This module exploits an unauthenticated log file upload within the log_upload_wsgi.py file of VMWare View Planner 4.6 prior to 4.6 Security Patch 1. Successful exploitation will result in RCE as the apache user inside the appacheServer Docker container.
Python
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use exploit/linux/http/vmware_view_planner_4_6_uploadlog_rce
msf exploit(vmware_view_planner_4_6_uploadlog_rce) > show targets
...targets...
msf exploit(vmware_view_planner_4_6_uploadlog_rce) > set TARGET < target-id >
msf exploit(vmware_view_planner_4_6_uploadlog_rce) > show options
...show and set options...
msf exploit(vmware_view_planner_4_6_uploadlog_rce) > exploit
Time is precious, so I don’t want to do something manually that I can automate. Leveraging the Metasploit Framework when automating any task keeps us from having to re-create the wheel as we can use the existing libraries and focus our efforts where it matters.
– Jim O’Gorman | President, Offensive Security