Update modules/exploits/linux/http/f5_icontrol_rce.rb

Co-authored-by: wvu <4551878+wvu@users.noreply.github.com>
2022-05-11 20:43:54 +02:00
parent 208367d735
commit 1bc2616c19
1 changed files with 3 additions and 2 deletions
@@ -29,7 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote
          ['URL', 'https://www.horizon3.ai/f5-icontrol-rest-endpoint-authentication-bypass-technical-deep-dive/']
        ],
        'License' => MSF_LICENSE,
-        'DisclosureDate' => '2022-04-05', # Vendor advisory
+        'DisclosureDate' => '2022-05-04', # Vendor advisory
        'Platform' => ['unix', 'linux'],
        'Arch' => [ARCH_CMD, ARCH_X86, ARCH_X64],
        'Privileged' => true,
@@ -41,7 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote
              'Arch' => ARCH_CMD,
              'Type' => :unix_cmd,
              'DefaultOptions' => {
-                'PAYLOAD' => 'cmd/unix/reverse_python_ssl'
+                'PAYLOAD' => 'cmd/unix/python/meterpreter/reverse_tcp'
              }
            }
          ],
@@ -60,6 +60,7 @@ class MetasploitModule < Msf::Exploit::Remote
        ],
        'DefaultTarget' => 0,
        'DefaultOptions' => {
+          'RPORT' => 443,
          'SSL' => true
        },
        'Notes' => {