Land rapid7#11714, DUMP_OUTPUT fix for SA-CORE-2019-003

wvu · Apr 11, 2019 · 8fcc36b · 8fcc36b
2 parents 7b29e6e + 4dc2a86
commit 8fcc36b
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 3 deletions.
diff --git a/documentation/modules/exploit/unix/webapp/drupal_restws_unserialize.md b/documentation/modules/exploit/unix/webapp/drupal_restws_unserialize.md
@@ -45,6 +45,11 @@ to work.
 
 Set this to a node ID on the target when using the `GET` method.
 
+**DUMP_OUTPUT**
+
+Enable this if you'd like to see HTTP responses, including command
+output. Defaults to `false` unless `cmd/unix/generic` is your payload.
+
 ## Usage
 
 ```

diff --git a/modules/exploits/unix/webapp/drupal_restws_unserialize.rb b/modules/exploits/unix/webapp/drupal_restws_unserialize.rb
@@ -75,9 +75,10 @@ def initialize(info = {})
     ))
 
     register_options([
-      OptEnum.new('METHOD', [true, 'HTTP method to use', 'POST',
-                            ['GET', 'POST', 'PATCH', 'PUT']]),
-      OptInt.new('NODE',    [false, 'Node ID to target with GET method', 1])
+      OptEnum.new('METHOD',      [true, 'HTTP method to use', 'POST',
+                                 ['GET', 'POST', 'PATCH', 'PUT']]),
+      OptInt.new('NODE',         [false, 'Node ID to target with GET method', 1]),
+      OptBool.new('DUMP_OUTPUT', [false, 'Dump payload command output', false])
     ])
 
     register_advanced_options([