New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

remove invalid 'client' object reference in nodejs #9072

Merged
merged 1 commit into from Oct 11, 2017

Conversation

Projects
None yet
1 participant
@jmartin-r7
Contributor

jmartin-r7 commented Oct 11, 2017

fix #9063 by removing invalid object reference introduced in PR #8825

Verification

  • Set up a handler
    use exploit/multi/handler
    set payload nodejs/shell_bind_tcp
    set RHOST 127.0.0.1
    set LPORT 7777
    run
  • Use patched version with various versions of node:
    msfvenom -p nodejs/shell_bind_tcp LHOST=127.0.0.1 LPORT=7777 > node_payload.js
    node node_payload.js
  • Confirm both old (pre 5.3.0) and new versions of node result in shell, not error.
remove invalid 'client' object reference in nodejs
fix #9063 by removing invalid object reference introduced in PR #8825

@jmartin-r7 jmartin-r7 merged commit b76c1f3 into rapid7:master Oct 11, 2017

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

jmartin-r7 added a commit that referenced this pull request Oct 11, 2017

@jmartin-r7 jmartin-r7 deleted the jmartin-r7:bug/9063 branch Oct 11, 2017

@jmartin-r7

This comment has been minimized.

Show comment
Hide comment
@jmartin-r7

jmartin-r7 Oct 11, 2017

Contributor

Tests passed, used PR to document spec passing and be able to add a release note.

Contributor

jmartin-r7 commented Oct 11, 2017

Tests passed, used PR to document spec passing and be able to add a release note.

@jmartin-r7

This comment has been minimized.

Show comment
Hide comment
@jmartin-r7

jmartin-r7 Oct 11, 2017

Contributor

Release Notes

This fix restores functionality for the Node.js bind payload.

Contributor

jmartin-r7 commented Oct 11, 2017

Release Notes

This fix restores functionality for the Node.js bind payload.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment