don't use java_basicservice_impl in browser autopwn because it doesn't work in an iframe against IE and causes popups in other browsers

git-svn-id: file:///home/svn/framework3/trunk@11101 4d416f70-5f16-0410-b530-b9f4589650da
2024-10-29 18:07:27 +01:00 · 2010-11-22 20:44:16 +00:00 · 2010-11-22 20:44:16 +00:00 · 7a3770f87b
commit 7a3770f87b
parent 04f9aec2d8
1 changed files with 11 additions and 3 deletions
--- a/modules/exploits/windows/browser/java_basicservice_impl.rb
+++ b/modules/exploits/windows/browser/java_basicservice_impl.rb
@ -16,8 +16,13 @@ class Metasploit3 < Msf::Exploit::Remote
 	Rank = ExcellentRanking

 	include Msf::Exploit::Remote::HttpServer
-	include Msf::Exploit::Remote::BrowserAutopwn
-	autopwn_info({ :javascript => false })
+	# Internet explorer freaks out and shows the scary yellow info bar if this
+	# is in an iframe.  The exploit itself also creates a couple of scary popup
+	# windows about "downloading application" that I haven't been able to
+	# figure out how to prevent.  For both of these reasons, don't include it
+	# in Browser Autopwn.
+	#include Msf::Exploit::Remote::BrowserAutopwn
+	#autopwn_info({ :javascript => false })

 	def initialize( info = {} )

@ -29,6 +34,9 @@ class Metasploit3 < Msf::Exploit::Remote
 			a parameter into a javaws call within the BasicServiceImpl class
 			the default java sandbox policy file can be therefore overwritten.
 			The vulnerability affects version 6 prior to update 22.
+
+			NOTE: Exploiting this vulnerability causes several sinister-looking
+			popup windows saying that Java is "Downloading application."
 			},
 			'License'       => MSF_LICENSE,
 			'Author'        => [
@ -52,7 +60,7 @@ class Metasploit3 < Msf::Exploit::Remote
 							'Platform' => 'java',
 						}
 					],
-					[ 'Windows Universal',
+					[ 'Windows x86',
 						{
 							'Arch' => ARCH_X86,
 							'Platform' => 'win',