Refactored jboss mixin and modules
Moved VERB option to the mixin. Replaced "if datastore['VERBOSE']" by vprint_status().bug/bundler_fix
parent
ae2cd63391
commit
b526fc50f8
|
@ -15,7 +15,8 @@ module Msf
|
||||||
super
|
super
|
||||||
register_options(
|
register_options(
|
||||||
[
|
[
|
||||||
OptString.new('TARGETURI', [ true, 'The URI path of the JMX console', '/jmx-console'])
|
OptString.new('TARGETURI', [ true, 'The URI path of the JMX console', '/jmx-console']),
|
||||||
|
OptEnum.new('VERB', [true, 'HTTP Method to use (for CVE-2010-0738)', 'POST', ['GET', 'POST', 'HEAD']])
|
||||||
], self.class)
|
], self.class)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -30,13 +30,13 @@ module Msf::HTTP::JBoss::Base
|
||||||
elsif (res.code < 200 or res.code >= 300)
|
elsif (res.code < 200 or res.code >= 300)
|
||||||
msg = "http request failed to #{uri} [#{res.code}]"
|
msg = "http request failed to #{uri} [#{res.code}]"
|
||||||
elsif (res.code == 200)
|
elsif (res.code == 200)
|
||||||
print_status("Successfully called '#{uri}'") if datastore['VERBOSE']
|
vprint_status("Successfully called '#{uri}'")
|
||||||
return res
|
return res
|
||||||
end
|
end
|
||||||
|
|
||||||
if (attempt < num_attempts - 1)
|
if (attempt < num_attempts - 1)
|
||||||
msg << ", retrying in 5 seconds..."
|
msg << ", retrying in 5 seconds..."
|
||||||
print_status(msg) if datastore['VERBOSE']
|
vprint_status(msg)
|
||||||
select(nil, nil, nil, 5)
|
select(nil, nil, nil, 5)
|
||||||
else
|
else
|
||||||
print_error(msg)
|
print_error(msg)
|
||||||
|
|
|
@ -66,7 +66,7 @@ module Msf::HTTP::JBoss::BSH
|
||||||
}
|
}
|
||||||
%>
|
%>
|
||||||
EOT
|
EOT
|
||||||
encoded_stager_code = Rex::Text.encode_base64(stager_jsp).gsub(/\n/, '')
|
encoded_stager_code = Rex::Text.encode_base64(stager_jsp).gsub(/\n/, '')
|
||||||
|
|
||||||
jsp_file_var = Rex::Text.rand_text_alpha(8+rand(8))
|
jsp_file_var = Rex::Text.rand_text_alpha(8+rand(8))
|
||||||
fstream_var = Rex::Text.rand_text_alpha(8+rand(8))
|
fstream_var = Rex::Text.rand_text_alpha(8+rand(8))
|
||||||
|
|
|
@ -38,12 +38,10 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
[
|
[
|
||||||
Opt::RPORT(8080),
|
Opt::RPORT(8080),
|
||||||
OptString.new('APPBASE', [ true, 'Application base name']),
|
OptString.new('APPBASE', [ true, 'Application base name']),
|
||||||
OptString.new('STAGERNAME', [ false, 'Only used if VERB is not POST (default: "stager"', 'stager']),
|
OptString.new('STAGERNAME', [ false, 'Only used if VERB is not POST (default: "stager")', 'stager']),
|
||||||
OptString.new('PACKAGE', [ true, 'The package containing the BSHDeployer service', 'auto' ]),
|
|
||||||
OptString.new('WARFILE', [ true, 'The WAR file to deploy']),
|
OptString.new('WARFILE', [ true, 'The WAR file to deploy']),
|
||||||
OptBool.new('DEPLOY', [ true, 'Deploy: true. Undeploy: false', true]),
|
|
||||||
OptString.new('PACKAGE', [ true, 'The package containing the BSHDeployer service', 'auto' ]),
|
OptString.new('PACKAGE', [ true, 'The package containing the BSHDeployer service', 'auto' ]),
|
||||||
OptEnum.new('VERB', [true, 'HTTP Method to use (for CVE-2010-0738)', 'POST', ['GET', 'POST', 'HEAD']])
|
OptBool.new('DEPLOY', [ true, 'Deploy: true. Undeploy: false', true]),
|
||||||
], self.class)
|
], self.class)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -82,10 +82,9 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
register_options(
|
register_options(
|
||||||
[
|
[
|
||||||
Opt::RPORT(8080),
|
Opt::RPORT(8080),
|
||||||
OptString.new('JSP', [ false, 'JSP name to use without .jsp extension (default: random)', nil ]),
|
OptString.new('JSP', [ false, 'JSP name to use without .jsp extension (default: random)', nil ]),
|
||||||
OptString.new('APPBASE', [ false, 'Application base name, (default: random)', nil ]),
|
OptString.new('APPBASE', [ false, 'Application base name, (default: random)', nil ]),
|
||||||
OptString.new('PACKAGE', [ true, 'The package containing the BSHDeployer service', 'auto' ]),
|
OptString.new('PACKAGE', [ true, 'The package containing the BSHDeployer service', 'auto' ]),
|
||||||
OptEnum.new('VERB', [true, 'HTTP Method to use (for CVE-2010-0738)', 'POST', ['GET', 'POST', 'HEAD']])
|
|
||||||
], self.class)
|
], self.class)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue