Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add VHOST support to full_uri #11485

Merged
merged 1 commit into from Feb 26, 2019

Conversation

Projects
None yet
3 participants
@wvu-r7
Copy link
Contributor

wvu-r7 commented Feb 25, 2019

msf5 exploit(unix/webapp/drupal_drupalgeddon2) > options

Module options (exploit/unix/webapp/drupal_drupalgeddon2):

   Name         Current Setting  Required  Description
   ----         ---------------  --------  -----------
   DUMP_OUTPUT  false            no        Dump payload command output
   PHP_FUNC     passthru         yes       PHP function to execute
   Proxies                       no        A proxy chain of format type:host:port[,type:host:port][...]
   RHOSTS       ::1              yes       The target address range or CIDR identifier
   RPORT        8443             yes       The target port (TCP)
   SSL          true             no        Negotiate SSL/TLS for outgoing connections
   TARGETURI    /drupal          yes       Path to Drupal install
   VHOST        localhost        no        HTTP server virtual host


Exploit target:

   Id  Name
   --  ----
   0   Automatic (PHP In-Memory)


msf5 exploit(unix/webapp/drupal_drupalgeddon2) > pry
[*] Starting Pry shell...
[*] You are in exploit/unix/webapp/drupal_drupalgeddon2

[1] pry(#<Msf::Modules::Exploit__Unix__Webapp__Drupal_drupalgeddon2::MetasploitModule>)> full_uri
=> "https://[::1]:8443/drupal"
[2] pry(#<Msf::Modules::Exploit__Unix__Webapp__Drupal_drupalgeddon2::MetasploitModule>)> full_uri(vhost_uri: true)
=> "https://localhost:8443/drupal"
[3] pry(#<Msf::Modules::Exploit__Unix__Webapp__Drupal_drupalgeddon2::MetasploitModule>)>

For #11481. Cf. #7905 (comment) and #9285.

@busterb
Copy link
Contributor

busterb left a comment

LGTM, doesn't change any existing users.

@wvu-r7 wvu-r7 merged commit d55fbdf into rapid7:master Feb 26, 2019

3 checks passed

Metasploit Automation - Sanity Test Execution Successfully completed all tests.
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

wvu-r7 added a commit that referenced this pull request Feb 26, 2019

msjenkins-r7 added a commit that referenced this pull request Feb 26, 2019

@wvu-r7 wvu-r7 self-assigned this Feb 26, 2019

@wvu-r7

This comment has been minimized.

Copy link
Contributor Author

wvu-r7 commented Feb 26, 2019

Release Notes

This adds the vhost_uri keyword argument to the full_uri method in the HttpClient library, providing developers with a means to display the VHOST instead of the RHOST in the output returned by full_uri.

@wvu-r7 wvu-r7 deleted the wvu-r7:feature/full_uri branch Feb 26, 2019

rotemreiss added a commit to rotemreiss/metasploit-framework that referenced this pull request Feb 26, 2019

Remove custom imp. in favor of library change
Remove custom full_uri implementation in favor of a library change in rapid7#11485 which adds vhost support in the full_uri method.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.