Land #7203, Fix struts_default_action_mapper payload request delay
This commit is contained in:
commit
d34579f1f0
|
@ -26,9 +26,6 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
"redirectAction:" is not properly sanitized. Since said information will be
|
||||
evaluated as OGNL expression against the value stack, this introduces the
|
||||
possibility to inject server side code.
|
||||
|
||||
This module has been tested successfully on Struts 2.3.15 and Struts 2.0.11.2 over
|
||||
Tomcat 7, with Windows 2003 SP2 and Ubuntu 10.04 operating systems.
|
||||
},
|
||||
'License' => MSF_LICENSE,
|
||||
'Author' =>
|
||||
|
@ -74,6 +71,7 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
Opt::RPORT(8080),
|
||||
OptString.new('TARGETURI', [true, 'Action URI', '/struts2-blank/example/HelloWorld.action']),
|
||||
OptInt.new('HTTP_DELAY', [true, 'Time that the HTTP Server will wait for the payload request', 60]),
|
||||
OptInt.new('PAYLOAD_REQUEST_DELAY', [true, 'Time to wait for the payload request', 5]),
|
||||
# It isn't OptPath becuase it's a *remote* path
|
||||
OptString.new("WritableDir", [ true, "A directory where we can write files (only on Linux targets)", "/tmp" ])
|
||||
], self.class)
|
||||
|
@ -359,6 +357,8 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
fail_with(Failure::Unknown, "#{rhost}:#{rport} - Target didn't request request the ELF payload -- Maybe it cant connect back to us?")
|
||||
end
|
||||
end
|
||||
|
||||
sleep(datastore['PAYLOAD_REQUEST_DELAY'])
|
||||
end
|
||||
|
||||
def build_hta
|
||||
|
|
Loading…
Reference in New Issue