' => :echo, + 'CmdStagerFlavor' => 'echo', 'Targets' => [ ['ZeroShell 2.0 RC2', {}] diff --git a/modules/exploits/windows/antivirus/ams_hndlrsvc.rb b/modules/exploits/windows/antivirus/ams_hndlrsvc.rb index a116452403..63c93e78c7 100644 --- a/modules/exploits/windows/antivirus/ams_hndlrsvc.rb +++ b/modules/exploits/windows/antivirus/ams_hndlrsvc.rb @@ -39,7 +39,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'Privileged' => true, 'Platform' => 'win', - 'CmdStagerFlavor' => :tftp, + 'CmdStagerFlavor' => 'tftp', 'DefaultTarget' => 0, 'DisclosureDate' => 'Jul 26 2010')) diff --git a/modules/exploits/windows/antivirus/ams_xfr.rb b/modules/exploits/windows/antivirus/ams_xfr.rb index ab276804cc..552de31f2c 100644 --- a/modules/exploits/windows/antivirus/ams_xfr.rb +++ b/modules/exploits/windows/antivirus/ams_xfr.rb @@ -38,7 +38,7 @@ class Metasploit3 < Msf::Exploit::Remote } ] ], - 'CmdStagerFlavor' => :tftp, + 'CmdStagerFlavor' => 'tftp', 'Privileged' => true, 'Platform' => 'win', 'DefaultTarget' => 0, diff --git a/modules/exploits/windows/browser/dxstudio_player_exec.rb b/modules/exploits/windows/browser/dxstudio_player_exec.rb index 9395eef605..9519709c03 100644 --- a/modules/exploits/windows/browser/dxstudio_player_exec.rb +++ b/modules/exploits/windows/browser/dxstudio_player_exec.rb @@ -50,7 +50,7 @@ class Metasploit3 < Msf::Exploit::Remote [ [ 'Automatic', { } ], ], - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'DisclosureDate' => 'Jun 09 2009', 'DefaultTarget' => 0)) end diff --git a/modules/exploits/windows/emc/replication_manager_exec.rb b/modules/exploits/windows/emc/replication_manager_exec.rb index 2faed20097..705e3b6a27 100644 --- a/modules/exploits/windows/emc/replication_manager_exec.rb +++ b/modules/exploits/windows/emc/replication_manager_exec.rb @@ -50,7 +50,7 @@ class Metasploit3 < Msf::Exploit::Remote # Tested on Windows XP and Windows 2003 [ 'EMC Replication Manager 5.2.1 / Windows Native Payload', { } ] ], - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'DefaultOptions' => { 'WfsDelay' => 5 diff --git a/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb b/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb index 068c96e426..1904e4ae5e 100644 --- a/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb +++ b/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb @@ -38,7 +38,7 @@ class Metasploit3 < Msf::Exploit::Remote } ] ], - 'CmdStagerFlavor' => :tftp, + 'CmdStagerFlavor' => 'tftp', 'Privileged' => true, 'Platform' => 'win', 'DisclosureDate' => 'Apr 13 2011', diff --git a/modules/exploits/windows/http/hp_sitescope_runomagentcommand.rb b/modules/exploits/windows/http/hp_sitescope_runomagentcommand.rb index 98fd232fa5..7ebc841275 100644 --- a/modules/exploits/windows/http/hp_sitescope_runomagentcommand.rb +++ b/modules/exploits/windows/http/hp_sitescope_runomagentcommand.rb @@ -42,7 +42,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Privileged' => true, 'Platform' => 'win', 'Arch' => ARCH_X86, - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'Targets' => [ [ 'HP SiteScope 11.20 (with Operations Agent) / Windows 2003 SP2', {} ] diff --git a/modules/exploits/windows/http/osb_uname_jlist.rb b/modules/exploits/windows/http/osb_uname_jlist.rb index f19711c6c4..0ea6f4575d 100644 --- a/modules/exploits/windows/http/osb_uname_jlist.rb +++ b/modules/exploits/windows/http/osb_uname_jlist.rb @@ -39,7 +39,7 @@ class Metasploit3 < Msf::Exploit::Remote } ] ], - 'CmdStagerFlavor' => :tftp, + 'CmdStagerFlavor' => 'tftp', 'Privileged' => true, 'Platform' => 'win', 'DisclosureDate' => 'Jul 13 2010', diff --git a/modules/exploits/windows/http/sap_configservlet_exec_noauth.rb b/modules/exploits/windows/http/sap_configservlet_exec_noauth.rb index a0e80da8d9..0a98a50b74 100644 --- a/modules/exploits/windows/http/sap_configservlet_exec_noauth.rb +++ b/modules/exploits/windows/http/sap_configservlet_exec_noauth.rb @@ -43,7 +43,7 @@ class Metasploit3 < Msf::Exploit } ] ], - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'DefaultTarget' => 0, 'Privileged' => false )) diff --git a/modules/exploits/windows/iis/ms01_026_dbldecode.rb b/modules/exploits/windows/iis/ms01_026_dbldecode.rb index 7917bb005a..e312669ce6 100644 --- a/modules/exploits/windows/iis/ms01_026_dbldecode.rb +++ b/modules/exploits/windows/iis/ms01_026_dbldecode.rb @@ -38,7 +38,7 @@ class Metasploit3 < Msf::Exploit::Remote [ [ 'Automatic', { } ] ], - 'CmdStagerFlavor' => :tftp, + 'CmdStagerFlavor' => 