adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update the check to not fail if a COOKIE is used

Browse Source
This commit is contained in:
Spencer McIntyre
2021-06-10 11:29:07 -04:00
parent 3afe3ebfa3
commit edee95bbb2
3 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
documentation/modules/exploit/windows/http/sharepoint_unsafe_control.md
+5
View File
@@ -55,6 +55,11 @@ Set this to the ViewState validation key if you have it.
Set this to a SharePoint cookie if you have one. This is primarily useful for form auth.
### SP_LIST
Set this to the title of any valid SPlist on the targeted SharePoint site. The `Documents` SPlist is typically a safe
option.
## Scenarios
### SharePoint 2019 on Windows Server 2016
modules/exploits/windows/http/sharepoint_ssi_viewstate.rb
+6 -2
View File
@@ -143,8 +143,12 @@ class MetasploitModule < Msf::Exploit::Remote
end
def exploit
unless username && password
fail_with(Failure::BadConfig, 'HttpUsername and HttpPassword are required for exploitation')
if (username.blank? && password.blank?)
if cookie.blank?
fail_with(Failure::BadConfig, 'HttpUsername and HttpPassword or COOKIE are required for exploitation')
end
print_warning('Using the specified COOKIE for authentication')
end
if (@validation_key = datastore['VALIDATION_KEY'])
modules/exploits/windows/http/sharepoint_unsafe_control.rb
+6 -2
View File
@@ -145,8 +145,12 @@ class MetasploitModule < Msf::Exploit::Remote
end
def exploit
unless username && password
fail_with(Failure::BadConfig, 'HttpUsername and HttpPassword are required for exploitation')
if (username.blank? && password.blank?)
if cookie.blank?
fail_with(Failure::BadConfig, 'HttpUsername and HttpPassword or COOKIE are required for exploitation')
end
print_warning('Using the specified COOKIE for authentication')
end
if (@validation_key = datastore['VALIDATION_KEY'])