change version check and add sleep

2024-10-09 04:26:11 +02:00 · 2020-09-11 11:49:14 -05:00 · 2020-09-11 11:49:14 -05:00 · d86f9427c9
commit d86f9427c9
parent e5c9439974
2 changed files with 4 additions and 4 deletions
--- a/documentation/modules/exploit/linux/http/jenkins_cli_deserialization.md
+++ b/documentation/modules/exploit/linux/http/jenkins_cli_deserialization.md
@ -1,7 +1,7 @@
 ## Vulnerable Application

  An unauthenticated Java object deserialization vulnerability exists
-  in the CLI component for Jenkins versions `v2.56` and below.
+  in the CLI component for Jenkins versions below `v2.54`.

  The `readFrom` method within the `Command` class in the Jenkins
  CLI remoting component deserializes objects received from clients without
--- a/modules/exploits/linux/http/jenkins_cli_deserialization.rb
+++ b/modules/exploits/linux/http/jenkins_cli_deserialization.rb
@ -85,7 +85,7 @@ class MetasploitModule < Msf::Exploit::Remote
    return Exploit::CheckCode::Safe('Version of Jenkins cannot be found.') unless version

    vers_no = Gem::Version.new(version)
-    return Exploit::CheckCode::Appears("Jenkins version #{version} detected") if vers_no <= Gem::Version.new('2.56')
+    return Exploit::CheckCode::Appears("Jenkins version #{version} detected") if vers_no < Gem::Version.new('2.54')

    Exploit::CheckCode::Detected
  end
@ -120,7 +120,6 @@ class MetasploitModule < Msf::Exploit::Remote
    ) # don't wait for response, and don't disconnect

    cmd = build_obj(cmd)
-
    send_request_cgi(
      {
        'uri' => sess_uri,
@ -131,8 +130,9 @@ class MetasploitModule < Msf::Exploit::Remote
          'Side' => 'upload',
          'Session' => sess_uuid
        }
-      }, nil
+      }
    )
+    sleep(2)
  end

  def build_obj(obj_data)