infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix metadata

bug/bundler_fix
jvazquez-r7 2015-08-04 16:28:50 -05:00
parent d3902771b6
commit 0e3434ebad
No known key found for this signature in database
GPG Key ID: 38D99152B9352D83
1 changed files with 30 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
modules/auxiliary/gather/lansweeper_collector.rb
View File

@ -8,36 +8,35 @@ class Metasploit3 < Msf::Auxiliary
super(update_info(info,
'Name' => 'Lansweeper Collector',
'Description' => %q(
Lansweeper stores the credentials it uses to scan the computers
in its MSSQL database. The passwords are XTea-encrypted with a
68 character long key, which first 8 character is stored with the
password in the database, and the other 60 is static. Lansweeper by
default creates an MSSQL user "lansweeperuser" whose password is
"mysecretpassword0*", and stores its data in a database called
"lansweeperdb".
This module will query the MSSQL database for the credentials.
Lansweeper stores the credentials it uses to scan the computers in its MSSQL database.
The passwords are XTea-encrypted with a 68 character long key, which first 8 character
are stored with the password in the database, and the other 60 is static. Lansweeper by
default creates an MSSQL user "lansweeperuser" whose password is "mysecretpassword0*",
and stores its data in a database called "lansweeperdb". This module will query the MSSQL
database for the credentials.
),
'Author' => [
# Lansweeper RCE + Metasploit implementation
'sghctoma <tamas.szakaly [at] praudit [dot] hu>',
# Lansweeper RCE + discovering default credentials
'eq <balazs.bucsay [at] praudit [dot] hu>',
# Module for lansweeper (5.3.0.8)
'calderpwn <calderon [at] websec [dot] mx>'
'Author' =>
[
'sghctoma <tamas.szakaly[at]praudit.hu>', # Lansweeper RCE + Metasploit implementation
'eq <balazs.bucsay[at]praudit.hu>', # Lansweeper RCE + discovering default credentials
'calderpwn <calderon[at]websec.mx>' # Module for lansweeper (5.3.0.8)
],
'License' => MSF_LICENSE,
'References' => [
[ 'URL', 'http://www.lansweeper.com'],
[ 'URL', 'http://www.praudit.hu/prauditeng/index.php/blog/a-lansweeper-es-a-tea']
]
)
)
'DefaultOptions' =>
{
'USERNAME' => 'lansweeperuser',
'PASSWORD' => 'mysecretpassword0*'
},
'References' =>
[
['URL', 'http://www.lansweeper.com'],
['URL', 'http://www.praudit.hu/prauditeng/index.php/blog/a-lansweeper-es-a-tea']
]))
register_options([
OptString.new('USERNAME', [ true, 'The username to authenticate as', 'lansweeperuser' ]),
OptString.new('PASSWORD', [ false, 'The password for the specified username', 'mysecretpassword0*' ]),
OptString.new('DATABASE', [ true, 'The Lansweeper database', 'lansweeperdb'])
OptString.new('DATABASE', [true, 'The Lansweeper database', 'lansweeperdb'])
], self.class)
end
def uint32(n)