Fix rapid7#4246 - Access payload_exe information correctly

wchen-r7 · wchen-r7 · commit e3f7398acdac · 2014-12-05T02:08:13.000-06:00
This fixes an undef method 'payload_exe' error. We broke this when all modules started using Msf::Exploit::CmdStager as the only source to get a command stager payload. The problem with that is "payload_exe" is an accessor in CmdStagerTFTP, not in CmdStager, so when the module wants to access that, we trigger the undef method error. To be exact, this is the actual commit that broke it: 7ced592 Fix rapid7#4246
diff --git a/modules/exploits/windows/iis/ms01_026_dbldecode.rb b/modules/exploits/windows/iis/ms01_026_dbldecode.rb
@@ -196,12 +196,12 @@ def exploit
 
     # Save these file names for later deletion
     @exe_cmd_copy = exe_fname
-    @exe_payload = payload_exe
+    @exe_payload = stager_instance.payload_exe
 
     # Just for good measure, we'll make a quick, direct request for the payload
     # Using the "start" method doesn't seem to make iis very happy :(
     print_status("Triggering the payload via a direct request...")
-    mini_http_request({ 'uri' => '/scripts/' + payload_exe, 'method' => 'GET' }, 1)
+    mini_http_request({ 'uri' => '/scripts/' + stager_instance.payload_exe, 'method' => 'GET' }, 1)
 
     handler
 
