Refactored struts2 to overload get_exploit_config

This commit is contained in:
Vakaris 2018-08-22 14:33:00 +03:00
parent 9ef44ef71f
commit df4b1268d1
1 changed files with 5 additions and 3 deletions

View File

@ -25,8 +25,10 @@ class Struts2Exploiter(WebRCE):
def __init__(self, host):
super(Struts2Exploiter, self).__init__(host, None)
def exploit_host(self):
return self.default_exploit_host(dropper=True)
def get_exploit_config(self):
exploit_config = super(Struts2Exploiter, self).get_exploit_config()
exploit_config['dropper'] = True
return exploit_config
def build_potential_urls(self, ports, extensions=None):
"""
@ -47,7 +49,7 @@ class Struts2Exploiter(WebRCE):
protocol = "https"
else:
protocol = "http"
url = join(("%s://%s:%s" % (protocol, self.host.ip_addr, port[0])), extension)
url = join(("%s://%s:%s/" % (protocol, self.host.ip_addr, port[0])), extension)
redirected_url = self.get_redirected(url)
url_list.append(redirected_url)
if not url_list: