infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix #4246 - Access payload_exe information correctly 

This fixes an undef method 'payload_exe' error. We broke this when
all modules started using Msf::Exploit::CmdStager as the only source
to get a command stager payload. The problem with that is "payload_exe"
is an accessor in CmdStagerTFTP, not in CmdStager, so when the module
wants to access that, we trigger the undef method error.

To be exact, this is the actual commit that broke it:
7ced5927d8

Fix #4246
bug/bundler_fix
sinn3r 2014-12-05 02:08:13 -06:00
parent 85e0d72711
commit e3f7398acd
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/windows/iis/ms01_026_dbldecode.rb
View File

@ -196,12 +196,12 @@ class Metasploit3 < Msf::Exploit::Remote
# Save these file names for later deletion
@exe_cmd_copy = exe_fname
@exe_payload = payload_exe
@exe_payload = stager_instance.payload_exe
# Just for good measure, we'll make a quick, direct request for the payload
# Using the "start" method doesn't seem to make iis very happy :(
print_status("Triggering the payload via a direct request...")
mini_http_request({ 'uri' => '/scripts/' + payload_exe, 'method' => 'GET' }, 1)
mini_http_request({ 'uri' => '/scripts/' + stager_instance.payload_exe, 'method' => 'GET' }, 1)
handler