'tftp', 'DefaultTarget' => 0, 'DisclosureDate' => 'May 15 2001' )) diff --git a/modules/exploits/windows/iis/msadc.rb b/modules/exploits/windows/iis/msadc.rb index 13c103f1ad..8b55cfc20e 100644 --- a/modules/exploits/windows/iis/msadc.rb +++ b/modules/exploits/windows/iis/msadc.rb @@ -50,7 +50,7 @@ class Metasploit3 < Msf::Exploit::Remote # w2k w/sp0, IIS5.0, mdac 2.7 RTM, sql2000, handunsf.reg, over xp_cmdshell, reverse_tcp [ 'Automatic', { } ], ], - 'CmdStagerFlavor' => :tftp, + 'CmdStagerFlavor' => 'tftp', 'DefaultTarget' => 0, 'DisclosureDate' => 'Jul 17 1998' ) diff --git a/modules/exploits/windows/misc/altiris_ds_sqli.rb b/modules/exploits/windows/misc/altiris_ds_sqli.rb index f2165331d1..fc4a08aba5 100644 --- a/modules/exploits/windows/misc/altiris_ds_sqli.rb +++ b/modules/exploits/windows/misc/altiris_ds_sqli.rb @@ -48,7 +48,7 @@ class Metasploit3 < Msf::Exploit::Remote } ] ], - 'CmdStagerFlavor' => :tftp, + 'CmdStagerFlavor' => 'tftp', 'Privileged' => true, 'Platform' => 'win', 'DisclosureDate' => 'May 15 2008', diff --git a/modules/exploits/windows/mssql/mssql_linkcrawler.rb b/modules/exploits/windows/mssql/mssql_linkcrawler.rb index 651cc84195..a16ea8cf0b 100644 --- a/modules/exploits/windows/mssql/mssql_linkcrawler.rb +++ b/modules/exploits/windows/mssql/mssql_linkcrawler.rb @@ -55,7 +55,7 @@ class Metasploit3 < Msf::Exploit::Remote [ [ 'Automatic', { } ], ], - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'DefaultTarget' => 0 )) diff --git a/modules/exploits/windows/mssql/mssql_payload.rb b/modules/exploits/windows/mssql/mssql_payload.rb index feac9d4bbd..3af30dea49 100644 --- a/modules/exploits/windows/mssql/mssql_payload.rb +++ b/modules/exploits/windows/mssql/mssql_payload.rb @@ -58,7 +58,7 @@ class Metasploit3 < Msf::Exploit::Remote [ [ 'Automatic', { } ], ], - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'DefaultTarget' => 0, 'DisclosureDate' => 'May 30 2000' )) diff --git a/modules/exploits/windows/mssql/mssql_payload_sqli.rb b/modules/exploits/windows/mssql/mssql_payload_sqli.rb index cce2e87e94..2ef04fea0b 100644 --- a/modules/exploits/windows/mssql/mssql_payload_sqli.rb +++ b/modules/exploits/windows/mssql/mssql_payload_sqli.rb @@ -83,7 +83,7 @@ class Metasploit3 < Msf::Exploit::Remote [ [ 'Automatic', { } ], ], - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'DefaultTarget' => 0, 'DisclosureDate' => 'May 30 2000' )) diff --git a/modules/exploits/windows/mysql/mysql_payload.rb b/modules/exploits/windows/mysql/mysql_payload.rb index dfe67619d6..a903edde07 100644 --- a/modules/exploits/windows/mysql/mysql_payload.rb +++ b/modules/exploits/windows/mysql/mysql_payload.rb @@ -44,7 +44,7 @@ class Metasploit3 < Msf::Exploit::Remote [ [ 'Automatic', { } ], # Confirmed on MySQL 4.1.22, 5.5.9, and 5.1.56 (64bit) ], - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'DefaultTarget' => 0, 'DisclosureDate' => 'Jan 16 2009' # Date of Bernardo's blog post. )) diff --git a/modules/exploits/windows/oracle/extjob.rb b/modules/exploits/windows/oracle/extjob.rb index e4c99ef771..31f2508060 100644 --- a/modules/exploits/windows/oracle/extjob.rb +++ b/modules/exploits/windows/oracle/extjob.rb @@ -40,7 +40,7 @@ class Metasploit3 < Msf::Exploit::Remote # This module has been tested on Oracle 10g Release 1 # where the Oracle Job Scheduler runs as SYSTEM on Windows 'Targets' => [['Automatic',{}]], - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'Privileged' => true, 'DisclosureDate' => 'Jan 01 2007', 'DefaultTarget' => 0)) diff --git a/modules/exploits/windows/scada/abb_wserver_exec.rb b/modules/exploits/windows/scada/abb_wserver_exec.rb index ade1419738..2634efd091 100644 --- a/modules/exploits/windows/scada/abb_wserver_exec.rb +++ b/modules/exploits/windows/scada/abb_wserver_exec.rb @@ -45,7 +45,7 @@ class Metasploit3 < Msf::Exploit::Remote [ [ 'ABB MicroSCADA Pro SYS600 9.3', { } ] ], - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'DefaultTarget' => 0, 'Privileged' => false, 'DisclosureDate' => 'Apr 05 2013' diff --git a/modules/exploits/windows/winrm/winrm_script_exec.rb b/modules/exploits/windows/winrm/winrm_script_exec.rb index 7714f73beb..d6a3f976d3 100644 --- a/modules/exploits/windows/winrm/winrm_script_exec.rb +++ b/modules/exploits/windows/winrm/winrm_script_exec.rb @@ -49,7 +49,7 @@ class Metasploit3 < Msf::Exploit::Remote [ [ 'Windows', { } ], ], - 'CmdStagerFlavor' => :vbs, + 'CmdStagerFlavor' => 'vbs', 'DefaultTarget' => 0, 'DisclosureDate' => 'Nov 01 2012' ))