From c0945081198b4c239ead077e156bb3d252c73da9 Mon Sep 17 00:00:00 2001 From: sinn3r Date: Mon, 8 Oct 2012 22:17:11 -0500 Subject: [PATCH] Support Python payload Pretty sure if the app is run on Unix/Apache, or supports perl and ruby, chances are python works too. --- modules/exploits/multi/http/familycms_less_exec.rb | 2 +- modules/exploits/multi/http/op5_license.rb | 2 +- modules/exploits/multi/http/op5_welcome.rb | 2 +- modules/exploits/multi/http/plone_popen2.rb | 2 +- modules/exploits/multi/http/snortreport_exec.rb | 2 +- modules/exploits/unix/webapp/awstats_configdir_exec.rb | 2 +- modules/exploits/unix/webapp/awstats_migrate_exec.rb | 2 +- modules/exploits/unix/webapp/awstatstotals_multisort.rb | 2 +- modules/exploits/unix/webapp/barracuda_img_exec.rb | 2 +- modules/exploits/unix/webapp/basilic_diff_exec.rb | 2 +- modules/exploits/unix/webapp/cacti_graphimage_exec.rb | 2 +- modules/exploits/unix/webapp/dogfood_spell_exec.rb | 2 +- modules/exploits/unix/webapp/guestbook_ssi_exec.rb | 2 +- modules/exploits/unix/webapp/hastymail_exec.rb | 2 +- modules/exploits/unix/webapp/mitel_awc_exec.rb | 2 +- modules/exploits/unix/webapp/nagios3_statuswml_ping.rb | 2 +- modules/exploits/unix/webapp/phpbb_highlight.rb | 2 +- modules/exploits/unix/webapp/squirrelmail_pgp_plugin.rb | 2 +- modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb | 2 +- modules/exploits/unix/webapp/webmin_show_cgi_exec.rb | 2 +- 20 files changed, 20 insertions(+), 20 deletions(-) diff --git a/modules/exploits/multi/http/familycms_less_exec.rb b/modules/exploits/multi/http/familycms_less_exec.rb index 5869c1a3b6..0897f38a33 100644 --- a/modules/exploits/multi/http/familycms_less_exec.rb +++ b/modules/exploits/multi/http/familycms_less_exec.rb @@ -40,7 +40,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic telnet perl ruby', + 'RequiredCmd' => 'generic telnet perl ruby python', } }, 'Platform' => ['unix', 'linux'], diff --git a/modules/exploits/multi/http/op5_license.rb b/modules/exploits/multi/http/op5_license.rb index a1f0c22d69..ea7fdf8cfe 100644 --- a/modules/exploits/multi/http/op5_license.rb +++ b/modules/exploits/multi/http/op5_license.rb @@ -39,7 +39,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'perl ruby', + 'RequiredCmd' => 'perl ruby python', } }, 'Platform' => 'unix', diff --git a/modules/exploits/multi/http/op5_welcome.rb b/modules/exploits/multi/http/op5_welcome.rb index 8bbffc6213..67dfc09e64 100644 --- a/modules/exploits/multi/http/op5_welcome.rb +++ b/modules/exploits/multi/http/op5_welcome.rb @@ -39,7 +39,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'perl ruby', + 'RequiredCmd' => 'perl ruby python', } }, 'Platform' => [ 'unix', 'linux' ], diff --git a/modules/exploits/multi/http/plone_popen2.rb b/modules/exploits/multi/http/plone_popen2.rb index 31edd8e8fa..aaf058d57c 100644 --- a/modules/exploits/multi/http/plone_popen2.rb +++ b/modules/exploits/multi/http/plone_popen2.rb @@ -42,7 +42,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic telnet perl ruby', + 'RequiredCmd' => 'generic telnet perl ruby python', } }, 'Platform' => ['unix', 'linux'], diff --git a/modules/exploits/multi/http/snortreport_exec.rb b/modules/exploits/multi/http/snortreport_exec.rb index ff3a9d5ec3..142463fbba 100644 --- a/modules/exploits/multi/http/snortreport_exec.rb +++ b/modules/exploits/multi/http/snortreport_exec.rb @@ -39,7 +39,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby bash telnet python', } }, 'Platform' => ['unix', 'linux'], diff --git a/modules/exploits/unix/webapp/awstats_configdir_exec.rb b/modules/exploits/unix/webapp/awstats_configdir_exec.rb index 199042f8b2..33bf1006c7 100644 --- a/modules/exploits/unix/webapp/awstats_configdir_exec.rb +++ b/modules/exploits/unix/webapp/awstats_configdir_exec.rb @@ -44,7 +44,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Platform' => 'unix', diff --git a/modules/exploits/unix/webapp/awstats_migrate_exec.rb b/modules/exploits/unix/webapp/awstats_migrate_exec.rb index 75a7dc6c1c..87954d963c 100644 --- a/modules/exploits/unix/webapp/awstats_migrate_exec.rb +++ b/modules/exploits/unix/webapp/awstats_migrate_exec.rb @@ -47,7 +47,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Platform' => 'unix', diff --git a/modules/exploits/unix/webapp/awstatstotals_multisort.rb b/modules/exploits/unix/webapp/awstatstotals_multisort.rb index a529e25dce..371efa6070 100644 --- a/modules/exploits/unix/webapp/awstatstotals_multisort.rb +++ b/modules/exploits/unix/webapp/awstatstotals_multisort.rb @@ -43,7 +43,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Platform' => 'unix', diff --git a/modules/exploits/unix/webapp/barracuda_img_exec.rb