CoCalc -- module.rb

GitHub Repository: beefproject/beef
Path: blob/master/modules/exploits/jboss_jmx_upload_exploit/module.rb
¹¹⁵⁴ views

1
#
2
# Copyright (c) 2006-2025 Wade Alcorn - [email protected]
3
# Browser Exploitation Framework (BeEF) - https://beefproject.com
4
# See the file 'doc/COPYING' for copying permission
5
#
6
class Jboss_jmx_upload_exploit < BeEF::Core::Command
7
  def self.options
8
    [
9
      { 'name' => 'rhost', 'ui_label' => 'Remote Target Host', 'value' => '127.0.0.1' },
10
      { 'name' => 'rport', 'ui_label' => 'Remote Target Port', 'value' => '8080' },
11
      { 'name' => 'lhost', 'ui_label' => 'MSF Listener Host', 'value' => '127.0.0.1' },
12
      { 'name' => 'lport', 'ui_label' => 'MSF Listener Port (or bind)', 'value' => '6666' },
13
      { 'name' => 'injectedCommand', 'ui_label' => 'Command to execute', 'value' => 'cmd.exe' },
14
      { 'name' => 'jspName', 'ui_label' => 'Malicious JSP name', 'value' => rand(32**20).to_s(32) },
15
      { 'name' => 'payload', 'type' => 'combobox', 'ui_label' => 'Payload', 'store_type' => 'arraystore',
16
        'store_fields' => ['payload'], 'store_data' => [['reverse'], ['bind']],
17
        'valueField' => 'payload', 'displayField' => 'payload', 'mode' => 'local', 'autoWidth' => true }
18
    ]
19
  end
20

21
  def post_execute
22
    save({ 'result' => @datastore['result'] })
23
  end
24
end
25

26

Product

Resources

Company