So I put this out on twitter but failed to document it for historical reasons/find it when I need it.
I was able to replace the PoC payload with the payload from Metasploit’s web delivery and it worked just fine.
Below we can see the replaced payload:
…and receiving the shell after running the command from the command line:
This is a Security Bloggers Network syndicated blog post authored by CG. Read the original post at: Carnal0wnage & Attack Research Blog