From 7a3770f87b8538afa6213e05db0572722750d429 Mon Sep 17 00:00:00 2001 From: James Lee Date: Mon, 22 Nov 2010 20:44:16 +0000 Subject: [PATCH] don't use java_basicservice_impl in browser autopwn because it doesn't work in an iframe against IE and causes popups in other browsers git-svn-id: file:///home/svn/framework3/trunk@11101 4d416f70-5f16-0410-b530-b9f4589650da --- .../windows/browser/java_basicservice_impl.rb | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/modules/exploits/windows/browser/java_basicservice_impl.rb b/modules/exploits/windows/browser/java_basicservice_impl.rb index 5327da2238..6f511796a4 100644 --- a/modules/exploits/windows/browser/java_basicservice_impl.rb +++ b/modules/exploits/windows/browser/java_basicservice_impl.rb @@ -16,8 +16,13 @@ class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpServer - include Msf::Exploit::Remote::BrowserAutopwn - autopwn_info({ :javascript => false }) + # Internet explorer freaks out and shows the scary yellow info bar if this + # is in an iframe. The exploit itself also creates a couple of scary popup + # windows about "downloading application" that I haven't been able to + # figure out how to prevent. For both of these reasons, don't include it + # in Browser Autopwn. + #include Msf::Exploit::Remote::BrowserAutopwn + #autopwn_info({ :javascript => false }) def initialize( info = {} ) @@ -29,6 +34,9 @@ class Metasploit3 < Msf::Exploit::Remote a parameter into a javaws call within the BasicServiceImpl class the default java sandbox policy file can be therefore overwritten. The vulnerability affects version 6 prior to update 22. + + NOTE: Exploiting this vulnerability causes several sinister-looking + popup windows saying that Java is "Downloading application." }, 'License' => MSF_LICENSE, 'Author' => [ @@ -52,7 +60,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Platform' => 'java', } ], - [ 'Windows Universal', + [ 'Windows x86', { 'Arch' => ARCH_X86, 'Platform' => 'win',