infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed spec for lib/msf/http/jboss 

Revert commit abdd72e8c6.
Added some spec for lib/msf/http/jboss/deployment_file_repository_scripts
bug/bundler_fix
us3r777 2014-09-08 17:42:04 +02:00
parent 283e83028f
commit cc5b852517
4 changed files with 42 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/msf/http/jboss/deployment_file_repository_scripts.rb
View File

@ -42,7 +42,7 @@ module Msf::HTTP::JBoss::DeploymentFileRepositoryScripts
# #
# @param app_base [String] The name of the WAR app to write. # @param app_base [String] The name of the WAR app to write.
# @return [String] The JSP stager. # @return [String] The JSP stager.
def stager_jsp(app_base, encoded_payload) def stager_jsp_with_payload(app_base, encoded_payload)
decoded_var = Rex::Text.rand_text_alpha(8+rand(8)) decoded_var = Rex::Text.rand_text_alpha(8+rand(8))
file_path_var = Rex::Text.rand_text_alpha(8+rand(8)) file_path_var = Rex::Text.rand_text_alpha(8+rand(8))
jboss_home_var = Rex::Text.rand_text_alpha(8+rand(8)) jboss_home_var = Rex::Text.rand_text_alpha(8+rand(8))

2
modules/exploits/multi/http/jboss_deploymentfilerepository.rb
View File

@ -120,7 +120,7 @@ class Metasploit3 < Msf::Exploit::Remote
}).to_s }).to_s
encoded_payload = Rex::Text.encode_base64(war_data).gsub(/\n/, '') encoded_payload = Rex::Text.encode_base64(war_data).gsub(/\n/, '')
stager_contents = stager_jsp(app_base, encoded_payload) stager_contents = stager_jsp_with_payload(app_base, encoded_payload)
# Depending on the type on the verb we might use a second stager # Depending on the type on the verb we might use a second stager
if http_verb == "POST" then if http_verb == "POST" then
print_status("Deploying stager for the WAR file") print_status("Deploying stager for the WAR file")

2
spec/lib/msf/http/jboss/scripts_spec.rb → spec/lib/msf/http/jboss/bean_shell_scripts_spec.rb
View File

@ -4,7 +4,7 @@ require 'spec_helper'
require 'msf/core' require 'msf/core'
require 'msf/http/jboss' require 'msf/http/jboss'
describe Msf::HTTP::JBoss::Scripts do describe Msf::HTTP::JBoss::BeanShellScripts do
subject do subject do
mod = ::Msf::Exploit.new mod = ::Msf::Exploit.new
mod.extend Msf::HTTP::JBoss mod.extend Msf::HTTP::JBoss

39
spec/lib/msf/http/jboss/deployment_file_repository_scripts.spec.rb Normal file
View File

@ -0,0 +1,39 @@
#-*- coding:binary -*-
require 'spec_helper'
require 'msf/core'
require 'msf/http/jboss'
describe Msf::HTTP::JBoss::DeploymentFileRepositoryScripts do
subject do
mod = ::Msf::Exploit.new
mod.extend Msf::HTTP::JBoss
mod.send(:initialize)
mod
end
describe "#stager_jsp_with_payload" do
it "returns the JSP stager" do
expect(subject.stager_jsp_with_payload('metasploit', 'payload')).to include('System.getProperty("jboss.server.home.dir");')
end
it "uses the provided application name" do
expect(subject.stager_jsp_with_payload('metasploit', 'payload')).to include('"/deploy/" + "metasploit.war";')
end
it "uses the provided payload" do
expect(subject.stager_jsp_with_payload('metasploit', 'payload')).to include('"payload";')
end
end
describe "#head_stager_jsp" do
it "returns the head JSP stager" do
expect(subject.head_stager_jsp('stager_base', 'jsp_name')).to include('System.getProperty("jboss.server.home.dir");')
end
it "uses the provided base name" do
expect(subject.head_stager_jsp('stager_base', 'jsp_name')).to include('"/deploy/management/" + "stager_base.war/"')
end
end
end