b/modules/exploits/unix/webapp/barracuda_img_exec.rb index f0f2f8c59d..8ba9a76c07 100644 --- a/modules/exploits/unix/webapp/barracuda_img_exec.rb +++ b/modules/exploits/unix/webapp/barracuda_img_exec.rb @@ -43,7 +43,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Platform' => 'unix', diff --git a/modules/exploits/unix/webapp/basilic_diff_exec.rb b/modules/exploits/unix/webapp/basilic_diff_exec.rb index 9b3daf5eb0..5174d8c8e7 100644 --- a/modules/exploits/unix/webapp/basilic_diff_exec.rb +++ b/modules/exploits/unix/webapp/basilic_diff_exec.rb @@ -40,7 +40,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet' + 'RequiredCmd' => 'generic perl ruby python bash telnet' } }, 'Targets' => diff --git a/modules/exploits/unix/webapp/cacti_graphimage_exec.rb b/modules/exploits/unix/webapp/cacti_graphimage_exec.rb index 42097461da..842e744e8d 100644 --- a/modules/exploits/unix/webapp/cacti_graphimage_exec.rb +++ b/modules/exploits/unix/webapp/cacti_graphimage_exec.rb @@ -41,7 +41,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Platform' => 'unix', diff --git a/modules/exploits/unix/webapp/dogfood_spell_exec.rb b/modules/exploits/unix/webapp/dogfood_spell_exec.rb index 6b315b4610..1f0d91ae35 100644 --- a/modules/exploits/unix/webapp/dogfood_spell_exec.rb +++ b/modules/exploits/unix/webapp/dogfood_spell_exec.rb @@ -49,7 +49,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Targets' => [ ['Automatic', { }], ], diff --git a/modules/exploits/unix/webapp/guestbook_ssi_exec.rb b/modules/exploits/unix/webapp/guestbook_ssi_exec.rb index 43b8b0ae62..51a0a1d8f6 100644 --- a/modules/exploits/unix/webapp/guestbook_ssi_exec.rb +++ b/modules/exploits/unix/webapp/guestbook_ssi_exec.rb @@ -47,7 +47,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Platform' => [ 'unix', 'win', 'linux' ], diff --git a/modules/exploits/unix/webapp/hastymail_exec.rb b/modules/exploits/unix/webapp/hastymail_exec.rb index ce32c8ab73..80e772c022 100644 --- a/modules/exploits/unix/webapp/hastymail_exec.rb +++ b/modules/exploits/unix/webapp/hastymail_exec.rb @@ -40,7 +40,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby netcat-e', + 'RequiredCmd' => 'generic perl ruby python netcat-e', } }, 'Platform' => ['unix'], diff --git a/modules/exploits/unix/webapp/mitel_awc_exec.rb b/modules/exploits/unix/webapp/mitel_awc_exec.rb index 49e8001590..c32f16a4d6 100644 --- a/modules/exploits/unix/webapp/mitel_awc_exec.rb +++ b/modules/exploits/unix/webapp/mitel_awc_exec.rb @@ -45,7 +45,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Targets' => [ ['Automatic', { }], ], diff --git a/modules/exploits/unix/webapp/nagios3_statuswml_ping.rb b/modules/exploits/unix/webapp/nagios3_statuswml_ping.rb index a401533b5f..302b664d5d 100644 --- a/modules/exploits/unix/webapp/nagios3_statuswml_ping.rb +++ b/modules/exploits/unix/webapp/nagios3_statuswml_ping.rb @@ -43,7 +43,7 @@ class Metasploit3 < Msf::Exploit::Remote 'BadChars' => '<>', 'Compat' => { - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Targets' => diff --git a/modules/exploits/unix/webapp/phpbb_highlight.rb b/modules/exploits/unix/webapp/phpbb_highlight.rb index 850ead72ca..39252dba39 100644 --- a/modules/exploits/unix/webapp/phpbb_highlight.rb +++ b/modules/exploits/unix/webapp/phpbb_highlight.rb @@ -49,7 +49,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Platform' => 'unix', diff --git a/modules/exploits/unix/webapp/squirrelmail_pgp_plugin.rb b/modules/exploits/unix/webapp/squirrelmail_pgp_plugin.rb index dd653990b7..23389e3f7c 100644 --- a/modules/exploits/unix/webapp/squirrelmail_pgp_plugin.rb +++ b/modules/exploits/unix/webapp/squirrelmail_pgp_plugin.rb @@ -54,7 +54,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Targets' => diff --git a/modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb b/modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb index bb3700b8e1..05fd0f40e0 100644 --- a/modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb +++ b/modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb @@ -46,7 +46,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl ruby bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Platform' => 'unix', diff --git a/modules/exploits/unix/webapp/webmin_show_cgi_exec.rb b/modules/exploits/unix/webapp/webmin_show_cgi_exec.rb index dc63fbc468..8d28a2dfdb 100644 --- a/modules/exploits/unix/webapp/webmin_show_cgi_exec.rb +++ b/modules/exploits/unix/webapp/webmin_show_cgi_exec.rb @@ -43,7 +43,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Compat' => { 'PayloadType' => 'cmd', - 'RequiredCmd' => 'generic perl bash telnet', + 'RequiredCmd' => 'generic perl ruby python bash telnet', } }, 'Platform' => 'unix',